urlscan.io logo urlscan.io
SecurityTrails logo

mineleaks.eu Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://mineleaks.eu/
Submission: On January 25 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 8 countries across 31 domains to perform 214 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mineleaks.eu.
This is the only time mineleaks.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 146.75.120.193 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 18 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 172.217.18.2 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
5 18 142.250.185.226 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 185.89.210.82 29990 (ASN-APPNEX)
1 142.250.184.230 15169 (GOOGLE)
3 144.76.91.199 24940 (HETZNER-AS)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 104.75.89.75 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 4 138.201.63.165 24940 (HETZNER-AS)
1 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 3.74.101.164 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 37.157.3.26 198622 (ADFORM)
2 2 51.89.9.254 16276 (OVH)
2 142.250.185.66 15169 (GOOGLE)
2 4 54.171.206.191 16509 (AMAZON-02)
1 92.123.148.9 16625 (AKAMAI-AS)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.167 1299 (TWELVE99 ...)
2 2600:9000:225... 16509 (AMAZON-02)
214 32
35    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
mineleaks.eu
8    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
36    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdx.solo.to
2    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
6    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
36    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mts0.google.com
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
18    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
3    144.76.91.199 (Bad Bellingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
9    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal90005.redintelligence.net
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    3.74.101.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-101-164.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
4    54.171.206.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-206-191.eu-west-1.compute.amazonaws.com
ti.tradetracker.net
1    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2a05:d018:d29:3601:7d46:bd77:a0a1:96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    2600:9000:2251:1a00:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.tradetracker.net
Apex Domain
Subdomains		 Transfer
72 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
712 KB
39 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
270 KB
35 mineleaks.eu
mineleaks.eu
1 MB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
190 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
344 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
7 KB
7 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38309
hal90005.redintelligence.net — Cisco Umbrella Rank: 252814
38 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
455 KB
6 tradetracker.net
ti.tradetracker.net — Cisco Umbrella Rank: 113022
static.tradetracker.net — Cisco Umbrella Rank: 120399
101 KB
5 google.com
mts0.google.com — Cisco Umbrella Rank: 4031
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
3 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5298
652 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
775 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
207 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
326 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
400 B
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7298
26 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
714 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
587 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
711 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
704 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5893
557 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 776
738 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
251 B
1 solo.to
cdx.solo.to
890 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
75 KB
214 31
Domain Requested by
36 tpc.googlesyndication.com googleads.g.doubleclick.net
mineleaks.eu
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
36 pagead2.googlesyndication.com mineleaks.eu
pagead2.googlesyndication.com
www.gstatic.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
35 mineleaks.eu mineleaks.eu
18 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
18 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 www.gstatic.com googleads.g.doubleclick.net
9 s0.2mdn.net mineleaks.eu
s0.2mdn.net
8 fonts.googleapis.com mineleaks.eu
googleads.g.doubleclick.net
hal90005.redintelligence.net
7 www.googletagservices.com googleads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
4 ti.tradetracker.net 2 redirects mineleaks.eu
hal90005.redintelligence.net
4 hal90005.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90005.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 www.googleadservices.com mineleaks.eu
3 c1.adform.net 3 redirects
3 hal9000.redintelligence.net googleads.g.doubleclick.net
hal90005.redintelligence.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 static.tradetracker.net googleads.g.doubleclick.net
hal90005.redintelligence.net
2 d5p.de17a.com 2 redirects
2 googleads4.g.doubleclick.net mineleaks.eu
2 onetag-sys.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 i.imgur.com mineleaks.eu
1 pr-bh.ybp.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 um.simpli.fi 1 redirects
1 www.awin1.com googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 d.agkn.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ad.doubleclick.net googleads.g.doubleclick.net
1 mts0.google.com googleads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 cdx.solo.to mineleaks.eu
1 www.googletagmanager.com mineleaks.eu
214 40

This site contains links to these domains. Also see Links.

Domain
solo.to
lagmedia.be
www.dohtheme.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
cdx.solo.to
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
redintelligence.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.tradetracker.net
Amazon RSA 2048 M02		 2023-09-19 -
2024-10-16		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-10		 a year crt.sh

This page contains 30 frames:

Primary Page: http://mineleaks.eu/
Frame ID: 2CB1E519BD9AD095A2A0D7F4B933388A
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 4C214ABA5FE404BC6F12BF457376BA5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&adk=85976724&adf=3412083302&lmt=1706149199&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x540_l%7C140x540_r&format=0x0&url=http%3A%2F%2Fmineleaks.eu%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1706149201241&bpp=12&bdt=855&idt=200&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6310713474586&frm=20&pv=2&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: 7F235EF3334B945B6524C532940F301F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Frame ID: D65E8E47CCD56A371F8773E135AFB011
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: DC39F1F1E7EE766DA98A4AD908ECB70D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=3973231943&adf=938944237&pi=t.aa~a.4083217474~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=960x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600&nras=4&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=1799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Frame ID: D1E0144AC5AB521B3305A34F4B23E331
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Frame ID: F6743F18FCA86ACD5538C3BCBA98E991
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 99CBF2A1039DD5BFD785F2894EB2658C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C362BB5D7B8FB473CD170196C12F294C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8BFFA2B90DCF67DCF299263405FD34DF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D61CD52E49B3C1BA867FEB0C7A3FA088
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 457FDCE54C03EA9F9166979E7A1476CA
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 519C963F20189191AD2B04BA9685A0DC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97730BD4ED676E3FD3EA5C9D0CE9F0A4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUXKMlTFLw1tqr-lTY7UnpcnEd_imfFDTsYlB2suXmLzMUL7viDl29dcNvICv_h3ambjCvnAT-8UrYOCPg5UrEKzarrw6fs-muXEGkJtbmkktDdT9aXsXcyV9eKx66gIcYUD-yUfNqgloNhGRipANo5LO5dtfpEM_-tR4HVHuE8uDZ0F6U
Frame ID: 14BA9FA547117A7D89E55564D5A7CFE5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9BFAD52A8D3554C039CC6F8A273DDF79
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 619B059D7BD4F48D0F8A9C81E010F260
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 3597E49C477EA81AD11FDE7BE9D2EC3C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 42D4758FF03AE679E7E78DA3EF454240
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYz62yggIwAQ&v=APEucNUu3hQRWkbItYWq7kCHJWircEoagVMRY9hHActm9wqMqbJ5SXQlsC6XDxhm4uYLJERZnczjs2rggpK1O9ivFaROKfKzxQX_VH9BbT2N4Q00p0uDxIDsJjT1BUbvDA69-TcjG4U_bhMbt295frHiYy3s3Jk_0sviwhfZK85dLlOKdXKtxN4
Frame ID: FAA5C49D3AAB2EAFC0F9598F8907CC78
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 3294AB1418802A7D039F32908877E2A2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 569E19732F27C6B8E68075705CD68485
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44D57B8C67CCA792E93D6FED84180FB6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8F477FD42A56E16EB914DF4195D27D5F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
Frame ID: B9FC8C6028F177E393C7B293172DDB49
Requests: 10 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Frame ID: AD5DE074B5457A75FFC12A2A3CCD3679
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 97BDB429BA3D763017D0572572D84697
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 1B0A4900669AE9F35CA3F57351C3CA3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67F5B10AE039CAD1A493E0E525AEC8A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 680D8EF33BC54010A904938AA8CDFC5E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MineLeaks

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

214
Requests

73 %
HTTPS

49 %
IPv6

31
Domains

40
Subdomains

32
IPs

8
Countries

3342 kB
Transfer

7629 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CzxRxUcWxZbKbHq3g1PIPv9WQyAzKqsnwdJ3z17T5EejmrNjaDhABIKCS-J0BYJGEoIWMGKAB1rumxAPIAQmpApkrUezPQ7I-qAMByAPLBKoEygFP0Lov1bTby09TuStotNkpUMxQhaa7W5sufC03rScVGNjnzWZmOoHcU1JdNBlTrb2ra_qg1rQfMTs9ssqC3ngwbWwn_Np4sjMvJQDZ5IL1DtvyWJ89MRYVkHsx2wi4T1w4YMJWFBeRR0dSd1wq2p3LY15FfeTFypbT8ySzacvWK81wdkQzXQjVghq-t3otJmVZ0ymE4dJeKIvlqdN2rtkhnQ1cIiDHA0yX9fYIbTds_r0-fe2HztSteMk3D_RTtfAmXxsZAXBe5B6awASQz_6q2wSIBYurrJ9NkgUECAQYAZIFBAgFGASgBi6AB5LE2TuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDFqgfSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLHo2oi994MDmgkmaHR0cHM6Ly93d3cuc2hvcC1nb3Vkd2lzc2Vsa2FudG9vci5ubC-ACgHICwGYDPn888y_BKIMCCoGCgSsurECuBODBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi04NTM1MzMwMzczNjM1NzI5GAA&sigh=uW7-CdKToI4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_SqDAxcMetne1X4bOJ9h_MIk7JOpoJk_ftkx8rrd280dMs1yzJA2POtRoJpXYPd0UTPqwf_PbIrPvMe9bS7cZheD_5g7ym3rdDRgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222349735836814329319%22,%22debug_reporting%22:true,%22destination%22:%22https://shop-goudwisselkantoor.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22948542934%22],%2222%22:[%22true%22],%224%22:[%2201-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22836834136729519585%22}&andc=true
Request Chain 116
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 128
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIk7kUcWxZfCQHuaAkdUP1MaYoAnA-piKdaL__surEq4CEAEgoJL4nQFgkYSghYwYoAGe-vTOA8gBCakCXnw5i8JAsj6oAwHIA8sEqgTHAU_Q3eFqkni0kxRTgM7Cado6LJzqFS_l2mAHhS29bY_aUc6LbS1kYcam8-NkVPNryB8RvEzJy-5XAcuEeTeZpL77Sh_-e05ze2aMTRnu365ZTH2tfIrNKeDrToYSNROF6v0WQLV4_HX0aEHZ4LoMK-7yWct8lHM59u4FUdOIxRQGsKpZl3DNBsoKm8bw36isJQ633M8LJ4L48wHyP_ih4QGnXFgzC-1LhSe5H5atfwDX0Mlcy3v2NEmIZUkDsXMdeV2E-JWEPW7ABOvjkpbVBIgFibut8U2gBi6AB8qFizGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCWhRLSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLy42oi994MDmgk0aHR0cHM6Ly93d3cuaW5ob2xsYW5kLm5sL29wbGVpZGluZ2VuL2NoZW1pZS12b2x0aWpkL4AKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04NTM1MzMwMzczNjM1NzI5GAA&sigh=vOWr5VA6HsE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_iGlNzBuhcZzCqu7KG9a1vkf8fqDWiQNYUd1uS7ZfjoswFU74BoCITbUo-ktYwuaPo6DGvFRuWFtH2wxfnHWPhXgPXkyGgAb7ZhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224853940984176678496%22,%22debug_reporting%22:true,%22destination%22:%22https://inholland.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970800414%22],%2222%22:[%22true%22],%224%22:[%2201-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222573551759155830225%22}&andc=true
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
Request Chain 142
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbHFUu-rloAMMyuTyZyZawAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHvzahqvaYmhak2PBYKbKuY&google_cver=1
Request Chain 144
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1NjcwNTg2NzE1NDE5MDY2MA%3D%3D
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDDD-LM_zR1T2Qea53PkI&google_cver=1
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGda3CCOPV8NcMZBSRRrMew&google_cver=1
Request Chain 163
  • https://hal90005.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=220b8ce8b8&subid=&uid=edc4551ce7cdc4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVuEFUsWxZaiKBP2vnsEPrIC8uAbM-Yagafu5x__3D_AuEAEgoJL4nQFgkYSghYwYyAEJqQLMUqbDsUqyPqgDAcgDm4SAgASqBOwBT9Bv_o8AEMi9F7zSbdWaSgZJ2BnCVyUY_2T2j2qDSkgSPW42FKq79heoiJrfhFp74890SzEYP6Fgh-HOU-hOGeQc1RNIbjRvqknhWnDQlsNuq4K5pbAkPfTe-9CVfnAMWoTzU-E0IHur5ktg8W2SQh1uQTJSwHcsVAG4FryaF_sHp4R9P09weeZcIngsSNE4IGVGbWb_Ja2t48Q1MVC9EZgUuhyJKHqG5Ot-VMv8KuCGVLfF4YD3TgSiduZLSVz397xlenKQQlblrtuFuJrd4UDGO8tY2dZm5527qgbJe2WGbfyJcTQxxsmB4vHABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjsD9iL33gwOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE%26sig%3DAOD64_0dT9gKRU7OKPeeNVyieO8SZj6rlA%26client%3Dca-pub-8535330373635729%26dbm_c%3DAKAmf-CpnvSPa0Z1rfRk7wRJKspsmqXS-8X1bZayw4kLw_04kKVsrIdCE0ZOMuFXIsVxPB_Z_MMxt_BUOu-Xw4TEJBvzu_MD3a1WfAEIwjuTDOj0gzOOaIqsNu4_A41kX-QQNXx8LTKBcjRAhcmXeqFSzu4ZtZuR1oDgYE_JA4540ARThNa_UNRpka6w9EIY_gJPtFE3D0z3M6LQS7HzXhaPUHqC9fwi49yUy_nlyIHOXXulsPBxUHQ%26cry%3D1%26dbm_d%3DAKAmf-B7hOYN_JhcjnXsfz0AhyK0Ut2eHDWA7Nkf64fARCKtPUHlC2b8QMvN6SV13uiLJjzNC5EcfOm6C5oGjjnqZBp-JCeljGt9OzGJpERDeE0sPju9hCb8ZX8ZPKs9rWrZJCGHYFz4ZN7hfaEg5MYnzpfkFneMUPG3TRvWwJZJO-yTglUIhf6EKNyn63-dsfWJQV1AySzBzYPms2rHxoPyVazzO6ZGWCmoOkGA1gnKszRhp9naIY9Gl8EJbJV0tiyEYE0eXVdZQK13LUYC-Qm3G_b0O8EeBgWXSV3l5qN0tddrWwUHnBwb1mJ3o5BiQlUV3MemqRKRZC7KdUWZ992ZADAHg_oOKmVE-r1QHh1J3ZYc334uoGt2eJTA66hIh76FVxqM5U3W1edPz6dK2x7O4UWMsCg18CW6veA97VoolP8OxJZJTJO7cYfMwDG1tJAZd9Z6egbwH3cNJAnw-i2nC8jDWIh5NKZyC_gZ0Y-zEjV-fMdNK7szmhWjL6B0EJU-BSyuEeyT7-pyrVt3uDUAmSkMaZYYE6fojQc5udg9aV4JYnbLNTN7jm3cI4Up1eSVQ_gZSOgX69n8C1iDWCtoUFFGuMp6a6Wovp4GbGsJZZS7Dv49woQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8535330373635729%26output%3Dhtml%26h%3D90%26adk%3D793707805%26adf%3D215438296%26pi%3Dt.aa~a.3833140187~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706149199%26rafmt%3D1%26to%3Dqs%26pwprc%3D9288327111%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fmineleaks.eu%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1706149202030%26bpp%3D1%26bdt%3D1644%26idt%3D0%26shv%3Dr20240122%26mjsv%3Dm202401180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D35d066ef7b006dde%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g%26gpic%3DUID%253D00000d4962fa5d0c%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C960x280%26nras%3D5%26correlator%3D6310713474586%26frm%3D20%26pv%3D1%26ga_vid%3D1422090559.1706149201%26ga_sid%3D1706149201%26ga_hid%3D1711385791%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D4071%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31080590%252C44785293%252C95322184%252C95320868%252C95320888%252C95321627%252C95322163%26oid%3D2%26psts%3DAOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ%26pvsid%3D425656167849035%26tmod%3D1530807125%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D7&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fmineleaks.eu&random=2409902719834&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90005.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=220b8ce8b8&subid=&uid=edc4551ce7cdc4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVuEFUsWxZaiKBP2vnsEPrIC8uAbM-Yagafu5x__3D_AuEAEgoJL4nQFgkYSghYwYyAEJqQLMUqbDsUqyPqgDAcgDm4SAgASqBOwBT9Bv_o8AEMi9F7zSbdWaSgZJ2BnCVyUY_2T2j2qDSkgSPW42FKq79heoiJrfhFp74890SzEYP6Fgh-HOU-hOGeQc1RNIbjRvqknhWnDQlsNuq4K5pbAkPfTe-9CVfnAMWoTzU-E0IHur5ktg8W2SQh1uQTJSwHcsVAG4FryaF_sHp4R9P09weeZcIngsSNE4IGVGbWb_Ja2t48Q1MVC9EZgUuhyJKHqG5Ot-VMv8KuCGVLfF4YD3TgSiduZLSVz397xlenKQQlblrtuFuJrd4UDGO8tY2dZm5527qgbJe2WGbfyJcTQxxsmB4vHABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjsD9iL33gwOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE%26sig%3DAOD64_0dT9gKRU7OKPeeNVyieO8SZj6rlA%26client%3Dca-pub-8535330373635729%26dbm_c%3DAKAmf-CpnvSPa0Z1rfRk7wRJKspsmqXS-8X1bZayw4kLw_04kKVsrIdCE0ZOMuFXIsVxPB_Z_MMxt_BUOu-Xw4TEJBvzu_MD3a1WfAEIwjuTDOj0gzOOaIqsNu4_A41kX-QQNXx8LTKBcjRAhcmXeqFSzu4ZtZuR1oDgYE_JA4540ARThNa_UNRpka6w9EIY_gJPtFE3D0z3M6LQS7HzXhaPUHqC9fwi49yUy_nlyIHOXXulsPBxUHQ%26cry%3D1%26dbm_d%3DAKAmf-B7hOYN_JhcjnXsfz0AhyK0Ut2eHDWA7Nkf64fARCKtPUHlC2b8QMvN6SV13uiLJjzNC5EcfOm6C5oGjjnqZBp-JCeljGt9OzGJpERDeE0sPju9hCb8ZX8ZPKs9rWrZJCGHYFz4ZN7hfaEg5MYnzpfkFneMUPG3TRvWwJZJO-yTglUIhf6EKNyn63-dsfWJQV1AySzBzYPms2rHxoPyVazzO6ZGWCmoOkGA1gnKszRhp9naIY9Gl8EJbJV0tiyEYE0eXVdZQK13LUYC-Qm3G_b0O8EeBgWXSV3l5qN0tddrWwUHnBwb1mJ3o5BiQlUV3MemqRKRZC7KdUWZ992ZADAHg_oOKmVE-r1QHh1J3ZYc334uoGt2eJTA66hIh76FVxqM5U3W1edPz6dK2x7O4UWMsCg18CW6veA97VoolP8OxJZJTJO7cYfMwDG1tJAZd9Z6egbwH3cNJAnw-i2nC8jDWIh5NKZyC_gZ0Y-zEjV-fMdNK7szmhWjL6B0EJU-BSyuEeyT7-pyrVt3uDUAmSkMaZYYE6fojQc5udg9aV4JYnbLNTN7jm3cI4Up1eSVQ_gZSOgX69n8C1iDWCtoUFFGuMp6a6Wovp4GbGsJZZS7Dv49woQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8535330373635729%26output%3Dhtml%26h%3D90%26adk%3D793707805%26adf%3D215438296%26pi%3Dt.aa~a.3833140187~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706149199%26rafmt%3D1%26to%3Dqs%26pwprc%3D9288327111%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fmineleaks.eu%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1706149202030%26bpp%3D1%26bdt%3D1644%26idt%3D0%26shv%3Dr20240122%26mjsv%3Dm202401180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D35d066ef7b006dde%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g%26gpic%3DUID%253D00000d4962fa5d0c%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C960x280%26nras%3D5%26correlator%3D6310713474586%26frm%3D20%26pv%3D1%26ga_vid%3D1422090559.1706149201%26ga_sid%3D1706149201%26ga_hid%3D1711385791%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D4071%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31080590%252C44785293%252C95322184%252C95320868%252C95320888%252C95321627%252C95322163%26oid%3D2%26psts%3DAOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ%26pvsid%3D425656167849035%26tmod%3D1530807125%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D7&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fmineleaks.eu&random=2409902719834&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 166
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF7ioI54On7niKpS2XjWCr0&google_cver=1&google_push=AXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7ioI54On7niKpS2XjWCr0&google_cver=1&google_push=AXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 167
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEM1GrngcFHmbNuPwoUAU3E&google_cver=1&google_push=AXcoOmQnEHDklUVmzfNRQNMOwOwIzDVRfQ-TLcACzEiFzyD6ADS1GW_3hls8pud5aDQRRYCmpvJHKtHmyWacgGCq1tzvwuJ4CM17lY0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQnEHDklUVmzfNRQNMOwOwIzDVRfQ-TLcACzEiFzyD6ADS1GW_3hls8pud5aDQRRYCmpvJHKtHmyWacgGCq1tzvwuJ4CM17lY0&google_hm=Q0FFU0VFTTFHcm5nY0ZIbWJOdVB3b1VBVTNF
Request Chain 168
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMYdHS2AUBIP5HN3qD0dF3g&google_cver=1&google_push=AXcoOmSBi4lX-YJ7SeDboN3jZlEGHsGiLYKHLAYIECZKpfRfZiaYMDaEPQPLhswukgHVRjzetvcDLCh6vJqd3pZP4di28mdTQwSxBRk HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=794HVfLeSbA7_p9-RE8kHQ&google_push=AXcoOmSBi4lX-YJ7SeDboN3jZlEGHsGiLYKHLAYIECZKpfRfZiaYMDaEPQPLhswukgHVRjzetvcDLCh6vJqd3pZP4di28mdTQwSxBRk
Request Chain 169
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENS5fpnIwcIrFeVGjD39hLY&google_cver=1&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz73PFBTb5Dk6DzIdhy3TEvCcJ94g HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENS5fpnIwcIrFeVGjD39hLY&google_cver=1&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz73PFBTb5Dk6DzIdhy3TEvCcJ94g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz73PFBTb5Dk6DzIdhy3TEvCcJ94g
Request Chain 170
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH7jEYPZyCnUMSMERSxuSWE&google_cver=1&google_push=AXcoOmRTzygNJSkcDlx3NRpQLz5Pi-riPajX8R1ErbgHd5_oSmT1MxyLEf7x2qfQMjSEZU4t8PS-ZcOLADVdb10DgznH82q2TGyWTpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRTzygNJSkcDlx3NRpQLz5Pi-riPajX8R1ErbgHd5_oSmT1MxyLEf7x2qfQMjSEZU4t8PS-ZcOLADVdb10DgznH82q2TGyWTpw
Request Chain 193
  • https://um.simpli.fi/gp_match?google_gid=CAESEE3-qkdPhrtkw17G8AFupZY&google_cver=1&google_push=AXcoOmRVJApDOaWn0I-1jtq1YSA9DCI-VKRZV0gMWagrMcCROXliJUSGc2vOncd5VpFMKscX9dbo_aSALfJDHsHXXLOv7I874uCI4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF8BE300489F427F8AF1A22510F91271&google_push=AXcoOmRVJApDOaWn0I-1jtq1YSA9DCI-VKRZV0gMWagrMcCROXliJUSGc2vOncd5VpFMKscX9dbo_aSALfJDHsHXXLOv7I874uCI4A
Request Chain 194
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJg8oBsRE_PdnLWA8BgwbVs&google_cver=1&google_push=AXcoOmTVDLEjnxZ-sd5SgwRb8JxwZlc1ZhdpwwaaYToJ3OVifzaW56XH7NYONSEiuskIxyAIlInmQZZxcm6BcKLmaIZwz8-f-BttXoI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNzg1NTAyODk4NDczOTk4MA%3D%3D&google_push=AXcoOmTVDLEjnxZ-sd5SgwRb8JxwZlc1ZhdpwwaaYToJ3OVifzaW56XH7NYONSEiuskIxyAIlInmQZZxcm6BcKLmaIZwz8-f-BttXoI
Request Chain 195
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK9gtqeUg4dXM2GJ15PoIQ4&google_cver=1&google_push=AXcoOmQMCISYBp3kp_0aO7QbCrav7Mmr-oLFDF12zH6KWWdfT8jETC60k92GX65sypOqivGySj6BehN-aGR_Xk2U00CeWZEcEv5h3A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMCISYBp3kp_0aO7QbCrav7Mmr-oLFDF12zH6KWWdfT8jETC60k92GX65sypOqivGySj6BehN-aGR_Xk2U00CeWZEcEv5h3A&google_hm=eS16dkg3WjIxRTJwRmNMaUFvaWU1Nk05ZVpsY18yQzZEen5B
Request Chain 196
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKVvtspuARLyNaUn15zllGc&google_cver=1&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhFk_nacpXtoU HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKVvtspuARLyNaUn15zllGc&google_cver=1&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhFk_nacpXtoU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhFk_nacpXtoU
Request Chain 197
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEILHQKgQKG9hqQA9fNPPblw&google_cver=1&google_push=AXcoOmS3rj7MKqVVnyILOgjHvsoyrxmn79R1jvfdJDxVYrtonvlDZrvVJuUIhEEO1WaLtzN2tg6s5Vi0VbyHg5AFUGaixNbaAC8vKpE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmS3rj7MKqVVnyILOgjHvsoyrxmn79R1jvfdJDxVYrtonvlDZrvVJuUIhEEO1WaLtzN2tg6s5Vi0VbyHg5AFUGaixNbaAC8vKpE
Request Chain 198
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKSEl-CbYnUXqGW_rtcRyaI&google_cver=1&google_push=AXcoOmT93W65BkKfUwNFw8rNsl82VTeJhgxMXPoPBNs8nPncCdxXnZaUVN4SLYBE0MMhgGx2ivSUid19qDbtiw0-UEylaq1F_D2Zy3M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT93W65BkKfUwNFw8rNsl82VTeJhgxMXPoPBNs8nPncCdxXnZaUVN4SLYBE0MMhgGx2ivSUid19qDbtiw0-UEylaq1F_D2Zy3M
Request Chain 209
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=75911500005298904444450012580005&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Request Chain 210
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=75911500005298904444450012580005&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

214 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mineleaks.eu/ 		83 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33bca4ef6848d546268a0812c349988ce46275864137ebc1b2de3e14567a671b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84ad08d1bd88660c-AMS
Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Jan 2024 02:20:00 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified
Thu, 25 Jan 2024 02:19:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsaCcn4iZtWMfc%2BDimgAcBp%2BoTMcOCcQBwwiuUSTKgywVzf5uvAHBp9Z%2FOEGUedBNZK63ya78X0VEWEuhHTF2qkqV6%2F1vsiGPwOyXOgTcvwZOWv6Jp4EE5TrnZWgynb97QJReIQRZ1jIINo%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
alt-svc
h3=":443"; ma=86400
fa-regular-400.woff2
mineleaks.eu/styles/fonts/fa/ 		165 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer
http://mineleaks.eu/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:00 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 16 May 2023 17:59:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"29340-5fbd354be9280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
font/woff2
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1sT7UR1DbY1c%2BJUQvQ%2F0FU8iMRt0ByjRp3BxbH48Bc7%2FUaG1YSCN5CklHVjo4KrIVbUow7TcPWW7LP9%2B%2FjumDrb%2Bj4NjpVZNYgpxpr0PjuHzt5mIvKc%2B2rjBM9Y%2FSTTuJihnzu1G5T9IvM%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ad08d69bb566f9-AMS
alt-svc
h3=":443"; ma=86400
fa-solid-900.woff2
mineleaks.eu/styles/fonts/fa/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer
http://mineleaks.eu/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:00 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 16 May 2023 17:59:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"21678-5fbd354be9280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
font/woff2
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqBZKgOO8H%2B69q8G9T6%2FL%2FVFA76uHM1KVc480ZxyipYcTjDAJxX9d%2BUtdkdIPAweIusuLj%2FmrItvZpm0PWH5jl%2Bq%2BuqUE2rc2LF4T741F6t8QhTaacFSkXXwvD3EZzypJ3%2BOkME%2BxejDoVA%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ad08d69da00e24-AMS
alt-svc
h3=":443"; ma=86400
fa-brands-400.woff2
mineleaks.eu/styles/fonts/fa/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer
http://mineleaks.eu/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:00 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 16 May 2023 17:59:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"12bc4-5fbd354be9280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
font/woff2
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPIvbscp3gST6gv9J6HgLfk%2B50Y9TIx9dIZB66jn50eTt2Mz49XuZZLecmffasU%2BGPv1LjaLwPD14txVCwrPmNxscPpBF3%2FJG%2BAIiK95fn1VnBg6xzkPoP6H%2F9UmWRnO1T8bKNsteTyjiPk%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ad08d6998006bc-AMS
alt-svc
h3=":443"; ma=86400
css.php
mineleaks.eu/ 		429 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1704063912&k=034405c740f279c15adbbc41dfccb627ca90db04
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb905b2d89f4bd0e8664a9d6d335984868d2db4f494b6bed7b8d863bd11e0d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:00 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
91591
Last-Modified
Sun, 31 Dec 2023 23:05:12 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwfkEoZ%2BTRAY65WB4FgnGJqNDDEnU4B4z0iDlJZYIwVBS7zbUEN9tY7rV3sWT%2Fn%2FHIfMFZFJMOHVzGlsXkfSgwVLsq8h7rGURP5gG9OSnkBda2oAXFdsJIu9d9KadRSyEFV2OaDJbc5cxx8%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=31536000
CF-RAY
84ad08d69f570c3b-AMS
Expires
Fri, 24 Jan 2025 02:20:00 GMT
css2
fonts.googleapis.com/ 		4 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:47:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:00 GMT
css.php
mineleaks.eu/ 		28 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/css.php?css=public%3Abb_code.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Asiropu_shoutbox.less%2Cpublic%3Aextra.less&s=31&l=1&d=1704063912&k=ce4e2c46aa55dd01d2921f0c8c131ec60a376ea5
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96dd7f81552ffa9ce562acaa707cf5625e26e33ab87c828d724883d140ca46d3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:00 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
7261
Last-Modified
Sun, 31 Dec 2023 23:05:12 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve3T8PB0FkJI5xVhU%2Bfg2346oGsicpzDlS4i4rlcEykPoAlr%2FVfMBcYZ%2BQydTyHIjAQEA8Knidf1BzdKLWLJWiUpnNgGIaQhPcUejP75AcTnSega6QaiP%2Bg2pTDu4bAWWFrS027zDXvIdow%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=31536000
CF-RAY
84ad08d69d83b7f8-AMS
Expires
Fri, 24 Jan 2025 02:20:00 GMT
preamble.min.js
mineleaks.eu/js/xf/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/xf/preamble.min.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:00 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
1737
Last-Modified
Tue, 16 May 2023 17:59:20 GMT
Server
cloudflare
ETag
"e11-5fbd354a00e00-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot7lQASLQJmOXU%2F4I4Asede2zQ1jQUicfZJy4iygpLMuJxAsoHZdl7FTqAG9KjRxliagVn3TsumGmv5xOXx98F6JwrNTo2nHhsnuz0JPF%2FZcf6kyg7Kcswhw9%2Fhq31%2BTHxbWeEDdNiwHcOo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
84ad08d6fa13660c-AMS
js
www.googletagmanager.com/gtag/ 		206 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1047BKNRE4
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56976102d1c2f5476c73ff1d807d5145aa86629fe295434cf55811dbbf61135d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76070
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jan 2024 02:20:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535330373635729
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a990a2a5f332693f731aaf98ad8be7d9ac0f6abdcab8de88737347b47fc73fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51375
x-xss-protection
0
server
cafe
etag
5270046610328052914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 25 Jan 2024 02:20:01 GMT
df078f8d62e9b8e3278539ce77174f8a90cc9865.png
mineleaks.eu/data/assets/logo/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/assets/logo/df078f8d62e9b8e3278539ce77174f8a90cc9865.png
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5deae6d8c1f81c5e57b72c8df1964b08ffa9864e0dac4c0d1a5e9aa3ebf0779

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:00 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 30 Aug 2023 14:09:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"2d2cd-60424788b6900"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bE%2B7BgdC4rGIsxUs1O3lOGagD9UnM9S%2FzeIfyxfi1oMh4OcTtHjbzfhF%2Fr2V3E53mGU97%2BU%2F8K1xNbVoLg5pKLZk7LC0C5Eyd2OlOku4SfwPUHyU74im%2F0S%2B3%2FHbn3ckGtf4vohGwqwFQbE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08d82b61660c-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
185037
favicon.png
cdx.solo.to/images/ 		423 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdx.solo.to/images/favicon.png
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
1d7ab1c211e4b5877f875fae049a9114334cee6279a75cbab2271d5d306d8f8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:00 GMT
cdn-edgestorageid
1082
perma-cache
HIT
cdn-storageserver
DE-679
cdn-cachedat
01/02/2024 17:59:46
cdn-pullzone
223960
content-length
423
last-modified
Wed, 05 Apr 2023 23:45:25 GMT
server
BunnyCDN-DE1-1082
cdn-fileserver
257
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"642e0815-1a7"
content-type
image/png
cdn-cache
HIT
cdn-uid
a8b84be6-16d3-4c29-9fa5-1b1f10654d8a
cache-control
public, max-age=604800
cdn-requestid
a428894031a0639571af14a340b21048
accept-ranges
bytes
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
jquery-3.5.1.min.js
mineleaks.eu/js/vendor/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/vendor/jquery/jquery-3.5.1.min.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
30910
Last-Modified
Tue, 16 May 2023 17:59:20 GMT
Server
cloudflare
ETag
"15d84-5fbd354a00e00-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bpz1mevio00sHQhdsmxUGDImPH4WJnELxLRo6tBaKwshvgVNvdrEuO7rkeNEvVjEGJ3iPORSILlSWtTn%2BOOkHidCnuDNd2TkmEfF3MCNzrdCz3%2F1ugH%2Fjdkd%2BWqoVMpzTgqwlEZi5Nsmaxc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
84ad08d8de91b7f8-AMS
vendor-compiled.js
mineleaks.eu/js/vendor/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/vendor/vendor-compiled.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
12823
Last-Modified
Tue, 16 May 2023 17:59:20 GMT
Server
cloudflare
ETag
"aab8-5fbd354a00e00-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUIFJvnnLw%2FyvuX6N09SkGsbYroNL0lxVQsyDEjDkPVpsJqV%2FiSbz2ASIy8IoxK%2F6NyvGkcP6AvmRaCOHpc4G0V4UVGHAPhwoEhJM%2BAAxqdpGlw4R6pKosZOjbpX1INKoFm2Bg3BLVxGqBc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
84ad08d9acc0660c-AMS
core-compiled.js
mineleaks.eu/js/xf/ 		211 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/xf/core-compiled.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Tue, 16 May 2023 17:59:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"34af7-5fbd354a00e00-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH5uO33ChhvyqAYnLEvBBOjyWfXvIrL4GqegIxOTdYOHPWU61SAY0ZdUGO%2BeX34NP8PZLXT%2Bap6Q6En2KsBZboOWli7J2Qf%2F10RJSxA5EaWhBjlNAwufO43IdSxnVxLXQsMOiJgOgjlO1G4%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ad08da4a7a0c3b-AMS
alt-svc
h3=":443"; ma=86400
core.min.js
mineleaks.eu/js/siropu/shoutbox/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/siropu/shoutbox/core.min.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5d466fef65c2d9d7f14fc02d3377f289709c998596bdfb3548ba4773d025e23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3835
Last-Modified
Tue, 29 Aug 2023 12:41:20 GMT
Server
cloudflare
ETag
"2ed3-6040f20b4bc00-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqL9eH5HKmIUHnLDrVH3LNRQqvPBfqfneNYCcPGiLF4yV9PKkWiZ%2F8rZMarXbipz4zsvq1kPZndPW3gaoZpptoqF1vMwExxiPbHxCk%2FmOwM%2BYQU0pD6Divsq2cQQMKIfQg9NbnAWHlQUdPQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
84ad08da4eba66f9-AMS
core.min.js
mineleaks.eu/js/siropu/am/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/siropu/am/core.min.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e2fa852542b50f2df4b397c167c3278cbf324928b502b646f7a5d055365794

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
2963
Last-Modified
Fri, 25 Aug 2023 12:28:34 GMT
Server
cloudflare
ETag
"2518-603be7baf0080-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXazD7cnHDxqweNsEDCJGl9WUFUf4QPsy0Vxw6pSYLz3dDH0gI%2BgMhkQEIDLKc21es5UKJdi8SGHtrUNVmoKjCTjoNtoURySxaXFG3UKquE%2BRJSFvcZN1EHVSX5m%2B4bTazWpShLK79sUkuc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
84ad08da4fcd0e24-AMS
notice.min.js
mineleaks.eu/js/xf/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/xf/notice.min.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
1532
Last-Modified
Tue, 16 May 2023 17:59:20 GMT
Server
cloudflare
ETag
"e4e-5fbd354a00e00-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MApCp8MxFPeC8%2BvZLqoqztD9HHim4UMA52VW%2BDk0wOfgVJYVKtUII5JKh4BI7Hu6ebFUY8BWE%2FES4Y%2F68UKaevCWlADg27I1b3yrEESaaN70kcQKlPURyFPwP4Ic3PWBtRqXfn2khFVHaBI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
84ad08da4c0906bc-AMS
index.js
mineleaks.eu/js/foroagency/coloredusername/ 		380 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/js/foroagency/coloredusername/index.js?_v=5a6112eb
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e6169e39f5c8f93c0dae464faa49979fd869e935a0f9b8be0cb53f04349f57

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
242
Last-Modified
Sat, 02 Sep 2023 17:42:50 GMT
Server
cloudflare
ETag
"17c-60463ce51ba80-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ak0%2Flrqsabmodqsfdhi%2B%2BHk4VW9XygClT5BjXTkqK%2BYYDjTMHdfujuYgbJ2T7HQoPk3BZacn9YBa8kM3KFV1HfFB5KWg0PyBwT%2FE6j4uTxVfh1GhA%2BlS%2FymKMj9AOuQIomTVLnkvYP5Pas%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
84ad08dcb9980e24-AMS
sprite_sheet_emojione.png
mineleaks.eu/styles/default/xenforo/smilies/emojione/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/styles/default/xenforo/smilies/emojione/sprite_sheet_emojione.png
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1704063912&k=034405c740f279c15adbbc41dfccb627ca90db04
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ebd5451c5ac8155217093ed656a5eef49ab9d1ffe0c979de54bfb5a2f958c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1704063912&k=034405c740f279c15adbbc41dfccb627ca90db04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 16 May 2023 17:59:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"13ee7-5fbd354be9280"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2356YxYsONZOlxKo%2B7bM0qh1CYBU3vvZMWAopfoLVhz2qRToLLmM940n%2FOVPfimi%2FUxtDEc%2BS8Z7CQfW9dnTuojV9HZ8rcQG%2B11JAJ2zW8njaixJCICW6fcJXy9T8b9Rnz%2FZ7RY%2B%2BZtCZ5M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08daedce660c-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
81639
xYHi6bM.gif
i.imgur.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/xYHi6bM.gif
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1704063912&k=034405c740f279c15adbbc41dfccb627ca90db04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9f6bf67f30b771aa6ec6f0ba34125704c76f2b94ac180c80fd06351da8d9d788
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:01 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
1237702
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
3245
x-served-by
cache-iad-kjyo7100023-IAD, cache-fra-etou8220100-FRA
last-modified
Sat, 26 Aug 2023 02:48:52 GMT
server
cat factory 1.0
x-timer
S1706149201.069033,VS0,VE1
etag
"3e5b9cea2494174a0780f6a96ffc5ae4"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
no96RkbeNbGvYi5K2me1AAVY8JB4y_UKEjoGRm9V0XWynY7rsfFp6Q==
x-cache-hits
43, 1
Gvgs1RA.gif
i.imgur.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Gvgs1RA.gif
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1704063912&k=034405c740f279c15adbbc41dfccb627ca90db04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d053beda954a4ecaef2c6aea4c68aa7a524d8c79056f68ec44c96636a1fe18f5
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:01 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
2884177
x-cache
Miss from cloudfront, HIT, HIT
content-length
22261
x-served-by
cache-iad-kiad7000169-IAD, cache-fra-etou8220100-FRA
last-modified
Thu, 28 May 2020 14:03:16 GMT
server
cat factory 1.0
x-timer
S1706149201.069091,VS0,VE1
etag
"9d12fda22494e741af8e7bac0ce59cd3"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wzn_Ho4JK2UGUvIZ1F6vNzf9_0dLTgwLBqlkB8q4ydh3pB5qtJKS0A==
x-cache-hits
55, 1
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 19:48:12 GMT
x-content-type-options
nosniff
age
109909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 19:48:12 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 19:15:14 GMT
x-content-type-options
nosniff
age
25487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 19:15:14 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:16:02 GMT
x-content-type-options
nosniff
age
122639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 16:16:02 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:50 GMT
x-content-type-options
nosniff
age
96491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:31:50 GMT
fa-light-300.woff2
mineleaks.eu/styles/fonts/fa/ 		180 KB
180 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/styles/fonts/fa/fa-light-300.woff2?_v=5.15.3
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1704063912&k=034405c740f279c15adbbc41dfccb627ca90db04
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d

Request headers

Referer
http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1704063912&k=034405c740f279c15adbbc41dfccb627ca90db04
Origin
http://mineleaks.eu
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 16 May 2023 17:59:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"2cf50-5fbd354be9280-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
font/woff2
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4A6gdxjJR5UcoyBFjfzqZxIMrLCaqi7qE6wz%2F0hlngWfwn1ceXhrB0YSAKLzrxZc2ZSGolt4iYrghMV%2Ft324NchZ9fTknNk7VNltVnhbH%2FLZStdJj4kcRYHKYHxccs4qlI9oUdNQM2mRBM%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ad08da9f4ab7f8-AMS
alt-svc
h3=":443"; ma=86400
8.jpg
mineleaks.eu/data/avatars/s/0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/8.jpg?1692998590
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945dae67eea0b7fedfd8e38f5d72bd36b4fc463fc4c32f4963eb009b2d246c35

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 25 Aug 2023 15:23:10 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"4ad-603c0ec1a1380"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85mK6FswIbwIQ4yRhLbARlul5IthOC2SFwRzTN5t1TGVTVZId3rO6xpk4NA1JQ0XMS9TI9ocQry0tPU9ip6Ebxe5dBi%2FYex2DIQYovlD3O%2FOL2vgHglEbM0yxuFYEXlyuVXEqjMs4IGylfA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08db7fcc66f9-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
1197
85.jpg
mineleaks.eu/data/avatars/s/0/ 		857 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/85.jpg?1693421313
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac2f33b4c1a96dcfd287260a5374ae0d9f90ed7a56fbb8e989eaa498034bd29

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 30 Aug 2023 12:48:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"359-60423586a6c80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTQTpbIOa%2BFDcVLcxklWbRXuXC6IgfxqqMKQ3Zyq0UIB2ANG7RpyBe6k8lpBizM4FPsX2EDbTYgr4nFJwhVTt2ULJGxiJ%2FsSscXuTPKyrhieZrwgVWt0VCpg6z%2BveAR%2F9ONeiCr2734JafA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08dc2eeb660c-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
857
667.jpg
mineleaks.eu/data/avatars/s/0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/667.jpg?1705881581
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb6f18e5df4a337ea4381126549038ac9456d2857881941fbd8ceca09c3768b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 21 Jan 2024 23:59:42 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"67d-60f7d81c26c5e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz02S7aJZrupMkk7cBFjZzKpkIaz76vdRGfjR%2FSQOS2CAj%2FtYuM5ip3bzWgNmxkBuwi2v7Hq%2FNlYfqA9cs6FVjE8VLSHYc5M5k6znKzd3Qhmtaf0pIKlCup%2F1bAtg2g40cnBfow%2BefOzuvY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08db78ae0e24-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
1661
500.jpg
mineleaks.eu/data/avatars/s/0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/500.jpg?1704442121
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228c9d3116f04af9ca2aba7880579a38fe7328baf431488565e3ab7894c81a15

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 05 Jan 2024 08:08:42 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"1522-60e2e5b3c49c1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRMzwyC2SP%2F6FHr5dPL1d3o0rDfX8NeRga%2BQP8ZFM%2FxIuBLahBsM8yNOLcxeyk9DzVncRgwgraN0UFhjNpybMaBRY4xp4DPJCXrG%2BIuTROyhUEh8wj3ntlFMeryy6nbfVUft9CeFi9dKgyQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08db7daa06bc-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
5410
477.jpg
mineleaks.eu/data/avatars/s/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/477.jpg?1704189350
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1930ec6f3845181c2a4afaedd185dba8bcf45517dc3b02e912f984b958a68d09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Tue, 02 Jan 2024 09:55:51 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"113d-60df380f2194c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ6RZh%2Fe4z2eZrtM%2FX%2FcBvfK3xjEeXvB9%2BR%2Fnti1IClhlj1jHKhU4zmeUYLmlF1dd13h0mytZ4OyAC2dT3jY6cOd%2FaV1FuoDHrrlCqxj18Ojyz8kcQmgSVtpx5izJ4C4udBHUNEQgIlj1nw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08dcac110c3b-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
4413
truncated
/ 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
1.jpg
mineleaks.eu/data/avatars/s/0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/1.jpg?1693702225
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f57ea48ce1ff62f774d1767c226338c4a221a11e4ca0e490717bbdfd8818f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Sat, 02 Sep 2023 18:50:24 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"669-60464bff4dc00"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzFCrtbEH7uYkPz31txhE4WqNHXB11z0ZZCKiTmbEHOwUOAKcwumDqiOuh7X5484%2FmUOInbgHSli2eyf9vLJvFNpdxZjghY5qTrrBvFr7Kx8G3hrph%2FV3bYh468z8MnUvgiMZeCbiDv4dtI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08dcbee406bc-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
1641
173.jpg
mineleaks.eu/data/avatars/s/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/173.jpg?1693780875
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb24d1a170227f124cdae323a5cd79a21a40d21c6226a4769aa2edd420b46c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 03 Sep 2023 16:41:14 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"10a1-604770fdc9e80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4WUmjzHUFkfM10sNqhY6A4i0xL88hOnIodYoNrh8%2F58zDsBmPFXN6VyFRrqIH2wzxAikK%2BmhX8vle242Ym7fNkA%2F2lJVG9XGP%2BSLqE9PL83wzf7y90OFS%2B41e85zxaPl2Zqk6mzowXVEgk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08dcc8eb66f9-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
4257
666.jpg
mineleaks.eu/data/avatars/s/0/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/666.jpg?1705877629
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88fcfc8cedcd2b7f1c07a35fed8f29e62e2850516fb0f4238d2849fcbfa6b11

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 21 Jan 2024 22:53:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"9cc-60f7c96378633"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlhQC1BDvjh1Rf346oB4aRwKxFnOC73Y5z8oVFgrOggCV073AfVvG9EM76NtWPC3W7t07q9Vf2%2BHPXTmcqLsk%2B2p8bi29O6WBJsP17CgncWVJCPwXO0RW%2BVv8rkLssZkgdRs07gJGSYfx5w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08dd5fea660c-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
2508
662.jpg
mineleaks.eu/data/avatars/s/0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/662.jpg?1705862328
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b180f971024e1b72cc38d2f94faf78a31badeaf260ef6dda04c25a5ba7f5bf3b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Sun, 21 Jan 2024 18:38:49 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5fe-60f79062c1eaf"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZ10KAtqdN2c6JFWybQdqacHgpCxwtskMi%2BBtUgHyzmVejfDYiNF4T02RyIdEUasGj47J%2BQxGDr2K44ES2LAnIGqTUiG2wi8uKM%2FVX24li2q2vOt2kbKuTu6eaIYPpRfT3ZfBMgDPGuylVg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08dd6850b7f8-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
1534
328.jpg
mineleaks.eu/data/resource_icons/0/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/resource_icons/0/328.jpg?1705886542
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6408b238c83504389a08b2945e713a9b113a64dde0da1c7065a9708a7623675

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 22 Jan 2024 01:22:23 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"30c3-60f7ea976b79e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdOoC0UIJPiGghEM60SR5JjvzCFB3UhqWluQ1Hon3JcQwQzx7IQbh8OJ4HKaOAvWCQlMHO1T%2BRlQwqS6Bm8jC1xJjVWGy%2BlEihi2UAzJl%2BnaB2tOEWA2jf86k3UKQS5%2FGpJzzYAy1YuI7us%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08dddcd00c3b-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
12483
326.jpg
mineleaks.eu/data/resource_icons/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/resource_icons/0/326.jpg?1705129725
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6dbdf8c733fa55c389b98a54eb9ed8e1967077c2bb8f0be2a34afe5c534dfba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Sat, 13 Jan 2024 07:08:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"f4b-60ece73a363ef"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zwiy4qUfVI48nuhowEQpP0%2FJrwSIRuWnEUjZEBVXQk6Bn10E916EDXX2ExOHNP28hr%2B%2Fcw1jgThVZlO7%2FRkJXJNG9nwIbgYOiQyWw%2F%2FACYIkQG6hl93m5HyETjIDrn7dAN3EB1b4PAQ4kY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08ddfa6e0e24-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
3915
462.jpg
mineleaks.eu/data/avatars/s/0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/462.jpg?1704119511
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d62d2dd26810a29da681ca9cf63e4bba9f39a5dd3f9d3561fb8d158dfbb4af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 01 Jan 2024 14:31:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"1530-60de33e32e8f8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxyaDCDP8a94FbINGVRrKLZKxOj%2BpUQynEo33FnR7gjMVEeIcBrHwcEl3C0C1o%2F6dRzZRi4vyT4h493n6bMNmm1pMnVdsMguMC82OMu3TKHdVeFWipRUB8%2F7vTE5lhbTXh7znW9xrZYvygE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08ddf86306bc-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
5424
427.jpg
mineleaks.eu/data/avatars/s/0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/427.jpg?1698999018
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f425d358d9cd9c96411f8a6c243d66b14160331c1bb8b2eb59c11cf3060e4cb4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 03 Nov 2023 02:10:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"141e-60936017b3680"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkx%2Fp6l8tTfxsV4n2chwMjvhYuFNRr%2Bs4mR1jFyqcvHeVCpdrfvTbfx0yOGaqffSo93rfzlQatL%2FAhcxUemM3ky2D8ZDBdp4iOeBJ9rDo%2Buet%2F2l7rLJ4%2FBSudPd0L%2BdLrvXBdfCVUMF700%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08de09fc66f9-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
5150
58.jpg
mineleaks.eu/data/avatars/s/0/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/58.jpg?1693154608
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ee0f40b1b3ad827b2b99716479ef6088f6497785c70f97167e104ea484e837

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 27 Aug 2023 10:43:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"183a-603e53f7fd400"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfT2gqgpR2fMGx0nHPx%2B5SyyQNDlFJaOIBUl3%2BkBoCRDmMViOszceS0OQgjoZyw%2FMyAu4%2BQVBEIBpNbo4pTfOyVLMWupBy7hVESt4Di%2FfZwaLgGHXzXd6bSvHKo82BgY2G9se4C9Xh1FHDY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08de98f1660c-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
6202
275.jpg
mineleaks.eu/data/avatars/s/0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/275.jpg?1697222230
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4832dbe60c116e619ee2bd9d54c88d2c07f3ea446e7a0b762eb6050b4525b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 13 Oct 2023 12:37:10 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"4ff-6079850a9e980"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHTG%2BtqGgXC%2Bi1snPdoig5jYju2RLicamNkt2IIHlBKQ%2F%2BlPuyVOZeikFBGEydpvkMgHwO6tDmsIazuLXsmDSfCF7mmCn%2BNQTAiTbmmQ6NVCJtVWU%2FW9xQKrVZKMJcTu%2FJXFgint8GeD5MY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08de98dcb7f8-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
1279
254.jpg
mineleaks.eu/data/avatars/s/0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mineleaks.eu/data/avatars/s/0/254.jpg?1696975162
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ecf956346ef32176254197b3baf6a5c1d3956e6527f302b3f1904a7d49ee664

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Tue, 10 Oct 2023 15:59:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"481-6075eca436a80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyGsX8gZCmICR2b1ieKSXjBwcLo7UH3wlGGkXgr8jwPMTbgUPlFIvbpMGkDhuzoMDomwD2nQ%2FYCGbB2V69dQBhOPZa5EEdAsa7xE2jtTy341WHQfXAwI%2FzyN%2BC3zuPjJHsf%2B2BaADhXLP7o%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ad08df294706bc-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
1153
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1047BKNRE4&gtm=45je41m0v899451844&_p=1706149200994&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1422090559.1706149201&ul=en-us&sr=1600x1200&_s=1&sid=1706149201&sct=1&seg=0&dl=http%3A%2F%2Fmineleaks.eu%2F&dt=MineLeaks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1672
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1047BKNRE4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://mineleaks.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535330373635729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bd894e0e323549685e351f19aef8ca717f8ff1fc26a223ea79971177fe12d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139801
x-xss-protection
0
server
cafe
etag
17539342691715453101
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:01 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 4C21 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535330373635729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
9564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 23:40:37 GMT
etag
3890843268177463596
expires
Wed, 07 Feb 2024 23:40:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F23 		677 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&adk=85976724&adf=3412083302&lmt=1706149199&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x540_l%7C140x540_r&format=0x0&url=http%3A%2F%2Fmineleaks.eu%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1706149201241&bpp=12&bdt=855&idt=200&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6310713474586&frm=20&pv=2&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5fc67d1f2387fc6469acac71c68caf7c6bc3a88a679e4609546735b43e75b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
121733
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:01 GMT
expires
Thu, 25 Jan 2024 02:20:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D65E 		160 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c546d451ed0e816b83dba9db05a6a00b5e85dded0d038684ee2814380e9625b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49915
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:01 GMT
expires
Thu, 25 Jan 2024 02:20:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
new.mp3
mineleaks.eu/styles/default/siropu/shoutbox/ 		2 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/styles/default/siropu/shoutbox/new.mp3
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ceb880d9140d5f448b9fa0fa04ead8f24cbc24d7b1d5d93ff9909c895ed0d8

Request headers

Referer
http://mineleaks.eu/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 25 Jan 2024 02:20:01 GMT
CF-Cache-Status
MISS
Last-Modified
Tue, 29 Aug 2023 12:41:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"95e-6040f20b4bc00"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wjzdz7IXPv2RsDzTCZ4WeR8A1yOXQJJjE3MBHHqADl6xpGZM5shJsDWfSXYLug9yGITe2ORZsromSC3iEYaZwfIW4AciNIAMDAbAr2cAjWelGcSWN8fLOk9%2B9rzrnAwpZkSOgaJ7u2g%2BF7w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
audio/mpeg
Content-Range
bytes 0-2397/2398
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ad08df3b690e24-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
2398
job.php
mineleaks.eu/ 		14 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://mineleaks.eu/job.php
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/js/vendor/jquery/jquery-3.5.1.min.js?_v=5a6112eb
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://mineleaks.eu/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:02 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
34
Pragma
no-cache
Last-Modified
Thu, 25 Jan 2024 02:20:02 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KpbQ9ZCgqqCE3yrZf3IFKfwO0wERXCXTcDBsR4k8Wo5z03hdrlOrnVNlbrYWMkwatVYCCtUF3vW9OUkM9T%2FrLWxjYhlV30Aj8IrCphY0NcrYv2Q3p5hZsud3debVMIMveXs8E8SYoJELOQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
CF-RAY
84ad08df1d730c3b-AMS
Expires
Tue, 03 Jul 2001 06:00:00 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame D65E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 19:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 19:07:52 GMT
d0c418fd7c3c9b1fa25e4b07b8f8ee33.js
www.gstatic.com/mysidia/ Frame D65E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8305
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 14:42:52 GMT
css
fonts.googleapis.com/ Frame D65E 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:40:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:01 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame D65E 		225 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 19:32:51 GMT
x-content-type-options
nosniff
server
cafe
age
24430
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Thu, 25 Jan 2024 19:32:51 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D65E 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:33:25 GMT
92da1c8e4790a69c4d76e84ba2e3001c.js
www.gstatic.com/mysidia/ Frame D65E 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2259
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 16:26:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame D65E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
9805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D65E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27737
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 18:37:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D65E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
9484
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D65E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:01 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame D65E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 01:15:52 GMT
data=OFf36j65HCmiRq0BtZhoOzEzaszWct3AFrw9QjxtpLwsutl2RixZrZNv7BwkwPZ3m13EMLtGZEsSCnga99BVenqb1l5I2v4jpcq4-0YLxIlH551l225fKBTd
mts0.google.com/vt/ Frame D65E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=OFf36j65HCmiRq0BtZhoOzEzaszWct3AFrw9QjxtpLwsutl2RixZrZNv7BwkwPZ3m13EMLtGZEsSCnga99BVenqb1l5I2v4jpcq4-0YLxIlH551l225fKBTd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
truncated
/ Frame D65E 		244 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D65E 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D65E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
510bb3fef5d140de1f6fa728fd93f9ec28cad7d4bea142e6751a0688da23d2f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d83468545646756953863db26337dbfde5fd94f7f58d7b01ac4453b5444e7601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56679
x-xss-protection
0
server
cafe
etag
3719882203814790466
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D65E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2JsdWUtc3F1YXJlCgoIAioGc2VydmVyCg0QKyEAAAAAAAAkQDAECg0QAyEAAAAzM2t5QDAECg0QCiEAAAAAnJnZPzAECg0QDSEAAAAAAAAAADAECg4QHioIMTIwMHgyODAwBAoOEBkqCDEyMDB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAJmZeXlAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAADJAMAQKDRAFIQAAAM3MfHlAMAQSGkNQS0gyNGk5OTRNREZTMHdWUWdkdnlvRXlRIiZsb2NhdGlvbi9sb2NhdGlvbl9leHRlbnNpb25fc3F1YXJlX29jaCgc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DC39 		25 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20d08424a1c77137feb7d1c88cf12ade291e8b3ab3ec73ca0adc9b60259a6e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11923
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
expires
Thu, 25 Jan 2024 02:20:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D1E0 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=3973231943&adf=938944237&pi=t.aa~a.4083217474~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=960x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600&nras=4&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=1799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
183d5e88a1091992c416793a52456982ddfb934d3bec01e76989b92363f0bbd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
expires
Thu, 25 Jan 2024 02:20:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F674 		31 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c841e11e4c4e8a856cde3700ce518c9df6907a6b22b3e95cc63b2208aa33510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13247
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
expires
Thu, 25 Jan 2024 02:20:02 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame D65E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CzxRxUcWxZbKbHq3g1PIPv9WQyAzKqsnwdJ3z17T5EejmrNjaDhABIKCS-J0BYJGEoIWMGKAB1rumxAPIAQmpApkrUezPQ7I-qAMByAPLBKoEygFP0Lov1bTby09TuStotNkpUMxQhaa7W5s...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222349735836814329319%22,%22debug_reporting%22:true,%22destination%22:%22https://shop-goudwisselkantoor.nl%22,%22event_repor...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222349735836814329319%22,%22debug_reporting%22:true,%22destination%22:%22https://shop-goudwisselkantoor.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22948542934%22],%2222%22:[%22true%22],%224%22:[%2201-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22836834136729519585%22}&andc=true
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"2349735836814329319","debug_reporting":true,"destination":"https://shop-goudwisselkantoor.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["948542934"],"22":["true"],"4":["01-25"],"6":["true"]},"priority":"500","source_event_id":"836834136729519585"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 Jan 2024 02:20:02 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2349735836814329319","debug_reporting":true,"destination":"https://shop-goudwisselkantoor.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["948542934"],"22":["true"],"4":["01-25"],"6":["true"]},"priority":"500","source_event_id":"836834136729519585"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D65E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
180025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:19:37 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 99CB 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149201253&bpp=1&bdt=868&idt=214&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=216
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
125840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 15:22:42 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame C362 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
10300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 23:28:22 GMT
etag
3890843268177463596
expires
Wed, 07 Feb 2024 23:28:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 8BFF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
10300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 23:28:22 GMT
etag
3890843268177463596
expires
Wed, 07 Feb 2024 23:28:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame D61C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
10300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 23:28:22 GMT
etag
3890843268177463596
expires
Wed, 07 Feb 2024 23:28:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 457F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
10300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 23:28:22 GMT
etag
3890843268177463596
expires
Wed, 07 Feb 2024 23:28:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame C362 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:34:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:02 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C362 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:36:23 GMT
x-content-type-options
nosniff
age
96219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Jan 2025 23:36:23 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C362 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:35 GMT
x-content-type-options
nosniff
age
96507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Jan 2025 23:31:35 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame C362 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6870
x-xss-protection
0
server
cafe
etag
16407976921096022632
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:35:25 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame C362 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
10126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9462
x-xss-protection
0
server
cafe
etag
4236850132385514013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:31:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222349735836814329319%22,%22debug_reporting%22:true,%22destination%22:%22https://shop-goudwisselkantoor.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22948542934%22],%2222%22:[%22true%22],%224%22:[%2201-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22836834136729519585%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 25 Jan 2024 02:20:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 8BFF 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:36:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8BFF 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8BFF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
9806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8BFF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 18:37:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8BFF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
9485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8BFF 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame 8BFF 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 01:15:52 GMT
css
fonts.googleapis.com/ Frame D61C 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:43:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D61C 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame D61C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
9806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D61C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 18:37:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D61C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
9485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D61C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame D61C 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 01:15:52 GMT
css
fonts.googleapis.com/ Frame 457F 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:40:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 457F 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 457F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
9806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:36:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 457F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 18:37:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 457F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
9485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 457F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame 457F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 01:15:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D65E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2JsdWUtc3F1YXJlCgoIAioGc2VydmVyCg0QECEAAAAA4IToQDAECg0QESEAAAAA8Gf1QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAIDMzHyDQDAECg0QFCEAAAAAgOb1QDAECg0QFSEAAAAAAAAoQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAzM6uDQDAECg0QMiEAAAAAmJnJPzAECg0QMyEAAAAAmJnJPzAECg0QNCEAAAAAmJnJPzAECg0QNSEAAAAAmJnJPzAECg0QNiEAAAAAmJnJPzAECg0QNyEAAAAAmJnJPzAECg0QOCEAAAAAmpnpPzAECg0QOSEAAABmZlZyQDAECg0QOiEAAADNzHR1QDAECg0QOyEAAAAzM2uDQDAECg0QPCEAAAAzM2uDQDAECg0QPSEAAIDMzHyDQDAECg0QPiEAAICZmYGDQDAECg0QPyEAAICZmYGDQDAECg0QQCEAAAAzM8ODQDAEEhpDUEtIMjRpOTk0TURGUzB3VlFnZHZ5b0V5USImbG9jYXRpb24vbG9jYXRpb25fZXh0ZW5zaW9uX3NxdWFyZV9vY2goHA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/8226660912865050453/ Frame 457F 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8226660912865050453/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d49c52632773f3e44ae96faeef74f2f49d2727e9aad26d527ae19c6d04c1e034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 01:40:54 GMT
date
Wed, 24 Jan 2024 01:40:54 GMT
x-content-type-options
nosniff
age
88748
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12488
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 11:44:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 457F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 457F 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 519C 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:40:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 519C 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
9997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:33:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 519C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
9806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:36:36 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9773 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
2951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 01:30:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 519C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 18:37:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 519C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
9485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:41:57 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 519C 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame 519C 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 01:15:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9773
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
expires
Thu, 25 Jan 2024 02:20:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 457F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f83907b884d306760087085e0639e394364598d92fd1ce2a3e7ff29cb7a7e78

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 14BA 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUXKMlTFLw1tqr-lTY7UnpcnEd_imfFDTsYlB2suXmLzMUL7viDl29dcNvICv_h3ambjCvnAT-8UrYOCPg5UrEKzarrw6fs-muXEGkJtbmkktDdT9aXsXcyV9eKx66gIcYUD-yUfNqgloNhGRipANo5LO5dtfpEM_-tR4HVHuE8uDZ0F6U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9BFA 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9BFA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 18:37:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9BFA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
9485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:41:57 GMT
l
www.google.com/ads/measurement/ Frame 9BFA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_c3-xm2dwAfDnQyTc0f2nQoy3VpHDYvZORkeVFBIP5SfNhxazo-lPcsHaZuhtK2JqbwTqej3t8EnaOPm4bxx9bJodDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9BFA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlhtWO6LBgVxT5ep49eRQwKY4taWVlhF97d0ZF9uA5YjnYY8SJvJeBd8t4EL06K9uwIALIBkHoHvAyytBH7y-5weLtkO4ungynN1dDrfHS-Lf3GVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 619B 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
125840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 15:22:42 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 457F 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
180025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:19:37 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 3597 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
125840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 15:22:42 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 457F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIk7kUcWxZfCQHuaAkdUP1MaYoAnA-piKdaL__surEq4CEAEgoJL4nQFgkYSghYwYoAGe-vTOA8gBCakCXnw5i8JAsj6oAwHIA8sEqgTHAU_Q3eFqkni0kxRTgM7Cado6LJzqFS_l2mAHhS2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224853940984176678496%22,%22debug_reporting%22:true,%22destination%22:%22https://inholland.nl%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224853940984176678496%22,%22debug_reporting%22:true,%22destination%22:%22https://inholland.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970800414%22],%2222%22:[%22true%22],%224%22:[%2201-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222573551759155830225%22}&andc=true
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"4853940984176678496","debug_reporting":true,"destination":"https://inholland.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970800414"],"22":["true"],"4":["01-25"],"6":["true"]},"priority":"500","source_event_id":"2573551759155830225"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 Jan 2024 02:20:02 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4853940984176678496","debug_reporting":true,"destination":"https://inholland.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970800414"],"22":["true"],"4":["01-25"],"6":["true"]},"priority":"500","source_event_id":"2573551759155830225"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 42D4 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
125840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 15:22:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC39 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSHoNyvraU1G6jigWEQGT5ox-bfVobh68rCxA8jrMc6YKqm0u_qGEO_J77DSXksnz6jM9ZbI7L3DRKNMCEcl2Y2KBZH1Fa1xdclhLd31OMvV7RNC8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DC39 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame DC39 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:37:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
27738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 18:37:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame DC39 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
9485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:41:57 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224853940984176678496%22,%22debug_reporting%22:true,%22destination%22:%22https://inholland.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970800414%22],%2222%22:[%22true%22],%224%22:[%2201-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222573551759155830225%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 25 Jan 2024 02:20:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame DC39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8HMpr-JVumwAXrHs4o18s48GNIbDn_doIzECpJYYP7TW9gn-KoJNdNuZ9oVeefXlcRMRtJopunoWleb0OQ-44gQStKg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DC39 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 02:20:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FAA5 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYz62yggIwAQ&v=APEucNUu3hQRWkbItYWq7kCHJWircEoagVMRY9hHActm9wqMqbJ5SXQlsC6XDxhm4uYLJERZnczjs2rggpK1O9ivFaROKfKzxQX_VH9BbT2N4Q00p0uDxIDsJjT1BUbvDA69-TcjG4U_bhMbt295frHiYy3s3Jk_0sviwhfZK85dLlOKdXKtxN4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1257783514703&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1257783514703&version=m202309260101&ct=77&x=1&cor=6479002467625982000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9BFA 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbJlp5j4P39kHoCK4vl4wXa8azAnugRGWi7ebxW3vPl-BLCNKT_vyOc3_iz1mWp05xJmzQhiCr0xtZj4gTFQU9BAPqVvJ1X9y-l_ngBe6e2ilHiIU0wK3qjarwoROIEFfNgVKRKjpeI_0rX4WYrU2gWkhu8uglftAbEiXZDilZ69W68NDeAW0r3HHRU3zLzS142mqqhMaejMPrPS35o7w2d1lCYgjhduogb2l8jlIQo0ZNPY8&cry=1&dbm_d=AKAmf-ADp2NCZBLQjt2BMxQdrJqyL0dotLU4ZHkUB-RaBP9TbyrXS1aFygYYL-jDpoTWaEz5jJDp0U_eYqJeNdCW0KLJ0Y16qp_YvJhyMXvyUscaUh7ahHBeS8GVK-BKu_cBlYB_sYhTVcMAVEulKcHFKMT_2ZOmEAjIBN5u0MkAlmRZT8-xTL3s97vNPXiwFkBiqkkeD5iECPr2YAjmx8IrWDV2JKXAokbBQfpchkslgMgY7TcaNt4TJi0uukHMmUbieuy2pt0wVxKi_Om0HXG9G7-zqYtWPlYZeU2YUS_N4pfEktUecgUHdSgxIEYleJMXXHsXZ8DqUc170wEacGH0UV0JaZmo1Dbnbi-fTog1zlo9XahqMdkiXjUb1MzkNKTh2XUlDtwBfFvR6aeDu0hz38nKq5OOvh5-t51qjI_ktKPgLN0Xo_voabSuy1wTf_Ous-K8IeBHsgyYmDGurMvGSPz8-DnKcsNz1smKPR6dWR1PvWtfdjEqnBN8wJBR8vmSnWIIVK1Lqkmwa9X7yY48-zxikoCY8SF8FuoJlRzrlSDzb79c2ZfAz852eW2CNnJmOfarJhJME2GwCogc0j2uQirz0Uw7UOm1QBAe06fzpIW5Lx6L5W963yJ3pHGdiX6myL3tXB-nb4ic3aUFpg_gXgvgONyfR5byvtxvzlYD9KFAwOMT9ZWqNbnY6iSDKO8Es1YdelWHO3eF696Riwc7aYjKEVsO_cfju5S7T01n14ICp42vLOaYBhmQ_DrrplJCeOWBjHhwNTHTdC_GH09omJo63HkQsWeJVbnSKoG7tdDfNUWl02Z5vkMxL7t2FUqlw1b3E1dp6NC0lazEDLVrk2Yy8xUhLT_xCZX0rB7aMCsi4_5bIC7YJQeaeIGODCZW8gKBtMBpRGS_5ODI1x-c1CE4v96fe3zGGs97wOoQ5tVxj5TY4mE7CdDlXpCXLSJsUaVOyv80yJKKxAKRk-W0BBHiR2oiWTbGW9fo3PtNgqicPQs4NIZoHeR4txaGr9BuyC_yVPUWpFjKgYJYz1Y5IyMseomPeHpxaLXxW8lxK_GoNPPfgTsaNE5Ifom9zY1PKbiJQrqhRzoMNUtJI96T_XEIt1ArM7rH7p116lATN8PF16zWNB2wPI7aVF-RMOxW3jjaxP7bTPQl4Np3Q6rgACHElv_2_LjU9feaXLuSYNrBaY-C2zb1HhreoNkLKgM0kf6N-R2CykJ-5FF-Q5grL5XMRgIgD8DIEpJzgFE0PfL0zusAoNzNfeyfluiGs57Y-8-eNmcDKnzheID5v0rMMcYhTFc2_TlGviPusgqQ3dKfvEPBG66jcOzj4z824IQ6-mhKiydjYI-vVyDftBn9IpKWX1SCBFEG37ScBb172nnGWmQHKp0aLELZ5z-8lZ24IujdOaLrHN7CcO7ElJz8DlfuyFCY4bKqXjC1q5kjS9TmQPG3BS--xyZ8rxxp4VslRXXGXDuryB0vP_b8CrTLiL19X_g1sUWMfNX27TDuHK-psGyBk-YE5SrJ4QlWoEPvVMiVbSkeTWSpj27gup7uz9_08jLbkhNTblt5LAjR5shNa5Aoah8Cwzq4X8v-efES8EvREsqwXEk5V4akSW2Owv20JLuJ_Ih6whD2ES_dxy5T840WvA3hN0aN_fD5awizPe7lVqPNKejoV9pZqBLRbFEaa3J40dbss383lAbXQQo8Cc5XcrQgOjsCQySNahErC0bCGO6GR8KHQaHZnH3HmMpHYxzVVBhY38kZojUez60PkoL9gtO4YH01hQ-TnLVxXOqW3j656psjjLkMB3FLBc_NdLCrAgcHU0OKXCfc2V-tZ0jhMiHlA_z_YyV_pZB7qa7GkWil2cCIB2r4UceV-4jVsjrphnUPR21uLn3EW6peg-fe2cyi4mQyx0KuU3qvmuvNNjEOnhJBfdoCYLSjWB01GqbLg2dHoXmUz0sW4cJkJgtDx1FhfXRorztJo3C3-Nk5Oa45B_RityMeUNAwHcF-UYBXKCW1FnYbWMHYU6K7AAqkASpDepi7RRtpYKkXWghem0K2MygN5YEgLNqqhu0_7TrOI6L-ArOs6X3goqvqDno9wODq6csOkQnqZ9H1DMa4t29QFSYHZBUQyEk27ffGDMzgxQDtfhHg8i1JdP8pkke421IG2uUPKDpR5P1IyopV43Vcq8xRtJhqyIB9_NKkb2U10bsrycDnMMVsIGeXS_ambAPEn7gZcl_WIEvfbooiyisE2tZCGpeDnSYIm4uTYXvubJZ3xuZMxvS9EYe_IAfJuAmq1o9xjx2hhkaI6f4O076E2sXGQoBdsJAOyhbrhP4cimxT8o4RhJkNsKRn9upRgwYCKaHc0h6fP1K8pS4SjvcFKaCxbb_PNgsj2fuK1XTLK6zlGnXvb6OPsc4eDKVlU_hMH-Yfq12cOoxiasrvz8hyjdC5kir_JIXodSW3vSpIRzKQRg_BgWcrADDehI1c1t1e2EJnH8qPHJ6TWWu9E5TuTDBvyzbXxUGTo0XTvwzqrRNYIKrNNtAK2c4OarfmuKze2Hg8CIrD8YTzcLbyrr8_zNwlUp-4NrBoSrI-v69_8Vzc6m3q5C3r03itro4kV6zax9H-c_EjAWKDWzM3q5wGVYmaVD0z8Jy1QshIkZ8WrAaEnd9negMMy6ICE3LW-H1uwML9ZIkvP8xSozFK8lYa1fMaE4GvWbY2seHTnVcOQh1RKnB_IHudgubkqArbmcUdbDYruMS-O87YjC9Gk0D9XST3Qiwf5k6GRNz6cTxahF7kW5iwJ9KuUg4WaNi5X1mVVbVBMEJ2c3MFORHIoeZh1ekOEoWomUrIY1EUHe4It0g-gep8LsLyFDAvLnhO7ZbdIDGMuupk2iTQu01pTdGxbEPhlFisNVPrYxnhnHpcSEMr3X2jj4yflW8n9zDnF6LH0xkQso355mu3s_xT9dFoXEFpbizpG2Fq2uHhTGOBHFf57K7GsasTNNO380MWVVIz5Q5P2klQqiwp2cXiHoU9Gb8P7zSGQlMQ4mZIjKCUsgHZyFDP1ayli_ztYXjukPYyI05PX_Gmai7htMiyUR2ZMMM72SFmP3m8kmr7qEvuWotrRgkWyMiL22zDSPf3fVMFP4siklE2H6hEmlsJ_2ZTRudbyCU5b8VXCPaE_NgR8TvCjkfR1r8xAV1NSbrVjIwD5ZlCO6oeK8UgeltEK66yxIghTc3kYPxvEVXsfLD87BsMoeP5cTZlZ-edBKT3-lpIzS1xquBhXsaDA5mnu24QQAznzlfYnROKCVma9aFw69KPVDfkJvnrBvwxqaBTThvpYeHxUwqc3PUJPydVHAa2qYyy7-XYWxD6B9HV_qbyYvQEU84TdwyAByRW9XrAaG6bTz_jMNuVifp7vE0pmUEsnHEABKTgEAKd1gwIcZQPExTVll0gmJHOusOYk_CE71CIN3Jjp2CBD7t-TV9MAFjJxxNf6r4JWAsSMyDWNoDXaXkN81kk0RNkYJFhnRtQyxYQQKHkPaCoC4V4qd8zuaX4uxRH3oHuO9DT_EsvdZeBjr3DDBqoebTTp4BAUuqCsGDiZpEd58FkbRcXaQueoLCWa-nULLNWsjEjhzfbNDfh0BhTJXwBEpVQz9uWsT4QQDxSUvCRiOnhb9kUhkiOT8gAB6JwpNV2wGcJEyCAVJbAg5YPUvtTfYtvaGH9fTHZp9A4HaL-jURInXO48jKQiKLMKDA5r9iutj7NuteASqDwPA&cid=CAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fmineleaks.eu%2F&ds=l&xdt=1&iif=1&cor=6479002467625982000&adk=1726166463&idt=112&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc371cdb1321825aa7e9e2a7339823cb4c445af7c261f32728454ed2487e9a7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13462
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 14BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUXKMlTFLw1tqr-lTY7UnpcnEd_imfFDTsYlB2suXmLzMUL7viDl29dcNvICv_h3ambjCvnAT-8UrYOCPg5UrEKzarrw6fs-muXEGkJtbmkktDdT9aXsXcyV9eKx66gIcYUD-yUfNqgloNhGRipANo5LO5dtfpEM_-tR4HVHuE8uDZ0F6U
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfKEE8bE2kqOjz9gy2HHVw12%2BHewf1%2F3lnzntAeYE1%2BsfL2X4%2FzrTj9IllSY9Wp1Jio4MgN7GZ5%2BNC1VWQg9bi47CCe3reGgELyYurJed0f0yrDPcz8sXVozRInS%2Fxsuucbox5FteSSoRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84ad08e53d6f7748-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 14BA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbHFUu-rloAMMyuTyZyZawAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUXKMlTFLw1tqr-lTY7UnpcnEd_imfFDTsYlB2suXmLzMUL7viDl29dcNvICv_h3ambjCvnAT-8UrYOCPg5UrEKzarrw6fs-muXEGkJtbmkktDdT9aXsXcyV9eKx66gIcYUD-yUfNqgloNhGRipANo5LO5dtfpEM_-tR4HVHuE8uDZ0F6U
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8NAaXclFhU6Q8boD0WTP1owwAzT%2FleeOZ6zFM16SkcVRirKacJ3OGvEk71%2BUES17mO6e6nD%2FGk2RYp%2FL7SVxP81FSIbDFkDeY%2BGW0p8NIn%2BQ4jLW8o7gpvG8BYObsSVfPSD56K0bNvUsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84ad08e5bfcb0e35-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMAdbjPosiosBgIXfS8_bUc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 14BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHvzahqvaYmhak2PBYKbKuY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHvzahqvaYmhak2PBYKbKuY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUXKMlTFLw1tqr-lTY7UnpcnEd_imfFDTsYlB2suXmLzMUL7viDl29dcNvICv_h3ambjCvnAT-8UrYOCPg5UrEKzarrw6fs-muXEGkJtbmkktDdT9aXsXcyV9eKx66gIcYUD-yUfNqgloNhGRipANo5LO5dtfpEM_-tR4HVHuE8uDZ0F6U
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
an-x-request-uuid
66cd444e-e8ff-4c27-b3cf-f24384767b99
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.153.74; 31.204.153.74; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHvzahqvaYmhak2PBYKbKuY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 14BA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1NjcwNTg2NzE1NDE5MDY2MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1NjcwNTg2NzE1NDE5MDY2MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNUXKMlTFLw1tqr-lTY7UnpcnEd_imfFDTsYlB2suXmLzMUL7viDl29dcNvICv_h3ambjCvnAT-8UrYOCPg5UrEKzarrw6fs-muXEGkJtbmkktDdT9aXsXcyV9eKx66gIcYUD-yUfNqgloNhGRipANo5LO5dtfpEM_-tR4HVHuE8uDZ0F6U
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
an-x-request-uuid
227ed763-5c4a-4216-bf48-bd0a4441801d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ1NjcwNTg2NzE1NDE5MDY2MA%3D%3D
x-proxy-origin
31.204.153.74; 31.204.153.74; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC39 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1316089507289&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC39 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1316089507289&version=m202309260101&ct=132&x=1&cor=1051189987508171500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DC39 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnBfslXvdADPCnbD58XPd_occP5X3q3JPE7rI3b6ozP_T7YMODKsMolnRowD65X7pxc1P9ONj4eh7oGDUkSq_eIdP_4JJTvQLs_wtciBDtYcSBgckciaA6qf9M3q9Uwn-sVFV2zejthm0DEu8EtkHvjnNpcpVzmtzUyJAtdaFHaT_3J33ZyrYAaidmfbNbhxiKEEsQ&cry=1&dbm_d=AKAmf-AyWPgHHL1sLW175zBjS54tAtbdt1lyV8PCFC_JgSvtgOlKTgOKewm51dnhrVAtsPaZvpyWnkebjcPvlWE_Gkwu-SI2YnMcZdPXAYH_P9hR3OGcHRFJJ9YRrmPb2a9dEnPDvNySdPEyqFqedL-M--wv4Kw_kuOmxP7vRsX77NSdiQ7aUXcwYUlq9QwjpNtSnk0ziHgy2vYd_YmHYwe_4YFNTiKo_kbQDzhK2oHLCQmlSLuKJk19hD1jDuQ_GrGFK_SAlunqc030iBpq6XJ13F-J7akWZljUIGobuFwZJ0RMeolkDfpLGdfrMhyGqED3Dvmzjd1AiqywfgD8J0O79lQyiTs1seSMj81fcyDl3ktGIJBdBWDMtvpdx_qvV1M4XSLkMof9udZMq6Db3qDrPhX3H_pYwW9ASkJOwjybrz1ySDf72kg5vPghj6kY-lG8DT_Y2MbueG9xmKTD43Yhe6Vh9JCPtFmd74eRQalVRD2LY_H-dASHdE9rYJdb65HTr5BE8NFnYO7kSLEobRwtZcbTAHNx4klUUumLew98oJGiK0cIVYhD2XOzkeMw6U-R2FrlCD3TTGd_4_0mrMK4a6LvLkn4biXv42Y4V0CtJrg0Klsz2EcWXNqLGw5vsxol1VrM4fuX4LshK4YCCXjNSOa_zwZyAOA5o4-V2DSPzjtceogY5yise75P8pz3Lk5teR93LbucHrKdr-lR7oZhgeJ_73XIq4uINQ8dGc9AklNxyXbbnlxSOsdeBqalKZYaiVcOzuvWo-h7bjTrNJxblO733lXO4KFUC4q5zCGOjcpI6oC34e56v_vUjC1_4w4u_u-eQBbuAzPDsw5QIVd5Eyfp09ot2aw_lXdqBpxjnOGioTASme-NFZNDszZnvCM9T1ae1-P860aXIKc1s0_Ub1H7XMxf8_L9GBynpSJfhlDF7L3yPjpzoZa_1NsNqq3Mz3nJgTdHk3fmPYktBRBaagNiworHtZJJZwl0s_XQE9qQjQyuW7EnXTJFnUbQC0gjbo_qm7waz8-1s3-SYP4XZArtYWJ7-j2HH2xrP78mdfbssUwa5sgz9Sb4hyvMozSL1zyhR-f9LBfwHjgdYEHU-pxZjdrMiPTIxuWTQxScNG7EbKieOuclBH6FPfLuWU02y1XCYSp77pT8igxq_t1pIlnGPPVjOk4fmlKAHxWwqV0Bz5FQS0Mj5EB2Qd2qvKYHrDc3UZdEM58Xp1TDekMX3rkXTwULufvaM2MODqw6D_sf13pmuQMnYp5zp78zEjucVb8k-C3zqHc4W02pQ_X_UNVur-31bFOlsH1pRXyrWebKwJuFuhem3XGue9oQ_rqbAjE_N1OiybAq5mHvtqUtg86GE--BVNalaW4DhdNhw3B6p0X9oJ290axTJ1ZVXEaAfZDG9xGMKc2COdIMJAhteJJb-ZvoIjtGiVjR7qdfXOYBxfA9zjtXk0F8i2ZTt0nQIMeJeKxbbzGfLfZ36PYKA5Y-Nly988HBJz32W7cMdp5aOVsxRhL5es1MKaPOuE9BLX4FGAH_478sSVuvE-jS0xW6BHif9qwSPgdI6RGX7IRCHNHFakWTKauwsOLPZ8lNYkS2JOry58ge04btEJ8sFOSsLt9qv04Nb0C4KVKrejltauGEdilIDop_mEDj6S8aSgzV6xPxDgiM4i-VqM6vqULhjixV6KrL_h4cjruvHUXe9bMoV9_BS2zDZydePVw9Fz9lKh77Se7lDtnzUkKXTpE7s0pNG8AhBsamscNboMCg2Y58qk-8XsD1PZErvbi1aV1u6S3iQdIAvVf8eVCdicUUsZrjdDUg9rmOTLEmSYNn0sHj0ASn2zls6pPnhTJO7wddmP0dQXm1DjQLplFVjc7syFa3R0XGkB7VBOgVHcNAdlBuRNRNytuTzkEeD6THq2i5rC25iAK2sKHoGNCB-FJf3ybfkU7cz-nLAnwJx7NQcnT6mWhYE4QTz_7dgSevyW1HfkOirKPvbo9lZjTtpkNbj1uiArmP1s_JPzSbLqR-Hwi9yrVh53-YPqDfovgF4z2kGcWXYYPRwgY08NpdUqsZdiAerFIwVgpDUD0VSI6Qycg2k6FEe6PzouTmA9xSoK9_Bbep7nZW6fFZvXzJyqOx7dRpVElPxGBP2kajtJYp9T8Kcb3sKs0spE4lZr_8EXbggaW7jUyQhJaWVl5AuVvkHs3FhB6ydai0ITPNFlk80k8tS2-ed3cAFqTL2nWTnFVrAN2tYQLdFfI6AIYfl5GnyIoM0p1ZSkii4rwuJ7EvoFKMbAziR1MXeope5brTZtDCJhYsZhaMsduUeuzWfGShnCr1LYvv02ez91fRBbvlsZx5kX5GYYD_cYoYAxOsWBEJf4fKaxTB30L13JgjTRH8JfQY2gYDj8ydFjg4JzGn0-54MOyAgh_EfXA85ctlX8_cTbmZBMpn3FXjLnZqwN-fsM-WIRLISPFga17ykuHmH28ouLzYl2zgq51Ja4-0FSlwTr6MzKkAifOecEDOIJapbT1XGLFSRuKNG_I0nAGe38e9eQqKXtfaaXF6CqkiacomAMI-m_J5PGuH1I3FYi2LgiZExbe1TkSWrfkRyikTwygDK_cDMzjN6F1kBp9xbGH7HGz2NCcPMyOmj_IKBu8JmWtyhVYchooT4AINWVrkLKej5ltNnzgOJuUgaGYCmtfDFnx-YX3TrSknNUup5_k5G8BqqGQKtOcqV5NqWljILAYRLXbexOAPmii6lTq3H4uopRQDNXzAiXUD96_l5BR4iVhJq5lHxSwWqfMIMdk2nM_PR1eA-l_1kuuM4PGe6g3jtPGaqV74n04vHy7b7_Suf1mitFUXRGUyBTclXeMo6CB_LlxuK1z_WilwOTJkiVU3kuwefpnhQevJQUZZBRF91hskqJRBXwAwncjw4qZZXunjWgaSffji6xch_zkZaFBME90y_h2QWFC6wFsvRTWJBhxV1hps2Ph-8sEJGELiIZ3y_CS0nbRuAPcPFZqQ4adgqcbMO5kQUrrk0-NbEOBGxjpRGcAx3ts0uKrhuJn5fd3XoYOaxvHWNc8d-ex2lGZx4imNu_R7Yh9SLbJrKmgZybt1jiq21A8bUE7qenLV7cgApAPOrrJhFCcq8e9OMaQDbPmFuJ_AXgSIQVxo1RTOCc7UqQqN7NcSwhNjdUDgeeWA3IOani8tJTonTCGymutVXoUmGn93mnn1J8s7sYKmoXIvyFg6YtUvl-YktVdl77tWOce8w3QyzJMCYUobSkvZN8x8BYz_-KnvFrhPR1JpVIKEgpF9OJzpaPpmW271XGv52FiGa3QRPslXJL0cdT0u5GgIa1Hmyr4LMx_myfAplUheAMahOMLBkvMOyydZ2DI_A9OwZz3qEeDuL5r-_uqyCDwl3-silkjX6sjy8uwBbor990uVlfgRKnyuuH4PfPFQ7fSljc9Wi4631l3kXdVtv-oBBpaI_d0lXXARxx1hYBKRujDy3oepFaAo-Wa8IqOvoZiowXOWSqnGnOPkElRqMxNIy9K0VAdMIrEn8e3jT7BRvVvLbHsPj1PrwcoFdSNnJF7z-fxnp6kxSv66XudYYLjhTGpGFCAf_BWIEA5GUDO5UqG5YBG3kFLJvL6gdqOzM-UXBY1Pq7bKPaO5I-5L6wRwI0Df-E3uDTdjeb9Xk0jnqQb2nreVkSg0N5Xnypv_--dbs79-ZfBGzCU6Q1TmTF_SMKlUTzBb1WeCKnR1BcCildq9BoNtlen2VuzW-VZDH75jTk6a-r3t0tq2KXr9TW2JaNmE6h7KHBhCyTr5RggOVZzUg_XL7Rqs5WVTRzPJ4GLcUF74Ex7_zfWo23Bsfv4v&cid=CAQSOwAvHhf_0ln8rsNMaRQZuoHMt3Gs3NAyiCRKd0Od2PQ_BAoCxsft5L_J7UzzsjXVWAqSnL7ZqbXtgXt0GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fmineleaks.eu%2F&ds=l&xdt=1&iif=1&cor=1051189987508171500&adk=250412561&idt=136&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
692d2722e5555fe9a78ce7bd51e803f8e1a0c9ed51c4eb6d3b2ade0be8ae2084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39567
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 3294 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
125840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 15:22:42 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9BFA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbJlp5j4P39kHoCK4vl4wXa8azAnugRGWi7ebxW3vPl-BLCNKT_vyOc3_iz1mWp05xJmzQhiCr0xtZj4gTFQU9BAPqVvJ1X9y-l_ngBe6e2ilHiIU0wK3qjarwoROIEFfNgVKRKjpeI_0rX4WYrU2gWkhu8uglftAbEiXZDilZ69W68NDeAW0r3HHRU3zLzS142mqqhMaejMPrPS35o7w2d1lCYgjhduogb2l8jlIQo0ZNPY8&cry=1&dbm_d=AKAmf-ADp2NCZBLQjt2BMxQdrJqyL0dotLU4ZHkUB-RaBP9TbyrXS1aFygYYL-jDpoTWaEz5jJDp0U_eYqJeNdCW0KLJ0Y16qp_YvJhyMXvyUscaUh7ahHBeS8GVK-BKu_cBlYB_sYhTVcMAVEulKcHFKMT_2ZOmEAjIBN5u0MkAlmRZT8-xTL3s97vNPXiwFkBiqkkeD5iECPr2YAjmx8IrWDV2JKXAokbBQfpchkslgMgY7TcaNt4TJi0uukHMmUbieuy2pt0wVxKi_Om0HXG9G7-zqYtWPlYZeU2YUS_N4pfEktUecgUHdSgxIEYleJMXXHsXZ8DqUc170wEacGH0UV0JaZmo1Dbnbi-fTog1zlo9XahqMdkiXjUb1MzkNKTh2XUlDtwBfFvR6aeDu0hz38nKq5OOvh5-t51qjI_ktKPgLN0Xo_voabSuy1wTf_Ous-K8IeBHsgyYmDGurMvGSPz8-DnKcsNz1smKPR6dWR1PvWtfdjEqnBN8wJBR8vmSnWIIVK1Lqkmwa9X7yY48-zxikoCY8SF8FuoJlRzrlSDzb79c2ZfAz852eW2CNnJmOfarJhJME2GwCogc0j2uQirz0Uw7UOm1QBAe06fzpIW5Lx6L5W963yJ3pHGdiX6myL3tXB-nb4ic3aUFpg_gXgvgONyfR5byvtxvzlYD9KFAwOMT9ZWqNbnY6iSDKO8Es1YdelWHO3eF696Riwc7aYjKEVsO_cfju5S7T01n14ICp42vLOaYBhmQ_DrrplJCeOWBjHhwNTHTdC_GH09omJo63HkQsWeJVbnSKoG7tdDfNUWl02Z5vkMxL7t2FUqlw1b3E1dp6NC0lazEDLVrk2Yy8xUhLT_xCZX0rB7aMCsi4_5bIC7YJQeaeIGODCZW8gKBtMBpRGS_5ODI1x-c1CE4v96fe3zGGs97wOoQ5tVxj5TY4mE7CdDlXpCXLSJsUaVOyv80yJKKxAKRk-W0BBHiR2oiWTbGW9fo3PtNgqicPQs4NIZoHeR4txaGr9BuyC_yVPUWpFjKgYJYz1Y5IyMseomPeHpxaLXxW8lxK_GoNPPfgTsaNE5Ifom9zY1PKbiJQrqhRzoMNUtJI96T_XEIt1ArM7rH7p116lATN8PF16zWNB2wPI7aVF-RMOxW3jjaxP7bTPQl4Np3Q6rgACHElv_2_LjU9feaXLuSYNrBaY-C2zb1HhreoNkLKgM0kf6N-R2CykJ-5FF-Q5grL5XMRgIgD8DIEpJzgFE0PfL0zusAoNzNfeyfluiGs57Y-8-eNmcDKnzheID5v0rMMcYhTFc2_TlGviPusgqQ3dKfvEPBG66jcOzj4z824IQ6-mhKiydjYI-vVyDftBn9IpKWX1SCBFEG37ScBb172nnGWmQHKp0aLELZ5z-8lZ24IujdOaLrHN7CcO7ElJz8DlfuyFCY4bKqXjC1q5kjS9TmQPG3BS--xyZ8rxxp4VslRXXGXDuryB0vP_b8CrTLiL19X_g1sUWMfNX27TDuHK-psGyBk-YE5SrJ4QlWoEPvVMiVbSkeTWSpj27gup7uz9_08jLbkhNTblt5LAjR5shNa5Aoah8Cwzq4X8v-efES8EvREsqwXEk5V4akSW2Owv20JLuJ_Ih6whD2ES_dxy5T840WvA3hN0aN_fD5awizPe7lVqPNKejoV9pZqBLRbFEaa3J40dbss383lAbXQQo8Cc5XcrQgOjsCQySNahErC0bCGO6GR8KHQaHZnH3HmMpHYxzVVBhY38kZojUez60PkoL9gtO4YH01hQ-TnLVxXOqW3j656psjjLkMB3FLBc_NdLCrAgcHU0OKXCfc2V-tZ0jhMiHlA_z_YyV_pZB7qa7GkWil2cCIB2r4UceV-4jVsjrphnUPR21uLn3EW6peg-fe2cyi4mQyx0KuU3qvmuvNNjEOnhJBfdoCYLSjWB01GqbLg2dHoXmUz0sW4cJkJgtDx1FhfXRorztJo3C3-Nk5Oa45B_RityMeUNAwHcF-UYBXKCW1FnYbWMHYU6K7AAqkASpDepi7RRtpYKkXWghem0K2MygN5YEgLNqqhu0_7TrOI6L-ArOs6X3goqvqDno9wODq6csOkQnqZ9H1DMa4t29QFSYHZBUQyEk27ffGDMzgxQDtfhHg8i1JdP8pkke421IG2uUPKDpR5P1IyopV43Vcq8xRtJhqyIB9_NKkb2U10bsrycDnMMVsIGeXS_ambAPEn7gZcl_WIEvfbooiyisE2tZCGpeDnSYIm4uTYXvubJZ3xuZMxvS9EYe_IAfJuAmq1o9xjx2hhkaI6f4O076E2sXGQoBdsJAOyhbrhP4cimxT8o4RhJkNsKRn9upRgwYCKaHc0h6fP1K8pS4SjvcFKaCxbb_PNgsj2fuK1XTLK6zlGnXvb6OPsc4eDKVlU_hMH-Yfq12cOoxiasrvz8hyjdC5kir_JIXodSW3vSpIRzKQRg_BgWcrADDehI1c1t1e2EJnH8qPHJ6TWWu9E5TuTDBvyzbXxUGTo0XTvwzqrRNYIKrNNtAK2c4OarfmuKze2Hg8CIrD8YTzcLbyrr8_zNwlUp-4NrBoSrI-v69_8Vzc6m3q5C3r03itro4kV6zax9H-c_EjAWKDWzM3q5wGVYmaVD0z8Jy1QshIkZ8WrAaEnd9negMMy6ICE3LW-H1uwML9ZIkvP8xSozFK8lYa1fMaE4GvWbY2seHTnVcOQh1RKnB_IHudgubkqArbmcUdbDYruMS-O87YjC9Gk0D9XST3Qiwf5k6GRNz6cTxahF7kW5iwJ9KuUg4WaNi5X1mVVbVBMEJ2c3MFORHIoeZh1ekOEoWomUrIY1EUHe4It0g-gep8LsLyFDAvLnhO7ZbdIDGMuupk2iTQu01pTdGxbEPhlFisNVPrYxnhnHpcSEMr3X2jj4yflW8n9zDnF6LH0xkQso355mu3s_xT9dFoXEFpbizpG2Fq2uHhTGOBHFf57K7GsasTNNO380MWVVIz5Q5P2klQqiwp2cXiHoU9Gb8P7zSGQlMQ4mZIjKCUsgHZyFDP1ayli_ztYXjukPYyI05PX_Gmai7htMiyUR2ZMMM72SFmP3m8kmr7qEvuWotrRgkWyMiL22zDSPf3fVMFP4siklE2H6hEmlsJ_2ZTRudbyCU5b8VXCPaE_NgR8TvCjkfR1r8xAV1NSbrVjIwD5ZlCO6oeK8UgeltEK66yxIghTc3kYPxvEVXsfLD87BsMoeP5cTZlZ-edBKT3-lpIzS1xquBhXsaDA5mnu24QQAznzlfYnROKCVma9aFw69KPVDfkJvnrBvwxqaBTThvpYeHxUwqc3PUJPydVHAa2qYyy7-XYWxD6B9HV_qbyYvQEU84TdwyAByRW9XrAaG6bTz_jMNuVifp7vE0pmUEsnHEABKTgEAKd1gwIcZQPExTVll0gmJHOusOYk_CE71CIN3Jjp2CBD7t-TV9MAFjJxxNf6r4JWAsSMyDWNoDXaXkN81kk0RNkYJFhnRtQyxYQQKHkPaCoC4V4qd8zuaX4uxRH3oHuO9DT_EsvdZeBjr3DDBqoebTTp4BAUuqCsGDiZpEd58FkbRcXaQueoLCWa-nULLNWsjEjhzfbNDfh0BhTJXwBEpVQz9uWsT4QQDxSUvCRiOnhb9kUhkiOT8gAB6JwpNV2wGcJEyCAVJbAg5YPUvtTfYtvaGH9fTHZp9A4HaL-jURInXO48jKQiKLMKDA5r9iutj7NuteASqDwPA&cid=CAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fmineleaks.eu%2F&ds=l&xdt=1&iif=1&cor=6479002467625982000&adk=1726166463&idt=112&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:39:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
96005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:39:57 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjE0OTIwMjYyOTc2MwogIHNlcnZlcl9pcDogMTM5ODAzNzQ3CiAgcHJvY2Vzc19pZDogMjMzMjI5MjA0Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 9BFA 		0
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjE0OTIwMjYyOTc2MwogIHNlcnZlcl9pcDogMTM5ODAzNzQ3CiAgcHJvY2Vzc19pZDogMjMzMjI5MjA0Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA1MzkwNDcxNDkwMTQwNDQ1NjgzCmRlYnVnX2tleTogNTY2NzY0Njc0NDYyMjczNzUyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0yNSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc4OTMyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MzgzMDIxMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTk4OTQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xc686bf079844184f0000000000000000","13":"0x1e82bec81b1694ca0000000000000000","14":"0xb61b67b6af1929950000000000000000","15":"0xe01208d7800609c60000000000000000"},"debug_key":"566764674462273752","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"5390471490140445683"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8e4hjwsd4phy
hal9000.redintelligence.net/zone/ Frame 9BFA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/8e4hjwsd4phy?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVuEFUsWxZaiKBP2vnsEPrIC8uAbM-Yagafu5x__3D_AuEAEgoJL4nQFgkYSghYwYyAEJqQLMUqbDsUqyPqgDAcgDm4SAgASqBOwBT9Bv_o8AEMi9F7zSbdWaSgZJ2BnCVyUY_2T2j2qDSkgSPW42FKq79heoiJrfhFp74890SzEYP6Fgh-HOU-hOGeQc1RNIbjRvqknhWnDQlsNuq4K5pbAkPfTe-9CVfnAMWoTzU-E0IHur5ktg8W2SQh1uQTJSwHcsVAG4FryaF_sHp4R9P09weeZcIngsSNE4IGVGbWb_Ja2t48Q1MVC9EZgUuhyJKHqG5Ot-VMv8KuCGVLfF4YD3TgSiduZLSVz397xlenKQQlblrtuFuJrd4UDGO8tY2dZm5527qgbJe2WGbfyJcTQxxsmB4vHABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjsD9iL33gwOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE%26sig%3DAOD64_0dT9gKRU7OKPeeNVyieO8SZj6rlA%26client%3Dca-pub-8535330373635729%26dbm_c%3DAKAmf-CpnvSPa0Z1rfRk7wRJKspsmqXS-8X1bZayw4kLw_04kKVsrIdCE0ZOMuFXIsVxPB_Z_MMxt_BUOu-Xw4TEJBvzu_MD3a1WfAEIwjuTDOj0gzOOaIqsNu4_A41kX-QQNXx8LTKBcjRAhcmXeqFSzu4ZtZuR1oDgYE_JA4540ARThNa_UNRpka6w9EIY_gJPtFE3D0z3M6LQS7HzXhaPUHqC9fwi49yUy_nlyIHOXXulsPBxUHQ%26cry%3D1%26dbm_d%3DAKAmf-B7hOYN_JhcjnXsfz0AhyK0Ut2eHDWA7Nkf64fARCKtPUHlC2b8QMvN6SV13uiLJjzNC5EcfOm6C5oGjjnqZBp-JCeljGt9OzGJpERDeE0sPju9hCb8ZX8ZPKs9rWrZJCGHYFz4ZN7hfaEg5MYnzpfkFneMUPG3TRvWwJZJO-yTglUIhf6EKNyn63-dsfWJQV1AySzBzYPms2rHxoPyVazzO6ZGWCmoOkGA1gnKszRhp9naIY9Gl8EJbJV0tiyEYE0eXVdZQK13LUYC-Qm3G_b0O8EeBgWXSV3l5qN0tddrWwUHnBwb1mJ3o5BiQlUV3MemqRKRZC7KdUWZ992ZADAHg_oOKmVE-r1QHh1J3ZYc334uoGt2eJTA66hIh76FVxqM5U3W1edPz6dK2x7O4UWMsCg18CW6veA97VoolP8OxJZJTJO7cYfMwDG1tJAZd9Z6egbwH3cNJAnw-i2nC8jDWIh5NKZyC_gZ0Y-zEjV-fMdNK7szmhWjL6B0EJU-BSyuEeyT7-pyrVt3uDUAmSkMaZYYE6fojQc5udg9aV4JYnbLNTN7jm3cI4Up1eSVQ_gZSOgX69n8C1iDWCtoUFFGuMp6a6Wovp4GbGsJZZS7Dv49woQ%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
59f33071ca28485a2b0235155104ab0323441aada1611add44f3adcb2587e7b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4223
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame FAA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDDD-LM_zR1T2Qea53PkI&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDDD-LM_zR1T2Qea53PkI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYz62yggIwAQ&v=APEucNUu3hQRWkbItYWq7kCHJWircEoagVMRY9hHActm9wqMqbJ5SXQlsC6XDxhm4uYLJERZnczjs2rggpK1O9ivFaROKfKzxQX_VH9BbT2N4Q00p0uDxIDsJjT1BUbvDA69-TcjG4U_bhMbt295frHiYy3s3Jk_0sviwhfZK85dLlOKdXKtxN4
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMnDDD-LM_zR1T2Qea53PkI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame FAA5 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYz62yggIwAQ&v=APEucNUu3hQRWkbItYWq7kCHJWircEoagVMRY9hHActm9wqMqbJ5SXQlsC6XDxhm4uYLJERZnczjs2rggpK1O9ivFaROKfKzxQX_VH9BbT2N4Q00p0uDxIDsJjT1BUbvDA69-TcjG4U_bhMbt295frHiYy3s3Jk_0sviwhfZK85dLlOKdXKtxN4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame FAA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGda3CCOPV8NcMZBSRRrMew&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGda3CCOPV8NcMZBSRRrMew&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYz62yggIwAQ&v=APEucNUu3hQRWkbItYWq7kCHJWircEoagVMRY9hHActm9wqMqbJ5SXQlsC6XDxhm4uYLJERZnczjs2rggpK1O9ivFaROKfKzxQX_VH9BbT2N4Q00p0uDxIDsJjT1BUbvDA69-TcjG4U_bhMbt295frHiYy3s3Jk_0sviwhfZK85dLlOKdXKtxN4
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 02:20:02 GMT
pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEGda3CCOPV8NcMZBSRRrMew&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame FAA5 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIfHNhCD6DYYz62yggIwAQ&v=APEucNUu3hQRWkbItYWq7kCHJWircEoagVMRY9hHActm9wqMqbJ5SXQlsC6XDxhm4uYLJERZnczjs2rggpK1O9ivFaROKfKzxQX_VH9BbT2N4Q00p0uDxIDsJjT1BUbvDA69-TcjG4U_bhMbt295frHiYy3s3Jk_0sviwhfZK85dLlOKdXKtxN4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 02:20:02 GMT
pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame DC39 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame DC39 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnBfslXvdADPCnbD58XPd_occP5X3q3JPE7rI3b6ozP_T7YMODKsMolnRowD65X7pxc1P9ONj4eh7oGDUkSq_eIdP_4JJTvQLs_wtciBDtYcSBgckciaA6qf9M3q9Uwn-sVFV2zejthm0DEu8EtkHvjnNpcpVzmtzUyJAtdaFHaT_3J33ZyrYAaidmfbNbhxiKEEsQ&cry=1&dbm_d=AKAmf-AyWPgHHL1sLW175zBjS54tAtbdt1lyV8PCFC_JgSvtgOlKTgOKewm51dnhrVAtsPaZvpyWnkebjcPvlWE_Gkwu-SI2YnMcZdPXAYH_P9hR3OGcHRFJJ9YRrmPb2a9dEnPDvNySdPEyqFqedL-M--wv4Kw_kuOmxP7vRsX77NSdiQ7aUXcwYUlq9QwjpNtSnk0ziHgy2vYd_YmHYwe_4YFNTiKo_kbQDzhK2oHLCQmlSLuKJk19hD1jDuQ_GrGFK_SAlunqc030iBpq6XJ13F-J7akWZljUIGobuFwZJ0RMeolkDfpLGdfrMhyGqED3Dvmzjd1AiqywfgD8J0O79lQyiTs1seSMj81fcyDl3ktGIJBdBWDMtvpdx_qvV1M4XSLkMof9udZMq6Db3qDrPhX3H_pYwW9ASkJOwjybrz1ySDf72kg5vPghj6kY-lG8DT_Y2MbueG9xmKTD43Yhe6Vh9JCPtFmd74eRQalVRD2LY_H-dASHdE9rYJdb65HTr5BE8NFnYO7kSLEobRwtZcbTAHNx4klUUumLew98oJGiK0cIVYhD2XOzkeMw6U-R2FrlCD3TTGd_4_0mrMK4a6LvLkn4biXv42Y4V0CtJrg0Klsz2EcWXNqLGw5vsxol1VrM4fuX4LshK4YCCXjNSOa_zwZyAOA5o4-V2DSPzjtceogY5yise75P8pz3Lk5teR93LbucHrKdr-lR7oZhgeJ_73XIq4uINQ8dGc9AklNxyXbbnlxSOsdeBqalKZYaiVcOzuvWo-h7bjTrNJxblO733lXO4KFUC4q5zCGOjcpI6oC34e56v_vUjC1_4w4u_u-eQBbuAzPDsw5QIVd5Eyfp09ot2aw_lXdqBpxjnOGioTASme-NFZNDszZnvCM9T1ae1-P860aXIKc1s0_Ub1H7XMxf8_L9GBynpSJfhlDF7L3yPjpzoZa_1NsNqq3Mz3nJgTdHk3fmPYktBRBaagNiworHtZJJZwl0s_XQE9qQjQyuW7EnXTJFnUbQC0gjbo_qm7waz8-1s3-SYP4XZArtYWJ7-j2HH2xrP78mdfbssUwa5sgz9Sb4hyvMozSL1zyhR-f9LBfwHjgdYEHU-pxZjdrMiPTIxuWTQxScNG7EbKieOuclBH6FPfLuWU02y1XCYSp77pT8igxq_t1pIlnGPPVjOk4fmlKAHxWwqV0Bz5FQS0Mj5EB2Qd2qvKYHrDc3UZdEM58Xp1TDekMX3rkXTwULufvaM2MODqw6D_sf13pmuQMnYp5zp78zEjucVb8k-C3zqHc4W02pQ_X_UNVur-31bFOlsH1pRXyrWebKwJuFuhem3XGue9oQ_rqbAjE_N1OiybAq5mHvtqUtg86GE--BVNalaW4DhdNhw3B6p0X9oJ290axTJ1ZVXEaAfZDG9xGMKc2COdIMJAhteJJb-ZvoIjtGiVjR7qdfXOYBxfA9zjtXk0F8i2ZTt0nQIMeJeKxbbzGfLfZ36PYKA5Y-Nly988HBJz32W7cMdp5aOVsxRhL5es1MKaPOuE9BLX4FGAH_478sSVuvE-jS0xW6BHif9qwSPgdI6RGX7IRCHNHFakWTKauwsOLPZ8lNYkS2JOry58ge04btEJ8sFOSsLt9qv04Nb0C4KVKrejltauGEdilIDop_mEDj6S8aSgzV6xPxDgiM4i-VqM6vqULhjixV6KrL_h4cjruvHUXe9bMoV9_BS2zDZydePVw9Fz9lKh77Se7lDtnzUkKXTpE7s0pNG8AhBsamscNboMCg2Y58qk-8XsD1PZErvbi1aV1u6S3iQdIAvVf8eVCdicUUsZrjdDUg9rmOTLEmSYNn0sHj0ASn2zls6pPnhTJO7wddmP0dQXm1DjQLplFVjc7syFa3R0XGkB7VBOgVHcNAdlBuRNRNytuTzkEeD6THq2i5rC25iAK2sKHoGNCB-FJf3ybfkU7cz-nLAnwJx7NQcnT6mWhYE4QTz_7dgSevyW1HfkOirKPvbo9lZjTtpkNbj1uiArmP1s_JPzSbLqR-Hwi9yrVh53-YPqDfovgF4z2kGcWXYYPRwgY08NpdUqsZdiAerFIwVgpDUD0VSI6Qycg2k6FEe6PzouTmA9xSoK9_Bbep7nZW6fFZvXzJyqOx7dRpVElPxGBP2kajtJYp9T8Kcb3sKs0spE4lZr_8EXbggaW7jUyQhJaWVl5AuVvkHs3FhB6ydai0ITPNFlk80k8tS2-ed3cAFqTL2nWTnFVrAN2tYQLdFfI6AIYfl5GnyIoM0p1ZSkii4rwuJ7EvoFKMbAziR1MXeope5brTZtDCJhYsZhaMsduUeuzWfGShnCr1LYvv02ez91fRBbvlsZx5kX5GYYD_cYoYAxOsWBEJf4fKaxTB30L13JgjTRH8JfQY2gYDj8ydFjg4JzGn0-54MOyAgh_EfXA85ctlX8_cTbmZBMpn3FXjLnZqwN-fsM-WIRLISPFga17ykuHmH28ouLzYl2zgq51Ja4-0FSlwTr6MzKkAifOecEDOIJapbT1XGLFSRuKNG_I0nAGe38e9eQqKXtfaaXF6CqkiacomAMI-m_J5PGuH1I3FYi2LgiZExbe1TkSWrfkRyikTwygDK_cDMzjN6F1kBp9xbGH7HGz2NCcPMyOmj_IKBu8JmWtyhVYchooT4AINWVrkLKej5ltNnzgOJuUgaGYCmtfDFnx-YX3TrSknNUup5_k5G8BqqGQKtOcqV5NqWljILAYRLXbexOAPmii6lTq3H4uopRQDNXzAiXUD96_l5BR4iVhJq5lHxSwWqfMIMdk2nM_PR1eA-l_1kuuM4PGe6g3jtPGaqV74n04vHy7b7_Suf1mitFUXRGUyBTclXeMo6CB_LlxuK1z_WilwOTJkiVU3kuwefpnhQevJQUZZBRF91hskqJRBXwAwncjw4qZZXunjWgaSffji6xch_zkZaFBME90y_h2QWFC6wFsvRTWJBhxV1hps2Ph-8sEJGELiIZ3y_CS0nbRuAPcPFZqQ4adgqcbMO5kQUrrk0-NbEOBGxjpRGcAx3ts0uKrhuJn5fd3XoYOaxvHWNc8d-ex2lGZx4imNu_R7Yh9SLbJrKmgZybt1jiq21A8bUE7qenLV7cgApAPOrrJhFCcq8e9OMaQDbPmFuJ_AXgSIQVxo1RTOCc7UqQqN7NcSwhNjdUDgeeWA3IOani8tJTonTCGymutVXoUmGn93mnn1J8s7sYKmoXIvyFg6YtUvl-YktVdl77tWOce8w3QyzJMCYUobSkvZN8x8BYz_-KnvFrhPR1JpVIKEgpF9OJzpaPpmW271XGv52FiGa3QRPslXJL0cdT0u5GgIa1Hmyr4LMx_myfAplUheAMahOMLBkvMOyydZ2DI_A9OwZz3qEeDuL5r-_uqyCDwl3-silkjX6sjy8uwBbor990uVlfgRKnyuuH4PfPFQ7fSljc9Wi4631l3kXdVtv-oBBpaI_d0lXXARxx1hYBKRujDy3oepFaAo-Wa8IqOvoZiowXOWSqnGnOPkElRqMxNIy9K0VAdMIrEn8e3jT7BRvVvLbHsPj1PrwcoFdSNnJF7z-fxnp6kxSv66XudYYLjhTGpGFCAf_BWIEA5GUDO5UqG5YBG3kFLJvL6gdqOzM-UXBY1Pq7bKPaO5I-5L6wRwI0Df-E3uDTdjeb9Xk0jnqQb2nreVkSg0N5Xnypv_--dbs79-ZfBGzCU6Q1TmTF_SMKlUTzBb1WeCKnR1BcCildq9BoNtlen2VuzW-VZDH75jTk6a-r3t0tq2KXr9TW2JaNmE6h7KHBhCyTr5RggOVZzUg_XL7Rqs5WVTRzPJ4GLcUF74Ex7_zfWo23Bsfv4v&cid=CAQSOwAvHhf_0ln8rsNMaRQZuoHMt3Gs3NAyiCRKd0Od2PQ_BAoCxsft5L_J7UzzsjXVWAqSnL7ZqbXtgXt0GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fmineleaks.eu%2F&ds=l&xdt=1&iif=1&cor=1051189987508171500&adk=250412561&idt=136&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:58:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
8481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:58:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame DC39 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnBfslXvdADPCnbD58XPd_occP5X3q3JPE7rI3b6ozP_T7YMODKsMolnRowD65X7pxc1P9ONj4eh7oGDUkSq_eIdP_4JJTvQLs_wtciBDtYcSBgckciaA6qf9M3q9Uwn-sVFV2zejthm0DEu8EtkHvjnNpcpVzmtzUyJAtdaFHaT_3J33ZyrYAaidmfbNbhxiKEEsQ&cry=1&dbm_d=AKAmf-AyWPgHHL1sLW175zBjS54tAtbdt1lyV8PCFC_JgSvtgOlKTgOKewm51dnhrVAtsPaZvpyWnkebjcPvlWE_Gkwu-SI2YnMcZdPXAYH_P9hR3OGcHRFJJ9YRrmPb2a9dEnPDvNySdPEyqFqedL-M--wv4Kw_kuOmxP7vRsX77NSdiQ7aUXcwYUlq9QwjpNtSnk0ziHgy2vYd_YmHYwe_4YFNTiKo_kbQDzhK2oHLCQmlSLuKJk19hD1jDuQ_GrGFK_SAlunqc030iBpq6XJ13F-J7akWZljUIGobuFwZJ0RMeolkDfpLGdfrMhyGqED3Dvmzjd1AiqywfgD8J0O79lQyiTs1seSMj81fcyDl3ktGIJBdBWDMtvpdx_qvV1M4XSLkMof9udZMq6Db3qDrPhX3H_pYwW9ASkJOwjybrz1ySDf72kg5vPghj6kY-lG8DT_Y2MbueG9xmKTD43Yhe6Vh9JCPtFmd74eRQalVRD2LY_H-dASHdE9rYJdb65HTr5BE8NFnYO7kSLEobRwtZcbTAHNx4klUUumLew98oJGiK0cIVYhD2XOzkeMw6U-R2FrlCD3TTGd_4_0mrMK4a6LvLkn4biXv42Y4V0CtJrg0Klsz2EcWXNqLGw5vsxol1VrM4fuX4LshK4YCCXjNSOa_zwZyAOA5o4-V2DSPzjtceogY5yise75P8pz3Lk5teR93LbucHrKdr-lR7oZhgeJ_73XIq4uINQ8dGc9AklNxyXbbnlxSOsdeBqalKZYaiVcOzuvWo-h7bjTrNJxblO733lXO4KFUC4q5zCGOjcpI6oC34e56v_vUjC1_4w4u_u-eQBbuAzPDsw5QIVd5Eyfp09ot2aw_lXdqBpxjnOGioTASme-NFZNDszZnvCM9T1ae1-P860aXIKc1s0_Ub1H7XMxf8_L9GBynpSJfhlDF7L3yPjpzoZa_1NsNqq3Mz3nJgTdHk3fmPYktBRBaagNiworHtZJJZwl0s_XQE9qQjQyuW7EnXTJFnUbQC0gjbo_qm7waz8-1s3-SYP4XZArtYWJ7-j2HH2xrP78mdfbssUwa5sgz9Sb4hyvMozSL1zyhR-f9LBfwHjgdYEHU-pxZjdrMiPTIxuWTQxScNG7EbKieOuclBH6FPfLuWU02y1XCYSp77pT8igxq_t1pIlnGPPVjOk4fmlKAHxWwqV0Bz5FQS0Mj5EB2Qd2qvKYHrDc3UZdEM58Xp1TDekMX3rkXTwULufvaM2MODqw6D_sf13pmuQMnYp5zp78zEjucVb8k-C3zqHc4W02pQ_X_UNVur-31bFOlsH1pRXyrWebKwJuFuhem3XGue9oQ_rqbAjE_N1OiybAq5mHvtqUtg86GE--BVNalaW4DhdNhw3B6p0X9oJ290axTJ1ZVXEaAfZDG9xGMKc2COdIMJAhteJJb-ZvoIjtGiVjR7qdfXOYBxfA9zjtXk0F8i2ZTt0nQIMeJeKxbbzGfLfZ36PYKA5Y-Nly988HBJz32W7cMdp5aOVsxRhL5es1MKaPOuE9BLX4FGAH_478sSVuvE-jS0xW6BHif9qwSPgdI6RGX7IRCHNHFakWTKauwsOLPZ8lNYkS2JOry58ge04btEJ8sFOSsLt9qv04Nb0C4KVKrejltauGEdilIDop_mEDj6S8aSgzV6xPxDgiM4i-VqM6vqULhjixV6KrL_h4cjruvHUXe9bMoV9_BS2zDZydePVw9Fz9lKh77Se7lDtnzUkKXTpE7s0pNG8AhBsamscNboMCg2Y58qk-8XsD1PZErvbi1aV1u6S3iQdIAvVf8eVCdicUUsZrjdDUg9rmOTLEmSYNn0sHj0ASn2zls6pPnhTJO7wddmP0dQXm1DjQLplFVjc7syFa3R0XGkB7VBOgVHcNAdlBuRNRNytuTzkEeD6THq2i5rC25iAK2sKHoGNCB-FJf3ybfkU7cz-nLAnwJx7NQcnT6mWhYE4QTz_7dgSevyW1HfkOirKPvbo9lZjTtpkNbj1uiArmP1s_JPzSbLqR-Hwi9yrVh53-YPqDfovgF4z2kGcWXYYPRwgY08NpdUqsZdiAerFIwVgpDUD0VSI6Qycg2k6FEe6PzouTmA9xSoK9_Bbep7nZW6fFZvXzJyqOx7dRpVElPxGBP2kajtJYp9T8Kcb3sKs0spE4lZr_8EXbggaW7jUyQhJaWVl5AuVvkHs3FhB6ydai0ITPNFlk80k8tS2-ed3cAFqTL2nWTnFVrAN2tYQLdFfI6AIYfl5GnyIoM0p1ZSkii4rwuJ7EvoFKMbAziR1MXeope5brTZtDCJhYsZhaMsduUeuzWfGShnCr1LYvv02ez91fRBbvlsZx5kX5GYYD_cYoYAxOsWBEJf4fKaxTB30L13JgjTRH8JfQY2gYDj8ydFjg4JzGn0-54MOyAgh_EfXA85ctlX8_cTbmZBMpn3FXjLnZqwN-fsM-WIRLISPFga17ykuHmH28ouLzYl2zgq51Ja4-0FSlwTr6MzKkAifOecEDOIJapbT1XGLFSRuKNG_I0nAGe38e9eQqKXtfaaXF6CqkiacomAMI-m_J5PGuH1I3FYi2LgiZExbe1TkSWrfkRyikTwygDK_cDMzjN6F1kBp9xbGH7HGz2NCcPMyOmj_IKBu8JmWtyhVYchooT4AINWVrkLKej5ltNnzgOJuUgaGYCmtfDFnx-YX3TrSknNUup5_k5G8BqqGQKtOcqV5NqWljILAYRLXbexOAPmii6lTq3H4uopRQDNXzAiXUD96_l5BR4iVhJq5lHxSwWqfMIMdk2nM_PR1eA-l_1kuuM4PGe6g3jtPGaqV74n04vHy7b7_Suf1mitFUXRGUyBTclXeMo6CB_LlxuK1z_WilwOTJkiVU3kuwefpnhQevJQUZZBRF91hskqJRBXwAwncjw4qZZXunjWgaSffji6xch_zkZaFBME90y_h2QWFC6wFsvRTWJBhxV1hps2Ph-8sEJGELiIZ3y_CS0nbRuAPcPFZqQ4adgqcbMO5kQUrrk0-NbEOBGxjpRGcAx3ts0uKrhuJn5fd3XoYOaxvHWNc8d-ex2lGZx4imNu_R7Yh9SLbJrKmgZybt1jiq21A8bUE7qenLV7cgApAPOrrJhFCcq8e9OMaQDbPmFuJ_AXgSIQVxo1RTOCc7UqQqN7NcSwhNjdUDgeeWA3IOani8tJTonTCGymutVXoUmGn93mnn1J8s7sYKmoXIvyFg6YtUvl-YktVdl77tWOce8w3QyzJMCYUobSkvZN8x8BYz_-KnvFrhPR1JpVIKEgpF9OJzpaPpmW271XGv52FiGa3QRPslXJL0cdT0u5GgIa1Hmyr4LMx_myfAplUheAMahOMLBkvMOyydZ2DI_A9OwZz3qEeDuL5r-_uqyCDwl3-silkjX6sjy8uwBbor990uVlfgRKnyuuH4PfPFQ7fSljc9Wi4631l3kXdVtv-oBBpaI_d0lXXARxx1hYBKRujDy3oepFaAo-Wa8IqOvoZiowXOWSqnGnOPkElRqMxNIy9K0VAdMIrEn8e3jT7BRvVvLbHsPj1PrwcoFdSNnJF7z-fxnp6kxSv66XudYYLjhTGpGFCAf_BWIEA5GUDO5UqG5YBG3kFLJvL6gdqOzM-UXBY1Pq7bKPaO5I-5L6wRwI0Df-E3uDTdjeb9Xk0jnqQb2nreVkSg0N5Xnypv_--dbs79-ZfBGzCU6Q1TmTF_SMKlUTzBb1WeCKnR1BcCildq9BoNtlen2VuzW-VZDH75jTk6a-r3t0tq2KXr9TW2JaNmE6h7KHBhCyTr5RggOVZzUg_XL7Rqs5WVTRzPJ4GLcUF74Ex7_zfWo23Bsfv4v&cid=CAQSOwAvHhf_0ln8rsNMaRQZuoHMt3Gs3NAyiCRKd0Od2PQ_BAoCxsft5L_J7UzzsjXVWAqSnL7ZqbXtgXt0GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fmineleaks.eu%2F&ds=l&xdt=1&iif=1&cor=1051189987508171500&adk=250412561&idt=136&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
9624
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Feb 2024 23:39:38 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DC39 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:39:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
96005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:39:57 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 569E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
102650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 21:49:12 GMT
expires
Wed, 22 Jan 2025 21:49:12 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 44D5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
32958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Thu, 25 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DC39 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73c261c7249907c1f697f2e14a2fc3adb6c230bc13556be0ca8525901f57950f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
request.php
hal90005.redintelligence.net/ Frame 9BFA
Redirect Chain
  • https://hal90005.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=220b8ce8b8&subid=&uid=edc4551ce7cdc4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90005.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=220b8ce8b8&subid=&uid=edc4551ce7cdc4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=220b8ce8b8&subid=&uid=edc4551ce7cdc4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVuEFUsWxZaiKBP2vnsEPrIC8uAbM-Yagafu5x__3D_AuEAEgoJL4nQFgkYSghYwYyAEJqQLMUqbDsUqyPqgDAcgDm4SAgASqBOwBT9Bv_o8AEMi9F7zSbdWaSgZJ2BnCVyUY_2T2j2qDSkgSPW42FKq79heoiJrfhFp74890SzEYP6Fgh-HOU-hOGeQc1RNIbjRvqknhWnDQlsNuq4K5pbAkPfTe-9CVfnAMWoTzU-E0IHur5ktg8W2SQh1uQTJSwHcsVAG4FryaF_sHp4R9P09weeZcIngsSNE4IGVGbWb_Ja2t48Q1MVC9EZgUuhyJKHqG5Ot-VMv8KuCGVLfF4YD3TgSiduZLSVz397xlenKQQlblrtuFuJrd4UDGO8tY2dZm5527qgbJe2WGbfyJcTQxxsmB4vHABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjsD9iL33gwOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE%26sig%3DAOD64_0dT9gKRU7OKPeeNVyieO8SZj6rlA%26client%3Dca-pub-8535330373635729%26dbm_c%3DAKAmf-CpnvSPa0Z1rfRk7wRJKspsmqXS-8X1bZayw4kLw_04kKVsrIdCE0ZOMuFXIsVxPB_Z_MMxt_BUOu-Xw4TEJBvzu_MD3a1WfAEIwjuTDOj0gzOOaIqsNu4_A41kX-QQNXx8LTKBcjRAhcmXeqFSzu4ZtZuR1oDgYE_JA4540ARThNa_UNRpka6w9EIY_gJPtFE3D0z3M6LQS7HzXhaPUHqC9fwi49yUy_nlyIHOXXulsPBxUHQ%26cry%3D1%26dbm_d%3DAKAmf-B7hOYN_JhcjnXsfz0AhyK0Ut2eHDWA7Nkf64fARCKtPUHlC2b8QMvN6SV13uiLJjzNC5EcfOm6C5oGjjnqZBp-JCeljGt9OzGJpERDeE0sPju9hCb8ZX8ZPKs9rWrZJCGHYFz4ZN7hfaEg5MYnzpfkFneMUPG3TRvWwJZJO-yTglUIhf6EKNyn63-dsfWJQV1AySzBzYPms2rHxoPyVazzO6ZGWCmoOkGA1gnKszRhp9naIY9Gl8EJbJV0tiyEYE0eXVdZQK13LUYC-Qm3G_b0O8EeBgWXSV3l5qN0tddrWwUHnBwb1mJ3o5BiQlUV3MemqRKRZC7KdUWZ992ZADAHg_oOKmVE-r1QHh1J3ZYc334uoGt2eJTA66hIh76FVxqM5U3W1edPz6dK2x7O4UWMsCg18CW6veA97VoolP8OxJZJTJO7cYfMwDG1tJAZd9Z6egbwH3cNJAnw-i2nC8jDWIh5NKZyC_gZ0Y-zEjV-fMdNK7szmhWjL6B0EJU-BSyuEeyT7-pyrVt3uDUAmSkMaZYYE6fojQc5udg9aV4JYnbLNTN7jm3cI4Up1eSVQ_gZSOgX69n8C1iDWCtoUFFGuMp6a6Wovp4GbGsJZZS7Dv49woQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8535330373635729%26output%3Dhtml%26h%3D90%26adk%3D793707805%26adf%3D215438296%26pi%3Dt.aa~a.3833140187~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706149199%26rafmt%3D1%26to%3Dqs%26pwprc%3D9288327111%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fmineleaks.eu%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1706149202030%26bpp%3D1%26bdt%3D1644%26idt%3D0%26shv%3Dr20240122%26mjsv%3Dm202401180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D35d066ef7b006dde%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g%26gpic%3DUID%253D00000d4962fa5d0c%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C960x280%26nras%3D5%26correlator%3D6310713474586%26frm%3D20%26pv%3D1%26ga_vid%3D1422090559.1706149201%26ga_sid%3D1706149201%26ga_hid%3D1711385791%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D4071%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31080590%252C44785293%252C95322184%252C95320868%252C95320888%252C95321627%252C95322163%26oid%3D2%26psts%3DAOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ%26pvsid%3D425656167849035%26tmod%3D1530807125%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D7&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fmineleaks.eu&random=2409902719834&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
HTTP/1.1
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
65cbabd25bc7ba6409a7b06e27b618a743ad1894b22a0587f672b102d92a4a0b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Jan 2024 02:20:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
75911500005298904444450012580005
Connection
close
Content-Length
1052
Expires
Thu, 25 Jan 2024 02:20:03 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 25 Jan 2024 02:20:02 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=220b8ce8b8&subid=&uid=edc4551ce7cdc4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVuEFUsWxZaiKBP2vnsEPrIC8uAbM-Yagafu5x__3D_AuEAEgoJL4nQFgkYSghYwYyAEJqQLMUqbDsUqyPqgDAcgDm4SAgASqBOwBT9Bv_o8AEMi9F7zSbdWaSgZJ2BnCVyUY_2T2j2qDSkgSPW42FKq79heoiJrfhFp74890SzEYP6Fgh-HOU-hOGeQc1RNIbjRvqknhWnDQlsNuq4K5pbAkPfTe-9CVfnAMWoTzU-E0IHur5ktg8W2SQh1uQTJSwHcsVAG4FryaF_sHp4R9P09weeZcIngsSNE4IGVGbWb_Ja2t48Q1MVC9EZgUuhyJKHqG5Ot-VMv8KuCGVLfF4YD3TgSiduZLSVz397xlenKQQlblrtuFuJrd4UDGO8tY2dZm5527qgbJe2WGbfyJcTQxxsmB4vHABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjsD9iL33gwOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE%26sig%3DAOD64_0dT9gKRU7OKPeeNVyieO8SZj6rlA%26client%3Dca-pub-8535330373635729%26dbm_c%3DAKAmf-CpnvSPa0Z1rfRk7wRJKspsmqXS-8X1bZayw4kLw_04kKVsrIdCE0ZOMuFXIsVxPB_Z_MMxt_BUOu-Xw4TEJBvzu_MD3a1WfAEIwjuTDOj0gzOOaIqsNu4_A41kX-QQNXx8LTKBcjRAhcmXeqFSzu4ZtZuR1oDgYE_JA4540ARThNa_UNRpka6w9EIY_gJPtFE3D0z3M6LQS7HzXhaPUHqC9fwi49yUy_nlyIHOXXulsPBxUHQ%26cry%3D1%26dbm_d%3DAKAmf-B7hOYN_JhcjnXsfz0AhyK0Ut2eHDWA7Nkf64fARCKtPUHlC2b8QMvN6SV13uiLJjzNC5EcfOm6C5oGjjnqZBp-JCeljGt9OzGJpERDeE0sPju9hCb8ZX8ZPKs9rWrZJCGHYFz4ZN7hfaEg5MYnzpfkFneMUPG3TRvWwJZJO-yTglUIhf6EKNyn63-dsfWJQV1AySzBzYPms2rHxoPyVazzO6ZGWCmoOkGA1gnKszRhp9naIY9Gl8EJbJV0tiyEYE0eXVdZQK13LUYC-Qm3G_b0O8EeBgWXSV3l5qN0tddrWwUHnBwb1mJ3o5BiQlUV3MemqRKRZC7KdUWZ992ZADAHg_oOKmVE-r1QHh1J3ZYc334uoGt2eJTA66hIh76FVxqM5U3W1edPz6dK2x7O4UWMsCg18CW6veA97VoolP8OxJZJTJO7cYfMwDG1tJAZd9Z6egbwH3cNJAnw-i2nC8jDWIh5NKZyC_gZ0Y-zEjV-fMdNK7szmhWjL6B0EJU-BSyuEeyT7-pyrVt3uDUAmSkMaZYYE6fojQc5udg9aV4JYnbLNTN7jm3cI4Up1eSVQ_gZSOgX69n8C1iDWCtoUFFGuMp6a6Wovp4GbGsJZZS7Dv49woQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8535330373635729%26output%3Dhtml%26h%3D90%26adk%3D793707805%26adf%3D215438296%26pi%3Dt.aa~a.3833140187~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706149199%26rafmt%3D1%26to%3Dqs%26pwprc%3D9288327111%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fmineleaks.eu%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1706149202030%26bpp%3D1%26bdt%3D1644%26idt%3D0%26shv%3Dr20240122%26mjsv%3Dm202401180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D35d066ef7b006dde%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g%26gpic%3DUID%253D00000d4962fa5d0c%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C960x280%26nras%3D5%26correlator%3D6310713474586%26frm%3D20%26pv%3D1%26ga_vid%3D1422090559.1706149201%26ga_sid%3D1706149201%26ga_hid%3D1711385791%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D4071%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31080590%252C44785293%252C95322184%252C95320868%252C95320888%252C95321627%252C95322163%26oid%3D2%26psts%3DAOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ%26pvsid%3D425656167849035%26tmod%3D1530807125%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D7&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fmineleaks.eu&random=2409902719834&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 25 Jan 2024 02:20:02 +0100
dpixel
cms.quantserve.com/ Frame 44D5 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMrm7LHNynO6jWjwGgCmKe4&google_cver=1&google_push=AXcoOmSOglWryr0Hp2RM3VM4vyrgoZ7k8wqgYwq9awT2YdZcyPcv0M0UeRIV5fsdrAQ9vD8vj_Ny76CTKd7xcgJpT7d7gYO0OcJdkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 44D5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFok_S6m_OUy9EpMji4po2I&google_cver=1&google_push=AXcoOmSjbYCUnZ7uY89AykO5gwcKQcA4RVc56bSJdItik1pLTUeOFis_owMOEfWNA0i52xGHSu2HRJxGrOEgE3RvHB0BbGYKWs9OOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 44D5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF7ioI54On7niKpS2XjWCr0&google_cver=1&google_push=AXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJ...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7ioI54On7niKpS2XjWCr0&google_cver=1&google_push=AXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZk...
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7ioI54On7niKpS2XjWCr0&google_cver=1&google_push=AXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84ad08e72cf00a6c-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
32
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7ioI54On7niKpS2XjWCr0&google_cver=1&google_push=AXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFMlTFtTUswlJnG3AO2aIiHsx9VgtcqCqSyubxfZLKrpC5XkLinyjmw6sW00KZEhEzqukC_JjbLzgkJ-Ewht_UUHdstZktJCU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84ad08e5fb590a6c-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEM1GrngcFHmbNuPwoUAU3E&google_cver=1&google_push=AXcoOmQnEHDklUVmzfNRQNMOwOwIzDVRfQ-TLcACzEiFzyD6ADS1GW_3hls8pud5aDQRRYCmpvJHKtHmyWacgGCq1tzvwuJ4CM17lY0
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQnEHDklUVmzfNRQNMOwOwIzDVRfQ-TLcACzEiFzyD6ADS1GW_3hls8pud5aDQRRYCmpvJHKtHmyWacgGCq1tzvwuJ4CM17lY0&google_hm=Q0FFU0VFTTFHcm5nY0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQnEHDklUVmzfNRQNMOwOwIzDVRfQ-TLcACzEiFzyD6ADS1GW_3hls8pud5aDQRRYCmpvJHKtHmyWacgGCq1tzvwuJ4CM17lY0&google_hm=Q0FFU0VFTTFHcm5nY0ZIbWJOdVB3b1VBVTNF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Jan 2024 02:20:02 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQnEHDklUVmzfNRQNMOwOwIzDVRfQ-TLcACzEiFzyD6ADS1GW_3hls8pud5aDQRRYCmpvJHKtHmyWacgGCq1tzvwuJ4CM17lY0&google_hm=Q0FFU0VFTTFHcm5nY0ZIbWJOdVB3b1VBVTNF
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMYdHS2AUBIP5HN3qD0dF3g&google_cver=1&google_push=AXcoOmSBi4lX-YJ7SeDboN3jZlEGHsGiLYKHLAYIECZKpfRfZiaYMDaEPQPLhswukgHVRjzetvcDLCh6vJqd3pZP...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=794HVfLeSbA7_p9-RE8kHQ&google_push=AXcoOmSBi4lX-YJ7SeDboN3jZlEGHsGiLYKHLAYIECZKpfRfZiaYMDaEPQPLhswukgHVRjzetvcDLCh6vJqd3pZP4di28mdTQwSxBRk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=794HVfLeSbA7_p9-RE8kHQ&google_push=AXcoOmSBi4lX-YJ7SeDboN3jZlEGHsGiLYKHLAYIECZKpfRfZiaYMDaEPQPLhswukgHVRjzetvcDLCh6vJqd3pZP4di28mdTQwSxBRk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Jan 2024 02:20:02 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=794HVfLeSbA7_p9-RE8kHQ&google_push=AXcoOmSBi4lX-YJ7SeDboN3jZlEGHsGiLYKHLAYIECZKpfRfZiaYMDaEPQPLhswukgHVRjzetvcDLCh6vJqd3pZP4di28mdTQwSxBRk
x-host
tde-deliveryengine-production-5db7bf8975-k484n
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENS5fpnIwcIrFeVGjD39hLY&google_cver=1&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz73PFB...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENS5fpnIwcIrFeVGjD39hLY&google_cver=1&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz73P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz73PFBTb5Dk6DzIdhy3TEvCcJ94g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmRfX-dhIVCpGj0mLebYu-rx_7ToQXveXj3mNiF9JJybKzbbwVefxE4XJAmuk_MXKerL9Fz73PFBTb5Dk6DzIdhy3TEvCcJ94g
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH7jEYPZyCnUMSMERSxuSWE&google_cver=1&google_push=AXcoOmRTzygNJSkcDlx3NRpQLz5Pi-riPajX8R1ErbgHd5_oSmT1MxyLEf7x2qfQMjSEZU4t8PS-ZcOLADVd...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRTzygNJSkcDlx3NRpQLz5Pi-riPajX8R1ErbgHd5_oSmT1MxyLEf7x2qfQMjSEZU4t8PS-ZcOLADVdb10DgznH82q2TGyWTpw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRTzygNJSkcDlx3NRpQLz5Pi-riPajX8R1ErbgHd5_oSmT1MxyLEf7x2qfQMjSEZU4t8PS-ZcOLADVdb10DgznH82q2TGyWTpw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRTzygNJSkcDlx3NRpQLz5Pi-riPajX8R1ErbgHd5_oSmT1MxyLEf7x2qfQMjSEZU4t8PS-ZcOLADVdb10DgznH82q2TGyWTpw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 44D5 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGotD3URHIQSebAgAN6PqYJtiuewnsEg2kZYvlEjZ6PFYNqu0sU3pJdSlfrtya-XvXvCK7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8F47 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
102650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 21:49:12 GMT
expires
Wed, 22 Jan 2025 21:49:12 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 569E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 21:28:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
17511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 21:28:11 GMT
index.html
s0.2mdn.net/sadbundle/11353605478534873088/ Frame B9FC 		63 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
324a9d60145589c25ccc1c032c6f6763c0d3486b7a3551e193687f4b2b7565f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:02 GMT
expires
Fri, 24 Jan 2025 02:20:02 GMT
last-modified
Fri, 22 Dec 2023 12:30:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DC39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIQ6HZkH92WurAwKvLGE8-_BAjivQSJJWW7qUSZ1_WGmH7QKmSikRUDQw7qVCDEGrFAcrfpikcLKoLcgpJUcrAAFyQz9PTaK5t2AIbNXq-mnkgTEl2m49mtVnWkwBV_vv7rmfMpgq1kbGiSdbDkGnqE7MJlnL8Yo5tNT4WAjApsLUZs0UEXfrB1LFL65SfonylbOuU2lxgHk-R6D3OWRAxMsatcqtS9JHxTMImuySGCaXlFz2e6ItEYlbLzpS80csPWVfU4d4DjSWff6N35ai5XgzGv3SApWJ8SI3O3ebfGV6zihVH_STr99tjyCVvxB1zJPpe39SnNNNX7B624yp2nVU-IhrWoiPTozqA8KR1ZaN9NMv-iz-ncY9CK4CcCXobmguX6duGlp91WLN5HaGxxrgIawIojjNp06JEkkO6mjFRMX-RKceFewuH_1i1GJWYdR0unekaOhaJJudA2F_23uErYkCzUPVr5zkpIo9KG9n3FTnZ8E77Gul1GpKqErg077PRHoXYYWPFQqoaxbQmnNVW3BQX9AvzzD0F8CVJjAFY1s9vP9NkHW3OakoomlbSzptBRBW1g64rMyoFL0BNqPmYXknSx7nclejnBgwWxgMUt8DmXe-q7csyXlxaHcIS3R3zNgl1Qgvf28eB-MoZPBlxQHFSum6xIuDGBfV-dGCkL9xkQTMsAEh_RhdV1681dWK8DfePmJWhR7Y3fTZwlEzK7ZTcL5nyaEfxSG3OSmTZbiafTNQVY4JhC-31HHDl6NOyCJC_mfmcC2VsYhx8rCDTplR2IrmZ77r0wGI5k6VyhB_KFIfv_h_DFS9hEmGCf3VklC91kJGGnrTTjdjwxVr_Uop04BShqCrR_igiLZYY26O22iP6gd9EEA3eB3imxp5o399r4C_3nV60xpGAaBZzcmYbUZVJ1GxbAw5LgPd6NvUDZtf6whkpm6qWCBwK2i_AmloFFuEWUAW8LXcU7pxu9TUOJwIGe3QcFSjL3uITwm3_fdJ-XoevAy8GTWt1qCPJhHfJcr0W93wGqyBmF2hVX8C-8ceeQN5rLnpf2pR5hQQQ1o-ByaDpm3Op_Hf1r9Gwzw5FUTmrswZzK4zCNAN1M8XiIdZCKTK0MV1nB9rk9t7r_aKBf3yY7OC35uH6ZPCjUL1ZI5Sv5pWbWLsiaFIJGv5Ry1aignsDT-NVD1_8fOIQFKvlrmoT7xslR-IXctJ6g0bHQVPzOgwz_QWCPQM9vMSpupUqdyLxoSqbBOut50XR5f2Rv1bVh3I2JJstEUC2kwogmsollAtwduyXWiZLrvsnaACm41wSmk160673LmMCHg&sai=AMfl-YRZOVuIM-LhEQixN5pBww0xNl1hCWudGHFbVKL1GrlfGDAhP4nQflv4dHKiCcVYT0Hqi3fRkJArmjVElsVLrTl-IxtYhmZv3pN6zgKqSqBv61ZwGHimZsCWTPHcJynTXhGnsautp5nXlVFrFFJUGn7IEDn7Bnmrvogdoc2T4NNPvOPHs0jvLMbPQT2zMJU_vezXRVsaMtk5cAvCujyiyuC3XC5a7H77k5rcvK8Vds0PBFsPMjJwfjGlpbDmgz3p_paFnmYLftp3AN1SEzsORpO0M9sG&sig=Cg0ArKJSzMmajFuHdoWjEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=130&cisv=r20240122.05305&arae=0&ftch=1&adurl=
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 25 Jan 2024 02:20:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 8F47 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 21:28:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
17511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 21:28:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 569E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6p5qUsWxZYO4JuP41PIPzueP2AgAAAAAOAHgBAI&bg=!NDelN3jNAAa8BdJLnAU7ADQBe5WfONR0DOSUrcrCdtkljfw2iHZMj8-r6JuM77wV_Qk4PZBshiEoQUuphcZJbKOOT-e6AgAAAElSAAAAAWgBB5kDA5zE_WEryxKgNquPM21ZN0bPR8WBTF9TRG5YXRv8TsBRV8g4NvUhUToGKikxZTMGwYv89pvT-hxd49VjoKIaV29X9XGrONj8UUDYHowno4N7zx9Q3VjNcQbGHrAep8qJ3s-RlQNOhMNfM1OvKx1SonSZuusUMkE-t--2Cpf8vQx8WoOGUlc9Qe6wbJJ27IHHXEEqdy8glwLBFUmIwOhbBPD5u0gAN2XneOcmfmOvHtRNLEyAejK6hRL1DEyUczXGaR2bKZ4sDHXBdZEUldtLxpAA11ngPTowOAuUTLSD5B8bxEwjoJQMp91BAYHBtW9vAEtPujBwiwWiBaM-z_RNh1w3jbUp6v0senSPN1UdSwy5y80WHmAAM5H9kNORneMetJRZy1-rWq9l2jXdTD3MQiklawA0pmSzmtImBdpqamtAX3Wy_02XayDQQ9dR7nxMq2JAOO1z0Tz6YHitBFVQtxa21wJFn62pyi0zmFd_JTeVTbVEhnyZzUL2oDuY0R6XtX1f22wZC_qeyf3UFvOCkxlSEKR9TufV-_9zPV5mf648qzHVnmrxZ8ADRkBZfGaUkFlB7wlyqlWWG44X3aHNXJ5mg86_oS3kgXvND4gACCeoNpUTiWm3855r2yhq0EVw2WbmCTLjGzhkB84dSN9c9zCtQzEaxagvD1lGNFRaXndDHrWFA3Exl-vzWXQRbdMhUFxiIRUEBu7HIPQNrRWwQTVZ2F-y1E-8cZ0DxueChMc1cLUB_oDH-a6KGFq-vFjzdSwY4WD33xyOg9BPCg0w1zpkhXdQNzWCQ3O98v5YyHeaAhTibGtl_IzBQo_x-NrNc5wmmSsy9YcE3rpJ4ZrMf29qVivA8asEbWy9nroKkYNriAapQbKYoL4EboOdC9ynqmXEfI__ey0dRvhhGqw4NQImL3jSD-4SMlrP79jTvdslW8FRooUGTsdOLg6mY_Qoc5fWjHP63LcwN8ZmGJyBX-C7-HcEEXBxUMM1McHmYLYythQ7xoMtFINwfYCyfSIjMo2LGg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/11353605478534873088/ Frame B9FC 		265 B
198 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11353605478534873088/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a866923ca4f6059c079c84979bca68019aedf05ae6c2d68bb139d567ea35a98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 07:46:03 GMT
date
Wed, 24 Jan 2024 07:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66839
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 12:30:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B9FC 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 02:20:03 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame B9FC 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 11:17:24 GMT
ad.js
s0.2mdn.net/sadbundle/11353605478534873088/ Frame B9FC 		63 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11353605478534873088/ad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7243f0c2c1c902978d04436da6a53ad89a2372901f2b0584f319e6053fd7c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 07:46:03 GMT
date
Wed, 24 Jan 2024 07:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66839
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15251
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 12:30:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F47 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BelBuUsWxZfn4KaON7_UPte2LgAcAAAAAOAHgBAI&bg=!OTqlOnXNAAa8BdJLnAU7ADQBe5WfOCqQ5K1wvrfAsS8tTc8b9ARuXLQsdW7Tsf8nSSXiCEyx5-QclzyO66eJ5_n9Db2WAgAAADFSAAAAAWgBB5kC1sdfB01ovUF4JovLiN2-4u20qxILcD4TPid6xiNtJ1sA8VkCBrwgoL9pUCYy-yu_pbjnmrCU8dMb1KUf8DvhYYfNaAJ5jLPu_xoCVie3DiLhQ9q0LYUDgfbi2vLONHSbJbjkay0Zcss0S8avEDse61U86qj5vn7k3xOSz0MqalBnjpRZbqkd_Uw8bMDXmTnEeUz88-ChXACFysIFuoMYPPAO7sW0qJ_hLEzJ-CsPh2wl1FBGhWBl8PrTzFNkKDhMi_1M5nP5rl6nhIxinLS4oOFD4ajcHOxehv_SzvzcLpd-FDXZAMlcnhCajri8wFPkYL5NtRpf2LfNPCairaUoCSpCliBFnwf3czkZEXOZlHPUm8UVQcjYqxuVfkBPUyf7YHYKbFlin6cO1lvQhF_B0j7eqrwevo_O7ZgwFiltBHLCOwF9X5ckqDjGrxIfKkezEmk01HsGOmbx1XmKHIJ5OwANVwrYfcNGIwXJqake_PhtlVdPxL4y917gde8rFZJ4FApsOo-JhvrNVlnFIwmJ9porRfu2R25sJRX6gBIbUvH2onnOgH8eEalgJCHUI8XIppXZuInxk7LNPWpUzzENEEExBUW-rj4YRIJfG2q3Lb3cU-8ZEhb4q4aJHoH4bnIQba10dUyEyaI13BGaU5s4YXksntLHRCnqJHl8sWxGJisCB2LXEXfn8OXSvilxQILsHzWcpWIdmuCPix_hWbSmERXaWqDcqgr4J044GxPy-qxHa1_EzXfNubhI5R_-wrWrgn_yJllNQET1bf1Uy5epfTa2Rr1xTSn7Fb-lEmr-yDeZ1llmow4cCAQz0NZ1zloR0YakgkDRP1M5_K9Rkw67OAcAyU_mwieNxrO1gttmHUqPQ1G2pkmqH7RW1zg54RRCVLOeL3G9l9OVyNducrLIHG92deMYzFX0glzCgrci6P4fDjFTtp9sTc4NngjUwjuZyTLhzNDRfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DC39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIQ6HZkH92WurAwKvLGE8-_BAjivQSJJWW7qUSZ1_WGmH7QKmSikRUDQw7qVCDEGrFAcrfpikcLKoLcgpJUcrAAFyQz9PTaK5t2AIbNXq-mnkgTEl2m49mtVnWkwBV_vv7rmfMpgq1kbGiSdbDkGnqE7MJlnL8Yo5tNT4WAjApsLUZs0UEXfrB1LFL65SfonylbOuU2lxgHk-R6D3OWRAxMsatcqtS9JHxTMImuySGCaXlFz2e6ItEYlbLzpS80csPWVfU4d4DjSWff6N35ai5XgzGv3SApWJ8SI3O3ebfGV6zihVH_STr99tjyCVvxB1zJPpe39SnNNNX7B624yp2nVU-IhrWoiPTozqA8KR1ZaN9NMv-iz-ncY9CK4CcCXobmguX6duGlp91WLN5HaGxxrgIawIojjNp06JEkkO6mjFRMX-RKceFewuH_1i1GJWYdR0unekaOhaJJudA2F_23uErYkCzUPVr5zkpIo9KG9n3FTnZ8E77Gul1GpKqErg077PRHoXYYWPFQqoaxbQmnNVW3BQX9AvzzD0F8CVJjAFY1s9vP9NkHW3OakoomlbSzptBRBW1g64rMyoFL0BNqPmYXknSx7nclejnBgwWxgMUt8DmXe-q7csyXlxaHcIS3R3zNgl1Qgvf28eB-MoZPBlxQHFSum6xIuDGBfV-dGCkL9xkQTMsAEh_RhdV1681dWK8DfePmJWhR7Y3fTZwlEzK7ZTcL5nyaEfxSG3OSmTZbiafTNQVY4JhC-31HHDl6NOyCJC_mfmcC2VsYhx8rCDTplR2IrmZ77r0wGI5k6VyhB_KFIfv_h_DFS9hEmGCf3VklC91kJGGnrTTjdjwxVr_Uop04BShqCrR_igiLZYY26O22iP6gd9EEA3eB3imxp5o399r4C_3nV60xpGAaBZzcmYbUZVJ1GxbAw5LgPd6NvUDZtf6whkpm6qWCBwK2i_AmloFFuEWUAW8LXcU7pxu9TUOJwIGe3QcFSjL3uITwm3_fdJ-XoevAy8GTWt1qCPJhHfJcr0W93wGqyBmF2hVX8C-8ceeQN5rLnpf2pR5hQQQ1o-ByaDpm3Op_Hf1r9Gwzw5FUTmrswZzK4zCNAN1M8XiIdZCKTK0MV1nB9rk9t7r_aKBf3yY7OC35uH6ZPCjUL1ZI5Sv5pWbWLsiaFIJGv5Ry1aignsDT-NVD1_8fOIQFKvlrmoT7xslR-IXctJ6g0bHQVPzOgwz_QWCPQM9vMSpupUqdyLxoSqbBOut50XR5f2Rv1bVh3I2JJstEUC2kwogmsollAtwduyXWiZLrvsnaACm41wSmk160673LmMCHg&sai=AMfl-YRZOVuIM-LhEQixN5pBww0xNl1hCWudGHFbVKL1GrlfGDAhP4nQflv4dHKiCcVYT0Hqi3fRkJArmjVElsVLrTl-IxtYhmZv3pN6zgKqSqBv61ZwGHimZsCWTPHcJynTXhGnsautp5nXlVFrFFJUGn7IEDn7Bnmrvogdoc2T4NNPvOPHs0jvLMbPQT2zMJU_vezXRVsaMtk5cAvCujyiyuC3XC5a7H77k5rcvK8Vds0PBFsPMjJwfjGlpbDmgz3p_paFnmYLftp3AN1SEzsORpO0M9sG&sig=Cg0ArKJSzMmajFuHdoWjEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=289&vt=11&dtpt=152&dett=3&cstd=130&cisv=r20240122.05305&arae=0&ftch=1&adurl=
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B9FC 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd93d0e83b1f740752b42aea577f00fe0a0f8005a01b37590d9b87b81dc5161e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5752
x-xss-protection
0
prod_studio_01_250_configurablemodule.js
s0.2mdn.net/879366/ Frame B9FC 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_250_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fd62d942e1fc8ceaad002fee99d07a3024b8e7bd03044a17e42e1344ee17544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9274
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 23:32:07 GMT
/
ti.tradetracker.net/ Frame 9BFA 		435 B
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=2005488&amp;a=70002&amp;r=75911500005298904444450012580005&amp;t=js&amp;wid=tt-7357f1
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.206.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-206-191.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
189d23469a90392133437199450e148295a8f77cb2088dea3898f63e4c769c21

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Thu, 25 Jan 2024 02:20:03 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal90005.redintelligence.net/ Frame AD5D 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=220b8ce8b8&subid=&uid=edc4551ce7cdc4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVuEFUsWxZaiKBP2vnsEPrIC8uAbM-Yagafu5x__3D_AuEAEgoJL4nQFgkYSghYwYyAEJqQLMUqbDsUqyPqgDAcgDm4SAgASqBOwBT9Bv_o8AEMi9F7zSbdWaSgZJ2BnCVyUY_2T2j2qDSkgSPW42FKq79heoiJrfhFp74890SzEYP6Fgh-HOU-hOGeQc1RNIbjRvqknhWnDQlsNuq4K5pbAkPfTe-9CVfnAMWoTzU-E0IHur5ktg8W2SQh1uQTJSwHcsVAG4FryaF_sHp4R9P09weeZcIngsSNE4IGVGbWb_Ja2t48Q1MVC9EZgUuhyJKHqG5Ot-VMv8KuCGVLfF4YD3TgSiduZLSVz397xlenKQQlblrtuFuJrd4UDGO8tY2dZm5527qgbJe2WGbfyJcTQxxsmB4vHABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjsD9iL33gwOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_g6xf8Xih47kdKyXXGn6edXIR5mHgzHsu02UljA7EhI23snGg2-SG0PDLTvDhgRjYvtIRC7s7GAE%26sig%3DAOD64_0dT9gKRU7OKPeeNVyieO8SZj6rlA%26client%3Dca-pub-8535330373635729%26dbm_c%3DAKAmf-CpnvSPa0Z1rfRk7wRJKspsmqXS-8X1bZayw4kLw_04kKVsrIdCE0ZOMuFXIsVxPB_Z_MMxt_BUOu-Xw4TEJBvzu_MD3a1WfAEIwjuTDOj0gzOOaIqsNu4_A41kX-QQNXx8LTKBcjRAhcmXeqFSzu4ZtZuR1oDgYE_JA4540ARThNa_UNRpka6w9EIY_gJPtFE3D0z3M6LQS7HzXhaPUHqC9fwi49yUy_nlyIHOXXulsPBxUHQ%26cry%3D1%26dbm_d%3DAKAmf-B7hOYN_JhcjnXsfz0AhyK0Ut2eHDWA7Nkf64fARCKtPUHlC2b8QMvN6SV13uiLJjzNC5EcfOm6C5oGjjnqZBp-JCeljGt9OzGJpERDeE0sPju9hCb8ZX8ZPKs9rWrZJCGHYFz4ZN7hfaEg5MYnzpfkFneMUPG3TRvWwJZJO-yTglUIhf6EKNyn63-dsfWJQV1AySzBzYPms2rHxoPyVazzO6ZGWCmoOkGA1gnKszRhp9naIY9Gl8EJbJV0tiyEYE0eXVdZQK13LUYC-Qm3G_b0O8EeBgWXSV3l5qN0tddrWwUHnBwb1mJ3o5BiQlUV3MemqRKRZC7KdUWZ992ZADAHg_oOKmVE-r1QHh1J3ZYc334uoGt2eJTA66hIh76FVxqM5U3W1edPz6dK2x7O4UWMsCg18CW6veA97VoolP8OxJZJTJO7cYfMwDG1tJAZd9Z6egbwH3cNJAnw-i2nC8jDWIh5NKZyC_gZ0Y-zEjV-fMdNK7szmhWjL6B0EJU-BSyuEeyT7-pyrVt3uDUAmSkMaZYYE6fojQc5udg9aV4JYnbLNTN7jm3cI4Up1eSVQ_gZSOgX69n8C1iDWCtoUFFGuMp6a6Wovp4GbGsJZZS7Dv49woQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8535330373635729%26output%3Dhtml%26h%3D90%26adk%3D793707805%26adf%3D215438296%26pi%3Dt.aa~a.3833140187~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706149199%26rafmt%3D1%26to%3Dqs%26pwprc%3D9288327111%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fmineleaks.eu%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1706149202030%26bpp%3D1%26bdt%3D1644%26idt%3D0%26shv%3Dr20240122%26mjsv%3Dm202401180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D35d066ef7b006dde%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g%26gpic%3DUID%253D00000d4962fa5d0c%253AT%253D1706149201%253ART%253D1706149201%253AS%253DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C960x280%26nras%3D5%26correlator%3D6310713474586%26frm%3D20%26pv%3D1%26ga_vid%3D1422090559.1706149201%26ga_sid%3D1706149201%26ga_hid%3D1711385791%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D4071%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31080590%252C44785293%252C95322184%252C95320868%252C95320888%252C95321627%252C95322163%26oid%3D2%26psts%3DAOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ%26pvsid%3D425656167849035%26tmod%3D1530807125%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D7&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fmineleaks.eu&random=2409902719834&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1eb2f2c58b8877615079001b10411a04a5e16398095ea5c7f888e1e6aec9da59

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2377
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Jan 2024 02:20:03 GMT
Expires
Thu, 25 Jan 2024 02:20:03 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 9BFA 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446776&v=57629&q=470847&r=235229&pref1=75911500005298904444450012580005&pv=1&pref2=mineleaks.eu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Jan 2024 02:20:03 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 97BD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
32959
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Thu, 25 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9BFA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9dc799e066205ff6dde6c519fbac7d7ada0c8ad4f76bf607d458dd0353abd98

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame D65E 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiPS5X38XFVMurlCefYwCY2iUDkDXL-eYKTDfDMZqB4v4o3j0uyWSlz71h3S166pCqxs-p-kDpY9HrRxIlmXnsIe3f-DY1gI9L47C2WBroLy4y5WUjJMrJnBwJ_Mhttek7aY9ot8OLg82UEsfexhupJXnof3GxAlXEbilS_EuSdLw2upjR-wNSVQbWytXOIDpwuvh1aBxTs8Ozc4upTJZEdYsCwv_D5GLloykURIJomY9TNe2skeGv90zKmG-A-XRizttSB4-EYKTsKVTVDZsL-_Vk4VnWSAW13gzi9DQQ7hlFOuG3-FlqANpsnQE2wnHAdl6hDtG9eLk6Vm_5TEO1h93t392SEPXQLiaCIWem68a8Td22D8pUl_OEN2JCgPQUnEf8TAHe2NyhLVv2Dqdymy1G34PoxjalqrmEw0oTClGxnxZCEeYU51Sk4ssosDFDawyOHqx4fp_28V_PBbdO7tDiOh7yfSO2w1prvcCKSWC29XCR5ALVwOWtu5b5FvoAfmhOHlGRr58cgqN8_Lvjrettuy-wGAh8xX9VpGKVPSHlXyQBgannAluopyv1X7jJQ9FWqmx7OfcO3GyTTXiMBig6Fb14AsKwUXbcjbMOkZlIX98UtJb47lOmVP57Zq25y06P2Szlp8li0UATUx3SjiQsYXG8NBaeLcm2gNJku9y59u4WeS-kINzkTYVoldEUSKlg0gDe4ep-K4z2AOyUFQfXArLGrNgrCbtzdp3UlqOdWvotqDUDOgo3ELTUUzv_Adp3QaiKRJ1UHt9JJW-9s0qfuPXiNFiktAsJd_o-xibpir3TXTLk7jbkj1JYh39ZlbErIJ3Ke_lKi3lf-nZC-zITu-dizmgMzOYlpswk9SNEYy8KZngWTqm9zCXcetdPFUjVXVzNgsUiTv5skcvlvEuqkteCiF0K8tSdceGeNcqFdfyb_p0pYghx3MzvjJwj1UlveV-q7pI95G--Q2o3hJnSlxBlXsQA7Y0Zr-SrXhwdu7EQFRoMiewWwhVxnTzDt-A4zsno798AQ7tMwYHP8jvqgsJYQtcn3J0skq2a0He7fnyNapnvoWAbjqW3DZVWe6ox5KCHCZY4rXvz4VIaY1APUELyp5D-yxfUegBNbHcHBmu-hzhyyUWYbZ2sYe2x4j1r2BNs735fWKZebPQiJRdcdMAPFKHl&sai=AMfl-YTNs6QTb-RpEXwfT91Ik0TuX5AdeUx1zbkT_zmEEI4P7lhbi6_mwHaqmE7g1sNIGEg_BBrlNbkha87uDdm39kC9tEx9bDPNtEphezwqewOiENG5rpyhnB46tWhhuA836ZsAvQKofNeg-n_dujbf2RO2GxuD3lY9H5icBQ&sig=Cg0ArKJSzBbH_90t_GjDEAE&cid=CAQSTgAvHhf_SqDAxcMetne1X4bOJ9h_MIk7JOpoJk_ftkx8rrd280dMs1yzJA2POtRoJpXYPd0UTPqwf_PbIrPvMe9bS7cZheD_5g7ym3rdDRgB&id=lidar2&mcvt=1019&p=0,0,280,1200&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=225472386&rs=2&la=1&cr=0&vs=4&r=v&co=170614920200&rst=1706149201470&rpt=630&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 97BD 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBNcUWJajUgZeC39Sf3eyWA&google_cver=1&google_push=AXcoOmS-qi69lVfjmaaMv_yf6h5uPFSwF628H9ChCDOTqXAibuc6YLpwhSATuBG0ccbu8R_T8WVnJMAqja7MyDhrYL7qG5zRv87z7Zg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 97BD
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEE3-qkdPhrtkw17G8AFupZY&google_cver=1&google_push=AXcoOmRVJApDOaWn0I-1jtq1YSA9DCI-VKRZV0gMWagrMcCROXliJUSGc2vOncd5VpFMKscX9dbo_aSALfJDHsHXXLOv7I874uCI4A
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF8BE300489F427F8AF1A22510F91271&google_push=AXcoOmRVJApDOaWn0I-1jtq1YSA9DCI-VKRZV0gMWagrMcCROXliJUSGc2vOncd5VpFMKscX9dbo_aSALfJDHsH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF8BE300489F427F8AF1A22510F91271&google_push=AXcoOmRVJApDOaWn0I-1jtq1YSA9DCI-VKRZV0gMWagrMcCROXliJUSGc2vOncd5VpFMKscX9dbo_aSALfJDHsHXXLOv7I874uCI4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Jan 2024 02:20:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF8BE300489F427F8AF1A22510F91271&google_push=AXcoOmRVJApDOaWn0I-1jtq1YSA9DCI-VKRZV0gMWagrMcCROXliJUSGc2vOncd5VpFMKscX9dbo_aSALfJDHsHXXLOv7I874uCI4A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 24 Jan 2024 02:20:03 GMT
pixel
cm.g.doubleclick.net/ Frame 97BD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJg8oBsRE_PdnLWA8BgwbVs&google_cver=1&google_push=AXcoOmTVDLEjnxZ-sd5SgwRb8JxwZlc1ZhdpwwaaYToJ3OVifzaW56XH7NYONSEiuskIxyAIlInmQZZxcm6BcK...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNzg1NTAyODk4NDczOTk4MA%3D%3D&google_push=AXcoOmTVDLEjnxZ-sd5SgwRb8JxwZlc1ZhdpwwaaYToJ3OVifzaW56XH7NYONSEiuskIxyAIlInmQZZxcm6BcKLmaI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNzg1NTAyODk4NDczOTk4MA%3D%3D&google_push=AXcoOmTVDLEjnxZ-sd5SgwRb8JxwZlc1ZhdpwwaaYToJ3OVifzaW56XH7NYONSEiuskIxyAIlInmQZZxcm6BcKLmaIZwz8-f-BttXoI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNzg1NTAyODk4NDczOTk4MA%3D%3D&google_push=AXcoOmTVDLEjnxZ-sd5SgwRb8JxwZlc1ZhdpwwaaYToJ3OVifzaW56XH7NYONSEiuskIxyAIlInmQZZxcm6BcKLmaIZwz8-f-BttXoI
Date
Thu, 25 Jan 2024 02:20:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 97BD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK9gtqeUg4dXM2GJ15PoIQ4&google_cver=1&google_push=AXcoOmQMCISYBp3kp_0aO7QbCrav7Mmr-oLFDF12zH6KWWdfT8jETC60k92GX65sypOqivGySj6BehN-aGR_Xk2U00CeWZE...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMCISYBp3kp_0aO7QbCrav7Mmr-oLFDF12zH6KWWdfT8jETC60k92GX65sypOqivGySj6BehN-aGR_Xk2U00CeWZEcEv5h3A&google_hm=eS16dkg3WjIxRTJwRmNM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMCISYBp3kp_0aO7QbCrav7Mmr-oLFDF12zH6KWWdfT8jETC60k92GX65sypOqivGySj6BehN-aGR_Xk2U00CeWZEcEv5h3A&google_hm=eS16dkg3WjIxRTJwRmNMaUFvaWU1Nk05ZVpsY18yQzZEen5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Jan 2024 02:20:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQMCISYBp3kp_0aO7QbCrav7Mmr-oLFDF12zH6KWWdfT8jETC60k92GX65sypOqivGySj6BehN-aGR_Xk2U00CeWZEcEv5h3A&google_hm=eS16dkg3WjIxRTJwRmNMaUFvaWU1Nk05ZVpsY18yQzZEen5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 97BD
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKVvtspuARLyNaUn15zllGc&google_cver=1&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhFk_...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKVvtspuARLyNaUn15zllGc&google_cver=1&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhF...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhFk_nacpXtoU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhFk_nacpXtoU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ8wJOnAE18N_VZ-kcd6PMWpBO0YDZtv0cEPIEaK-thV1QkOvw-g1Y5EoLPpFlbK-uOuMToi56skzSHCn1GimuhFk_nacpXtoU
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 97BD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEILHQKgQKG9hqQA9fNPPblw&google_cver=1&google_push=AXcoOmS3rj7MKqVVnyILOgjHvsoyrxmn79R1jvfdJDxVYrtonvlDZrvVJuUIhEEO1WaLtzN2tg6s5Vi0...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmS3rj7MKqVVnyILOgjHvsoyrxmn79R1jvfdJDxVYrtonvlDZrvVJuUIhEEO1WaLtzN2tg6s5V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmS3rj7MKqVVnyILOgjHvsoyrxmn79R1jvfdJDxVYrtonvlDZrvVJuUIhEEO1WaLtzN2tg6s5Vi0VbyHg5AFUGaixNbaAC8vKpE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYwOTc0MTE4NDM4Nzg2MzAwNw&google_push=AXcoOmS3rj7MKqVVnyILOgjHvsoyrxmn79R1jvfdJDxVYrtonvlDZrvVJuUIhEEO1WaLtzN2tg6s5Vi0VbyHg5AFUGaixNbaAC8vKpE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 97BD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKSEl-CbYnUXqGW_rtcRyaI&google_cver=1&google_push=AXcoOmT93W65BkKfUwNFw8rNsl82VTeJhgxMXPoPBNs8nPncCdxXnZaUVN4SLYBE0MMhgGx2ivSUid19qDbt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT93W65BkKfUwNFw8rNsl82VTeJhgxMXPoPBNs8nPncCdxXnZaUVN4SLYBE0MMhgGx2ivSUid19qDbtiw0-UEylaq1F_D2Zy3M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT93W65BkKfUwNFw8rNsl82VTeJhgxMXPoPBNs8nPncCdxXnZaUVN4SLYBE0MMhgGx2ivSUid19qDbtiw0-UEylaq1F_D2Zy3M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT93W65BkKfUwNFw8rNsl82VTeJhgxMXPoPBNs8nPncCdxXnZaUVN4SLYBE0MMhgGx2ivSUid19qDbtiw0-UEylaq1F_D2Zy3M
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 97BD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeAetVOHPev6ybQYfrUUgYcfaQgM7t92I95ayRkS8o8DMRcc7VRnt9JBkqL1P1cf4V4LOp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B9FC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 02:20:03 GMT
15572949748031291917
s0.2mdn.net/pimgad/ Frame B9FC 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/pimgad/15572949748031291917
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f60fdc223fa10713a6196391b01537159bfa5a331975b75f4e3b996207895df5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 23:43:48 GMT
date
Wed, 24 Jan 2024 23:43:48 GMT
x-content-type-options
nosniff
age
9375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133335
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 13:09:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
16487548851904768606
s0.2mdn.net/pimgad/ Frame B9FC 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/pimgad/16487548851904768606
Requested by
Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef05a7f4e16ac1908316c65a514080ebeba6c7e45856bee68af3fba849edca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11353605478534873088/index.html?e=69&leftOffset=0&topOffset=0&c=lnlyh5Y6kV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 23 Jan 2025 23:43:48 GMT
date
Wed, 24 Jan 2024 23:43:48 GMT
x-content-type-options
nosniff
age
9375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46217
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 13:08:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
css
fonts.googleapis.com/ Frame AD5D 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 02:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 00:54:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 02:20:03 GMT
/
hal9000.redintelligence.net/scale/ Frame AD5D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_2_1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
bdd631bfeae38c59c01099378162ead89f80ae97491f7a4cd1f73222acfd38b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13983
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame AD5D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/74975/creativesup/1200x627_sting.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
74681b59f9e0dbbd98e71baedc27970f32925c98f32e18d5b1a26fd04b589d5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10783
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal90005.redintelligence.net/ Frame AD5D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/viewability?s=75911500005298904444450012580005&a=2465f4b8&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 25 Jan 2024 02:20:03 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
ti.tradetracker.net/ Frame AD5D 		433 B
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=558&amp;m=24180&amp;a=70002&amp;r=75911500005298904444450012580005&amp;t=js&amp;wid=tt-ce6b1
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.206.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-206-191.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
481a60a5ed61051e2a5e0b46352270109eccdacd1f30d12144aca594e493deda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Thu, 25 Jan 2024 02:20:03 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/javascript; charset=UTF-8
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 1B0A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 21:28:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
17512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 21:28:11 GMT
593277e724e539a889cc3a836755cb51039a9d.jpg
static.tradetracker.net/nl/material_image/f0/ Frame 9BFA
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=75911500005298904444450012580005&t=html
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=793707805&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706149199&rafmt=1&to=qs&pwprc=9288327111&format=1200x90&url=http%3A%2F%2Fmineleaks.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1706149202030&bpp=1&bdt=1644&idt=0&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35d066ef7b006dde%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g&gpic=UID%3D00000d4962fa5d0c%3AT%3D1706149201%3ART%3D1706149201%3AS%3DALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=6310713474586&frm=20&pv=1&ga_vid=1422090559.1706149201&ga_sid=1706149201&ga_hid=1711385791&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080590%2C44785293%2C95322184%2C95320868%2C95320888%2C95321627%2C95322163&oid=2&psts=AOrYGsnYSNqUSiBITPCakTVukHsKIyO4avqC0YBx9EFQNM9YK6mlFShVPyrwOJ535SEyOpBZa9DlHK_DKZrP9BDZl_iPlQ&pvsid=425656167849035&tmod=1530807125&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=7
Protocol
H2
Server
2600:9000:2251:1a00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Tue, 21 Dec 2021 13:45:41 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
age
228
etag
"61c1da85-153c4"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
86980
x-amz-cf-id
RfHh_JFp_LfniBzX_THo5FcjbpX_Jn5V2mC0MF4IXiZYz9Lh23mwkQ==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
date
Thu, 25 Jan 2024 02:20:03 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame AD5D
Redirect Chain
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=75911500005298904444450012580005&t=html
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=75911500005298904444450012580005&a=b0ea88c3
Protocol
H2
Server
2600:9000:2251:1a00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 08:27:46 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
age
55
etag
"58ca4c82-335a"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
13146
x-amz-cf-id
qpgaJHd-3RNI2Lr6wf0MWLkzvoKFtmWHM1VeKJhNwQvfgAhDvLlKvg==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date
Thu, 25 Jan 2024 02:20:03 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df1f44796fefc3bcf30edd740405a0b0281dd4b72e985036bfb68d8fd372c77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12254
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 457F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZSLDGQ7pk6t6NFKuuk67MvJkgCUOv-B_s5Rs_3Ex2NLSr5yuT_PCUQwCgKQIew5j-kJVnhxj-BxSnHM2QHg5nOaCzQuKbg68517Rese4JNvMXziAQoXLU7trTFbCKn744yiNexomeFX3I_xXTp90UZ5vdS0BJbSR6efKiqUBQImpmMSSdivez8jvSSpbYfIglXiuj4Nu3w-uIkXRFJ38f9m8trPF-qhxKfUE7qKDXywu32ZAdjQc3xh3E55xoLw-b2n0hRoWg0A_UmW5fRhPzbmGSRGo47tt7MDkz9drYcF1sRjKjRJruZuFBwNoa9YS4VsVjCjVuDVCIm93OkZ-5JUsg7hqjNe0nnfMio67U1D-J0i_C4gd_HzUh4XTcvEcjkUZnrfTmsHSBso-DCkpMUQ1eWDFsbdTIEXsAzrva7oGRBPJ7mRNihf6f1p-FvE9g6BFic9_E0LL5HrdWoQgOCx0HqXap_4u6m0CjOX-Yg1kBRApjU7mcdFZx5q8xeOxMiQbw4yoZt6_c4mZLEa7H6nn15xE8Ig1319s5qsENXbIZbfDnJ8bW9Cn5Fgm78eshrTkSh3RhKPP8QckSWbyubFnB-qM-FqKb7HifgYGhOrq7yReSk7J3i2eTyQ9P1F9Kpxx1nInHHyC8lnrKuwB9_xk20C5-cZ1d_g0K_GZiDO22S_xaXA_RH96oCUJsFRGezOdrAjyKEC0n_2hAywvzdloHcF-LDf2CGf5bmbSvSpTzKMSUVTK5Z3-X0nFQ7zuMrSOA9I4I_mVfK5nXCGl38jGsH6N7lOqw4_03zcLbzYOt7KyZwXb6DlfTARK-ekMkboEwJUQ0aJbiGAJnoC2quBQUrBGLEkufp3G896jEo1C2VZ011HIuPAaiKPgS8OWem2e8dQUhsxLYqnBz6NaPJ_645iPB3QZuQxXBMI2JlWuWHdAcIgzWlXsRREybkeysDNTyXQrKuWzsqRRuCD7Yv2HLf76F-S-JjO0EzSNQEYjTN9LBthWnps7hS-yELZKyqaFQbp0SO5LiIABhcCSlD__TYNQqSF6Yw_opRnKM5iujDSSVkM4mM9EnZWio3QbUGT0T&sai=AMfl-YRFrJXaKD7LzF84EEsKiL_m_C8rMyEmdSvmvsVLHEHukmutP3ltG2EKbSDh5k_tFsewTbKH2msmjirecUGVQelNVqyUrdqzERJgVTygiZJIZm7HWBl6C164U_LhUz9ENDOjhdvoBXPY6L1nbbRqzu7Tt_lbvymBHsWbhQ&sig=Cg0ArKJSzFQF3xus5UCdEAE&cid=CAQSTgAvHhf_iGlNzBuhcZzCqu7KG9a1vkf8fqDWiQNYUd1uS7ZfjoswFU74BoCITbUo-ktYwuaPo6DGvFRuWFtH2wxfnHWPhXgPXkyGgAb7ZhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=92,759,1000,1109,1109&tos=92,667,241,109,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=85976721&rs=2&la=0&cr=0&vs=4&r=v&co=170614920200&rst=1706149202126&rpt=278&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 02:20:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 67F5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
27735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 18:37:48 GMT
expires
Thu, 23 Jan 2025 18:37:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 680D 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8904a77abbcf85c9604b6ebbbd347b50c02b00cb500055b4a6de16678bfd626e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KSkGqzO9SnlDRpPuvo7gDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mineleaks.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KSkGqzO9SnlDRpPuvo7gDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 02:20:03 GMT
expires
Thu, 25 Jan 2024 02:20:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 680D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=425656167849035&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 67F5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 21:28:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
17512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 21:28:11 GMT
generate_204
tpc.googlesyndication.com/ Frame 67F5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MyTC_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:20:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC39 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1316089507289&version=m202309260101&ct=132&x=1&cor=1051189987508171500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=425656167849035&bg=!BgWlBUrNAAa8BdJLnAU7ADQBe5WfOFFPSpATcfkvD8yG4BdzlGoDq9xioVTerVMpDs7NXRf1WLNliXhCwCFLMOr0S6uVAgAAAC1SAAAAAmgBB5kCuG3Vp9ALhLrGp6B6BJexGqpu6XBsDA1hq_5AjeNCH9_AT4KeXRWsJJRhMNVT3ylBRJGRMTQ6TftUCX4aDjKqcC1pys3EpIcUOUepNhDx_X98facbrfzjyfubE73SVOD8sSxM_DrKMftBczfO-p2UzQCJcKDSOVRNGqMivN-H3wynlH73n3VeOEjyAoTBFJxrqQJJNllXrvub96UO0nNMVXWzvhxZ9w7isnipaYbm0ojHxtCplJ3iUwwUAhDTJxOas746K65WbvH_-FYqdsCVDvhCSO8I_YI4MAjpMCo4XZ-25MvbBiSrcN4FMh14sa-Fehbvz87GnR1caD0yUltil5nJ-PZE2aZh2f3HVVbFHgC6I2PHF_Yr-33BWC_YE5Dc_AgUo8kPJZtQLoeKR46Cc8i51UfS6xeEZjOyOtj6jHOZ4f9uvERe8fy_bqCTtH465696CZARzxIRGXys_vjNT1KpaS7xsb9PDFJZzinHgcPjZaHKnOOs2QQfGn1gbDnNXqNkyrEMw6ws5ukZAqKB6hJsl0kvfr-r800V2xa3ikaRjyy5_w1PDUTnyej2c4Nrl7_en-bCQkJ10v-kxTZh_V_frqcrxUHesiJT9LO1umq1e39-5CQWCe7YvUGLJMyQqWAhnRxk64EZ6fuFpd0MB78uraQCVg4XTNkgxVLc_qQIuwzj1sYkYlCDJwJI4sn_Geeg3s3GzDcHwAmgygeXfsktP8iNlaLeymIwmIjtW4ngy7hirIAr2PcpndzixpsEZfa7VA8PrNy8kx1dOrUkFVClhnTF9JK7RALmh2V6UTOR1fy8VkHkXnvRM3euZZ8C6i8P223HqMbXxbkI3lzzN2u-TL5TpOCjn37IuFFEFaMljx1sUyx61iv5UbJHdItRU550eRIaPejnJxsme2aBQAnGMvyY2BLNAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://mineleaks.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1257783514703&version=m202309260101&ct=77&x=1&cor=6479002467625982000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 02:20:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| XF function| gtag object| dataLayer function| $ function| jQuery object| Mustache function| autosize object| google_tag_manager object| google_tag_data object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| usernameColorTagList object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

35 Cookies

Domain/Path Name / Value
mineleaks.eu/ Name: xf_csrf
Value: BcWsn3lexnl_07m8
.mineleaks.eu/ Name: _ga_1047BKNRE4
Value: GS1.1.1706149201.1.0.1706149201.0.0.0
.mineleaks.eu/ Name: _ga
Value: GA1.1.1422090559.1706149201
.mineleaks.eu/ Name: __gads
Value: ID=35d066ef7b006dde:T=1706149201:RT=1706149201:S=ALNI_Mb-wARjSfWwCw9eQRnMtEk7DwLt0g
.mineleaks.eu/ Name: __gpi
Value: UID=00000d4962fa5d0c:T=1706149201:RT=1706149201:S=ALNI_MbwFkiyxVvQJ7zNmy3ANNpBLCiamg
.mineleaks.eu/ Name: __eoi
Value: ID=0a77c916a75789f5:T=1706149201:RT=1706149201:S=AA-Afja5zq76y0ui2CXP2s6extzj
.doubleclick.net/ Name: IDE
Value: AHWqTUkfpao9xeEPigLubrVp9qh_Hch5ZDNJndfyqm0Y8Dc5QucigRK2nNMxA7hwb-Y
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi4mloGX5JeblFUoUnpBFFSJ1gJs_CCLYIOXs-3OOOFLRZ1oYw
.casalemedia.com/ Name: CMID
Value: ZbHFUu-rloAMMyuTyZyZawAA
.casalemedia.com/ Name: CMPS
Value: 1110
.casalemedia.com/ Name: CMPRO
Value: 1110
.adnxs.com/ Name: XANDR_PANID
Value: E03LyElZz0a5ecoiEuDDvuHSmmKCDkqiaEby0J3b4NNe2RsJGLgNliAVW289ijATGUZCh5bpH-MrUBAO5cD2oPv2N44WnXfBcO7hhUDYfK8.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 8456705867154190660
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTvGB[pP!@wnfH8K6pQK`!5=E<*L5?%LW]ABx#^YmPf5c>)61+:>`76B+p?[*M+s`63K%nugO%v4VB%nn(!*3GT>
.doubleclick.net/ Name: ar_debug
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22EFDE0755-F2DE-49B0-3BFE-9F7E444F241D%22%7D
.quantserve.com/ Name: d
Value: EEwBCQH-KoEA
.quantserve.com/ Name: mc
Value: 65b1c552-d9520-38c8a-cb4e3
.adform.net/ Name: C
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 726fdd9449a1b7e3
.agkn.com/ Name: ab
Value: 0001%3AQavLnwlQj%2Fau8XiW%2B%2Bz%2BEdax3XDsHN3F
.agkn.com/ Name: u
Value: C|0CEAtRIHSLUSB0gAAAAAAAQ13AQCAAQpAAAAAAA
.adform.net/ Name: uid
Value: 6609741184387863007
.adfarm1.adition.com/ Name: UserID1
Value: 7327855028984739980
.simpli.fi/ Name: suid
Value: CF8BE300489F427F8AF1A22510F91271
.tribalfusion.com/ Name: ANON_ID
Value: aKnt6ZaxNeTgBeZdwQyxT77x13Q9ZaTbgtukD1ZdYCXTruWsFoWLW35BtMWHvvAWq1FJcZavH1s3vSVFhxc0sjZdoS9lexn2PL
.yahoo.com/ Name: A3
Value: d=AQABBFPFsWUCEHTf47gIdB6oxpBWzDS2w6wFEgEBAQEWs2W7ZQAAAAAA_eMAAA&S=AQAAAvUVfR9djGY1xftniKKOWLM
.de17a.com/ Name: guid
Value: 1.419670725859293829
.awin1.com/ Name: awpv57629
Value: 235229|1706149203|3f6b0bd0-bb28-11ee-86b5-22356fe9f584
.awin1.com/ Name: AWSESS
Value: 470847:3446776
.tradetracker.net/ Name: pi
Value: ae774dda02c48e8b9b0a23dbf2f41301
.tradetracker.net/ Name: uf
Value: eMZzFqdnOnNk89wMVzy4OzY5YklRSnVwNFh5UzdyYS9RQjBGOGY5V0hwL1FHdDN1MGtNS3ovME5TeVlhSmZHS2xMTVdEdTVNOVAxWlhpN1pxOVQvTVVNSDA0c1VaNk1pTnRFcWFBPT0%3D

2 Console Messages

Source Level URL
Text
deprecation warning URL: http://mineleaks.eu/js/vendor/jquery/jquery-3.5.1.min.js?_v=5a6112eb(Line 1)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network error URL: https://mts0.google.com/vt/data=OFf36j65HCmiRq0BtZhoOzEzaszWct3AFrw9QjxtpLwsutl2RixZrZNv7BwkwPZ3m13EMLtGZEsSCnga99BVenqb1l5I2v4jpcq4-0YLxIlH551l225fKBTd
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ads.travelaudience.com
c1.adform.net
cdx.solo.to
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90005.redintelligence.net
i.imgur.com
ib.adnxs.com
mineleaks.eu
mts0.google.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
static.tradetracker.net
sync.teads.tv
ti.tradetracker.net
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.75.89.75
138.201.63.165
142.250.184.230
142.250.185.226
142.250.185.66
144.76.91.199
146.75.120.193
172.217.18.2
172.64.151.101
185.89.210.82
2001:4860:4802:34::36
213.155.156.167
2400:52e0:1e00::1082:1
2600:9000:2251:1a00:1a:7c92:efc0:93a1
2606:4700::6812:18ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2006
2a02:fa8:8806:21::1690
2a05:d018:d29:3601:7d46:bd77:a0a1:96
2a06:98c1:3121::3
3.74.101.164
34.91.62.186
34.98.64.218
35.190.0.66
37.157.3.26
51.89.9.254
54.171.206.191
85.114.159.118
92.123.148.9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd894e0e323549685e351f19aef8ca717f8ff1fc26a223ea79971177fe12d20
0c546d451ed0e816b83dba9db05a6a00b5e85dded0d038684ee2814380e9625b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183d5e88a1091992c416793a52456982ddfb934d3bec01e76989b92363f0bbd8
189d23469a90392133437199450e148295a8f77cb2088dea3898f63e4c769c21
1930ec6f3845181c2a4afaedd185dba8bcf45517dc3b02e912f984b958a68d09
19d62d2dd26810a29da681ca9cf63e4bba9f39a5dd3f9d3561fb8d158dfbb4af
1d7ab1c211e4b5877f875fae049a9114334cee6279a75cbab2271d5d306d8f8f
1eb2f2c58b8877615079001b10411a04a5e16398095ea5c7f888e1e6aec9da59
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20d08424a1c77137feb7d1c88cf12ade291e8b3ab3ec73ca0adc9b60259a6e5e
228c9d3116f04af9ca2aba7880579a38fe7328baf431488565e3ab7894c81a15
2a866923ca4f6059c079c84979bca68019aedf05ae6c2d68bb139d567ea35a98
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fd62d942e1fc8ceaad002fee99d07a3024b8e7bd03044a17e42e1344ee17544
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
324a9d60145589c25ccc1c032c6f6763c0d3486b7a3551e193687f4b2b7565f2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
33bca4ef6848d546268a0812c349988ce46275864137ebc1b2de3e14567a671b
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
481a60a5ed61051e2a5e0b46352270109eccdacd1f30d12144aca594e493deda
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
510bb3fef5d140de1f6fa728fd93f9ec28cad7d4bea142e6751a0688da23d2f4
51ee0f40b1b3ad827b2b99716479ef6088f6497785c70f97167e104ea484e837
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56976102d1c2f5476c73ff1d807d5145aa86629fe295434cf55811dbbf61135d
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
59f33071ca28485a2b0235155104ab0323441aada1611add44f3adcb2587e7b2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65cbabd25bc7ba6409a7b06e27b618a743ad1894b22a0587f672b102d92a4a0b
692d2722e5555fe9a78ce7bd51e803f8e1a0c9ed51c4eb6d3b2ade0be8ae2084
6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6ecf956346ef32176254197b3baf6a5c1d3956e6527f302b3f1904a7d49ee664
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
73c261c7249907c1f697f2e14a2fc3adb6c230bc13556be0ca8525901f57950f
74681b59f9e0dbbd98e71baedc27970f32925c98f32e18d5b1a26fd04b589d5e
7ac2f33b4c1a96dcfd287260a5374ae0d9f90ed7a56fbb8e989eaa498034bd29
7c841e11e4c4e8a856cde3700ce518c9df6907a6b22b3e95cc63b2208aa33510
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f83907b884d306760087085e0639e394364598d92fd1ce2a3e7ff29cb7a7e78
85e2fa852542b50f2df4b397c167c3278cbf324928b502b646f7a5d055365794
8904a77abbcf85c9604b6ebbbd347b50c02b00cb500055b4a6de16678bfd626e
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8bb6f18e5df4a337ea4381126549038ac9456d2857881941fbd8ceca09c3768b
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
945dae67eea0b7fedfd8e38f5d72bd36b4fc463fc4c32f4963eb009b2d246c35
96dd7f81552ffa9ce562acaa707cf5625e26e33ab87c828d724883d140ca46d3
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f6bf67f30b771aa6ec6f0ba34125704c76f2b94ac180c80fd06351da8d9d788
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5d466fef65c2d9d7f14fc02d3377f289709c998596bdfb3548ba4773d025e23
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7ceb880d9140d5f448b9fa0fa04ead8f24cbc24d7b1d5d93ff9909c895ed0d8
a990a2a5f332693f731aaf98ad8be7d9ac0f6abdcab8de88737347b47fc73fa9
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
b0e6169e39f5c8f93c0dae464faa49979fd869e935a0f9b8be0cb53f04349f57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b180f971024e1b72cc38d2f94faf78a31badeaf260ef6dda04c25a5ba7f5bf3b
b9dc799e066205ff6dde6c519fbac7d7ada0c8ad4f76bf607d458dd0353abd98
bdd631bfeae38c59c01099378162ead89f80ae97491f7a4cd1f73222acfd38b3
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c6ebd5451c5ac8155217093ed656a5eef49ab9d1ffe0c979de54bfb5a2f958c9
cbef05a7f4e16ac1908316c65a514080ebeba6c7e45856bee68af3fba849edca
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d053beda954a4ecaef2c6aea4c68aa7a524d8c79056f68ec44c96636a1fe18f5
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d49c52632773f3e44ae96faeef74f2f49d2727e9aad26d527ae19c6d04c1e034
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5deae6d8c1f81c5e57b72c8df1964b08ffa9864e0dac4c0d1a5e9aa3ebf0779
d5fc67d1f2387fc6469acac71c68caf7c6bc3a88a679e4609546735b43e75b82
d7243f0c2c1c902978d04436da6a53ad89a2372901f2b0584f319e6053fd7c42
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d83468545646756953863db26337dbfde5fd94f7f58d7b01ac4453b5444e7601
d88fcfc8cedcd2b7f1c07a35fed8f29e62e2850516fb0f4238d2849fcbfa6b11
dbb905b2d89f4bd0e8664a9d6d335984868d2db4f494b6bed7b8d863bd11e0d2
df1f44796fefc3bcf30edd740405a0b0281dd4b72e985036bfb68d8fd372c77a
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6408b238c83504389a08b2945e713a9b113a64dde0da1c7065a9708a7623675
e6dbdf8c733fa55c389b98a54eb9ed8e1967077c2bb8f0be2a34afe5c534dfba
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
ea4832dbe60c116e619ee2bd9d54c88d2c07f3ea446e7a0b762eb6050b4525b7
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edb24d1a170227f124cdae323a5cd79a21a40d21c6226a4769aa2edd420b46c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f425d358d9cd9c96411f8a6c243d66b14160331c1bb8b2eb59c11cf3060e4cb4
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f60fdc223fa10713a6196391b01537159bfa5a331975b75f4e3b996207895df5
f6f57ea48ce1ff62f774d1767c226338c4a221a11e4ca0e490717bbdfd8818f1
f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc371cdb1321825aa7e9e2a7339823cb4c445af7c261f32728454ed2487e9a7f
fd93d0e83b1f740752b42aea577f00fe0a0f8005a01b37590d9b87b81dc5161e