urlscan.io logo urlscan.io
SecurityTrails logo

www.mirrored.to Open in urlscan Pro
91.195.99.122  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Submission Tags: falconsandbox
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 9 countries across 28 domains to perform 54 HTTP transactions. The main IP is 91.195.99.122, located in Kyiv, Ukraine and belongs to M247, RO. The main domain is www.mirrored.to. The Cisco Umbrella rank of the primary domain is 349180.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 31st 2022. Valid for: 3 months.
This is the only time www.mirrored.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 91.195.99.122 9009 (M247)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:21f... 16509 (AMAZON-02)
3 13.224.195.78 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.65.209.44 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 34.193.213.148 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 141.95.4.196 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 23.23.108.37 14618 (AMAZON-AES)
1 35.214.236.176 15169 (GOOGLE)
1 23.35.236.201 16625 (AKAMAI-AS)
1 18.156.0.31 16509 (AMAZON-02)
2 2 34.252.105.21 16509 (AMAZON-02)
3 54.145.38.251 14618 (AMAZON-AES)
1 1 213.19.147.45 26120 (RHYTHMONE)
1 193.122.128.135 31898 (ORACLE-BM...)
1 216.52.2.39 30282 (AS-INAPCD...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 82.145.213.8 39832 (NO-OPERA)
1 51.89.9.252 16276 (OVH)
2 3.120.143.86 16509 (AMAZON-02)
1 213.19.147.42 3356 (LEVEL3)
54 33
4    91.195.99.122 (Kyiv, Ukraine)

ASN9009 (M247, RO)
PTR: mirrored.to
www.mirrored.to
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a02:26f0:6c00::210:ba1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.fuseplatform.net
2    2606:4700:20::ac43:4a24 (United States)

ASN13335 (CLOUDFLARENET, US)
platform.bidgear.com
imp9.bidgear.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2600:9000:21f3:ac00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
3    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:21f3:1400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
3    2606:4700:20::ac43:4691 (United States)

ASN13335 (CLOUDFLARENET, US)
fstatic.netpub.media
1    2a02:26f0:3500:c::5c7b:682b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.modoro360.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    3.65.209.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-209-44.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:26f0:3500:c::5c7b:6822 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
3    34.193.213.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-213-148.compute-1.amazonaws.com
servt.modoro360.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    141.95.4.196 (France)

ASN16276 (OVH, FR)
PTR: ip196.ip-141-95-4.eu
storage.de.cloud.ovh.net
1    2606:4700::6810:f44e (United States)

ASN13335 (CLOUDFLARENET, US)
signup.adipolo.com
3    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    23.23.108.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-108-37.compute-1.amazonaws.com
serv.modoro360.com
1    35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com
csync.loopme.me
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    34.252.105.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-105-21.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    54.145.38.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-38-251.compute-1.amazonaws.com
servs.modoro360.com
1    213.19.147.45 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    3.120.143.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-143-86.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    213.19.147.42 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
Apex Domain
Subdomains		 Transfer
8 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 54677
servt.modoro360.com — Cisco Umbrella Rank: 49420
serv.modoro360.com — Cisco Umbrella Rank: 59835
servs.modoro360.com — Cisco Umbrella Rank: 99192
11 KB
8 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3537
test.cmp.quantcast.com — Cisco Umbrella Rank: 10560
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11642
193 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
156 KB
4 mirrored.to
www.mirrored.to — Cisco Umbrella Rank: 349180
14 KB
3 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2586
211 KB
3 netpub.media
fstatic.netpub.media — Cisco Umbrella Rank: 207026
97 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 385
48 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 415
440 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 784
tag.1rx.io — Cisco Umbrella Rank: 2471
439 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 825
771 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 bidgear.com
platform.bidgear.com — Cisco Umbrella Rank: 28174
imp9.bidgear.com — Cisco Umbrella Rank: 29790
2 KB
2 fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 32296
123 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1095
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2316
414 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 813
513 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1633
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 407
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 732
6 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1264
1 adipolo.com
signup.adipolo.com — Cisco Umbrella Rank: 75994
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 95589
15 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3590
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 17
501 B
1 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 11911
61 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
43 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 447
90 KB
54 28
Domain Requested by
6 cmp.quantcast.com cdn.fuseplatform.net
cmp.quantcast.com
4 www.mirrored.to www.mirrored.to
3 servs.modoro360.com player.aniview.com
3 player.aniview.com player.avplayer.com
player.aniview.com
3 servt.modoro360.com www.mirrored.to
player.aniview.com
3 fstatic.netpub.media 2 redirects www.mirrored.to
3 securepubads.g.doubleclick.net cdn.fuseplatform.net
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com cdn.fuseplatform.net
c.amazon-adsystem.com
2 x.bidswitch.net
2 ad.360yield.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.fuseplatform.net www.mirrored.to
cdn.fuseplatform.net
1 tag.1rx.io player.aniview.com
1 onetag-sys.com player.aniview.com
1 t.adx.opera.com player.aniview.com
1 bh.contextweb.com 1 redirects
1 ap.lijit.com player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 sync.1rx.io 1 redirects
1 ups.analytics.yahoo.com player.aniview.com
1 ads.pubmatic.com player.aniview.com
1 csync.loopme.me player.aniview.com
1 serv.modoro360.com player.aniview.com
1 signup.adipolo.com www.mirrored.to
1 storage.de.cloud.ovh.net www.mirrored.to
1 www.google.de www.mirrored.to
1 www.google.com www.mirrored.to
1 player.avplayer.com tg1.modoro360.com
1 stats.g.doubleclick.net www.google-analytics.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 imp9.bidgear.com www.mirrored.to
1 tg1.modoro360.com platform.bidgear.com
1 test.cmp.quantcast.com cmp.quantcast.com
1 www.googletagmanager.com www.mirrored.to
1 platform.bidgear.com www.mirrored.to
1 ajax.googleapis.com www.mirrored.to
54 36

This site contains links to these domains. Also see Links.

Domain
bidgear.com
twitter.com
Subject Issuer Validity Valid
mirrored.to
cPanel, Inc. Certification Authority		 2022-08-31 -
2022-11-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.fuseplatform.net
R3		 2022-10-24 -
2023-01-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-10-20 -
2023-01-18		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
wl1.aniview.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
outstreamedia.com
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
*.adservrs.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-22 -
2023-02-22		 a year crt.sh
signup.adipolo.com
Cloudflare Inc ECC CA-3		 2022-07-07 -
2023-07-07		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh

This page contains 12 frames:

Primary Page: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Frame ID: 55F3A796F07FC861BFA5FE39E059C06F
Requests: 44 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Frame ID: 0DE243396EAFDC8D4A80092C0C368434
Requests: 4 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%7Bdevice_id%7D
Frame ID: A18F2193CF3B75AFD6AFBAEE827AD0F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D
Frame ID: 5E26FA16CEEE8CF84552E6DA309DBEBE
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 0869B21E87F2A4F0ECE44D30F77BA51C
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1667464151294-933492454476-008208-001-005441&key=5061c454-6193-4797-a1f1-9bcbc5c41075
Frame ID: 9A0B25600AD8644642E3CDAF1CA5DCB1
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1667464151294-933492454476-008208-001-005441&key=OPTOUT
Frame ID: D443B09AF046E537B67CF1534AB68D23
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1667464151294-933492454476-008208-001-005441&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%5BUSER_ID%5D
Frame ID: 78BBDB609494586CCBA8C6884EF657D5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%24UID
Frame ID: 5A80282B3398F59F432B199890FCF5F8
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1667464151294-933492454476-008208-001-005441&key=ZUBWrjDILn3a&ev=1&us_privacy=${us_privacy}&pid=562704
Frame ID: 55E92823FB0F3E1AA9105D3780452445
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1667464151294-933492454476-008208-001-005441%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Frame ID: B96BE689721CCEB16670309C2ACBA935
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 2A4EC343C0C7669409E69E41D950CFF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WickedWhims_v171.2_-_12_May_2022_(1321322).zip - Mirrored.to - Mirrorcreator - Upload files to multiple hosts

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

98 %
HTTPS

46 %
IPv6

28
Domains

36
Subdomains

33
IPs

9
Countries

1092 kB
Transfer

3735 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://fstatic.netpub.media/static/bf657f7615f1a33e2c3391daba7f798d.min.js?1667464150433 HTTP 301
  • https://fstatic.netpub.media/r/bf657f7615f1a33e2c3391daba7f798d/service.js HTTP 302
  • https://fstatic.netpub.media/r/bf657f7615f1a33e2c3391daba7f798d/49c805cf.js?npr=8350e9dc92a6aa7a2cf8dd17cc024cd2
Request Chain 44
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1667464151294-933492454476-008208-001-005441&key=5061c454-6193-4797-a1f1-9bcbc5c41075
Request Chain 45
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%5BRX_UUID%5D HTTP 302
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1667464151294-933492454476-008208-001-005441&key=OPTOUT
Request Chain 48
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1667464151294-933492454476-008208-001-005441&key=ZUBWrjDILn3a&ev=1&us_privacy=${us_privacy}&pid=562704

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
www.mirrored.to/files/HINHZZZP/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Kyiv, Ukraine, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
28d8116156a2d6f27fb50eb11724a1dc29765557bc7fa84e1d27e64e92df655e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4727
Content-Type
text/html; charset=UTF-8
Date
Thu, 03 Nov 2022 08:29:09 GMT
Keep-Alive
timeout=30, max=2500
Server
Apache
Vary
Accept-Encoding
normalize.css
www.mirrored.to/templates/mirrored/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mirrored.to/templates/mirrored/css/normalize.css
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Kyiv, Ukraine, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
d5963ecbf1db726386f0557788a4e8edcf4fc3b25e75e55898c1ce0fd9953230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 08:29:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 09:32:09 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=2499
Content-Length
1710
min-style_dl.css
www.mirrored.to/templates/mirrored/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mirrored.to/templates/mirrored/css/min-style_dl.css?v=6.53
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Kyiv, Ukraine, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
e9606dcd460ba287d95144146d36203a17dd44b6ef9d68fe08241313070cdee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 08:29:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Nov 2021 08:48:30 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=2498
Content-Length
5871
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.4/ 		90 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 04:50:11 GMT
x-content-type-options
nosniff
age
13139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91668
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 04:50:11 GMT
fuse.js
cdn.fuseplatform.net/publift/tags/2/2217/ 		187 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a7856a152848cbfb7a56f2915fe3cb1935ca12c80177f445a63f74661eebb0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 02:23:50 GMT
server
AkamaiNetStorage
etag
"3041e8a9e7b2b8f9c269b607adc82709:1666578230.637014"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
48080
expires
Thu, 03 Nov 2022 08:59:10 GMT
ads.php
platform.bidgear.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.bidgear.com/ads.php?domainid=5587&sizeid=2&zoneid=6172
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dbc939af13791c0b655ad0da58e70569851d7d4a9074d26a41ba8a327916cff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bL5LU9g1m2JYIRiHLTxq5TZcJ9em%2FgWbMi3zMRlHHzB2BLv7bzLGDmzvzrZp1In3CwOV5qHj7zmPu3ZTnk8IAd56WGGiVsvgGQ8QfLW1dqWTXD7BH6QdLwtVd%2BJRNy2lzeaaJJomj14sDiMpa7g%2Bm9Uc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
cf-ray
7643bd99ee6c9b49-FRA
expires
0
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-8586142-1
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf6156da354e0469cb26d7301c2f6d3eb9b658673e655c9cf8b5bb145e399661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43601
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Nov 2022 08:29:10 GMT
EN.png
www.mirrored.to/templates/mirrored/images/lang/ 		765 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mirrored.to/templates/mirrored/images/lang/EN.png
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.195.99.122 Kyiv, Ukraine, ASN9009 (M247, RO),
Reverse DNS
mirrored.to
Software
Apache /
Resource Hash
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 08:29:10 GMT
Last-Modified
Fri, 19 Oct 2012 08:23:30 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=2497
Content-Length
765
choice.js
cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48525813b27f45b918e79bfc28972d53f198cd45f1187b3cdded2cb194e29107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:28:51 GMT
content-encoding
gzip
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
28
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 15 Jul 2022 05:33:18 GMT
server
AmazonS3
etag
W/"3088a09c3bfdfbdf10ca5458788c96ce"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://www.mirrored.to
cache-control
max-age=900
access-control-allow-credentials
true
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id
8PpwxkuVuRhY6srjkb0LTWEwaTBCHkoK6bNUrsloyfto57hpcei0dg==
prebid-9b0a6ef28ac3ab85c26d75d23d831b62.js
cdn.fuseplatform.net/prebid/ 		245 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/prebid/prebid-9b0a6ef28ac3ab85c26d75d23d831b62.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6c0f306543b391ef56a8f5b2d8e116436b6accfd4d160605c53f173f8243d83a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 03:45:01 GMT
server
AkamaiNetStorage
etag
"907ec8f3e3ba256a08a4dde39fb7c783:1661312701.356755"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400000
accept-ranges
bytes
content-length
77528
expires
Wed, 30 Jul 2025 08:29:10 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecdd26adcc4a8c8b6164c4da1adcf9bae9018e1cafdcb9f8c5b80cb488b6d625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:40:23 GMT
content-encoding
gzip
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Wed, 02 Nov 2022 22:01:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2928
x-amz-server-side-encryption
AES256
etag
W/"1d9e581e3d8699432b3c59f0e0e85ea1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
nRB9102pGTCP8HEj2piU2vb4iJCNNdmzbxhfw0_NjB_SbbhKbQ1VnQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7506dd3e9b96b5db74cf33f5ff3a07438c311a355b00e1a7f3f49e3b85795a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27429
x-xss-protection
0
server
sffe
etag
"1382 / 800 of 1000 / last-modified: 1667426872"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 03 Nov 2022 08:29:10 GMT
choice.js
cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2217/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48525813b27f45b918e79bfc28972d53f198cd45f1187b3cdded2cb194e29107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:28:51 GMT
content-encoding
br
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 05:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
35
x-amz-server-side-encryption
AES256
etag
W/"3088a09c3bfdfbdf10ca5458788c96ce"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
tz1YHwfP2lq-il0M3HiBRIg9gXqEC_WVEnOZwvY7YKVm83Hld1UiKQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding
gzip
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
date
Thu, 03 Nov 2022 01:18:55 GMT
x-amz-cf-pop
FRA2-C1
age
25876
x-cache
Hit from cloudfront
last-modified
Fri, 21 Oct 2022 19:58:26 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
tmUC7UlvOdlQUgfK-m-9L63Oo3Z5qLk5jL2LRG3KyHQH6v4gYIs1VA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mirrored.to&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 05:44:10 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
9900
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.mirrored.to
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
hPHscbwzsoFIgtaMxJdAyTulJeoIQsZgUBTmVy_dcHWKXCRpZphJeg==
pubads_impl_2022103101.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js?cb=31070681
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19c22b759f0237ac8507dd5377ed3a965a858bb76a115263a303fefdec060b17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:52:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130899
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 08:34:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Nov 2023 07:52:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		551 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mirrored.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
563a6885e3348c7db383458483199c7b5956fa0ae914c654cfbf3a5678b23f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
213
x-xss-protection
0
expires
Thu, 03 Nov 2022 08:29:10 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.mirrored.to
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.mirrored.to/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:28:38 GMT
content-encoding
br
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
39
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 18:13:49 GMT
server
AmazonS3
etag
W/"6d50b90bdafc3d438c55bd915fd5301d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
mW0CBf2ejHVfa2dFyzdy-IQ-Oj8e3hR9az3RS8d4X02FxaVbqXd9rA==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ef8480f87271d77d60ab16a24843d2e8365e5ab566d34c8f263a6973c150336

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 03:00:46 GMT
x-amz-version-id
mbynXBBZ.ckIcnxGDVHS07C_p1g25FCO
content-encoding
br
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
19705
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 31 Oct 2022 19:52:29 GMT
server
AmazonS3
etag
W/"9d3edb6b0958dc8fc9d74e44b3d6c1cf"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
ziZ5UQgRjIXk_jg4ag69Re3w2kVKhOU1ZeMH6d-TfLv0KvzXYUmMgQ==
49c805cf.js
fstatic.netpub.media/r/bf657f7615f1a33e2c3391daba7f798d/
Redirect Chain
  • https://fstatic.netpub.media/static/bf657f7615f1a33e2c3391daba7f798d.min.js?1667464150433
  • https://fstatic.netpub.media/r/bf657f7615f1a33e2c3391daba7f798d/service.js
  • https://fstatic.netpub.media/r/bf657f7615f1a33e2c3391daba7f798d/49c805cf.js?npr=8350e9dc92a6aa7a2cf8dd17cc024cd2
383 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media/r/bf657f7615f1a33e2c3391daba7f798d/49c805cf.js?npr=8350e9dc92a6aa7a2cf8dd17cc024cd2
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Server
2606:4700:20::ac43:4691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a3ae6332ba465d0b06b970bb85bae2753e3d0819ab201a33131a9e29aac259c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Oct 2022 11:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1etg0EGA%2BDw20zX0p3xSe%2FivjLJwZkimAtk5L2mNMAIwV4lnTVoUtc6pqg2T9AMOSvruFmFykChZEa5oC%2Bq98n80J0JOUsreI2SxnLwh14kxk1GOpW5NpPR%2FdbeJKD3c2%2FHWn7C2%2Bc16RSlzvgcJGca"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7643bd9d4dac9b5e-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS

Redirect headers

date
Thu, 03 Nov 2022 08:29:10 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGVh6VrdqAWyCGsBO9ttBHA50RbvtuIt8xkKqQPiMj%2F5ou0JPT5IX0oIxedcZC42yhKdmdWgvyIulcN7zMaUAEaiQEW31pQaO1Wl41ri3twKDRmMlE1qF7AoRB52nlRXVF0i4N62zeCC6WUeeR%2FCsXmu"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://fstatic.netpub.media/r/bf657f7615f1a33e2c3391daba7f798d/49c805cf.js?npr=8350e9dc92a6aa7a2cf8dd17cc024cd2
cf-ray
7643bd9cac719b5e-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
spt
tg1.modoro360.com/api/adserver/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63395fb52705736e6b4c98f6&AV_PUBLISHERID=62a5dd93eca90252e90e5307
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=5587&sizeid=2&zoneid=6172
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:682b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
874e022d42131d4812a271d631e6107ab6d1acb5f1edc2838808dd91801a7eea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 08:29:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
6201
Expires
Thu, 03 Nov 2022 08:34:10 GMT
rec
imp9.bidgear.com/ 		599 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imp9.bidgear.com/rec?t=1&z=6172&uuid=d2d492750af84b60adadb8142fd2ed73&p=84&g=DE&token=4a44335432&tbg=1667464150
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PawTVx6yONIH4pwJInYgfAZ5lshd2fvAfVnIsOMx2U4l9gHnQOxC51FJ6vGYaJoTFNBpFHbaOpKQV99V79V%2FLgu7TLFT5sWzPkADqNKjPr6ChjYATU4eulY8mADJM0pEyc4y0y3yvOXDmhJo%2F6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
7643bd9c5a5a9b49-FRA
content-length
599
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8586142-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 03 Nov 2022 07:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3861
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 03 Nov 2022 09:24:49 GMT
cmp2ui-en.js
cmp.quantcast.com/tcfv2/44/ 		248 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 10:12:16 GMT
content-encoding
br
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
80215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 14 Sep 2022 18:13:35 GMT
server
AmazonS3
etag
W/"c26dab36f353a381230d68d0a5c0fa59"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
sUDZx4kYlChzVEWW0aBAJjjTu64cqmCQrdnt4lxJPczcYJvse2oigg==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		346 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36835c90abb9ce4c901f6e990db932168ec3702a740e8d241bc997ab9f13f602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 03:00:40 GMT
content-encoding
br
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
19711
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 03 Nov 2022 03:00:34 GMT
server
AmazonS3
etag
W/"1e99d6d0f0edd2b412cd48464422abc0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
SVSW1vqKwPX9s6NrB5cC9C5yozI3ZE53OeAfqMSotoUVdwMC1TpRAw==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		150 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.mirrored.to
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 03:01:33 GMT
content-encoding
gzip
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
19657
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 03 Nov 2022 03:01:30 GMT
server
AmazonS3
etag
W/"5e5c32e11030f411462907ffac99a722"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
TlihxaOPYN8WPCA34f2WXsawE-KvqagOn09N_OL6G9ZpnYAdmSAe8g==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=331169113&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mirrored.to%2Ffiles%2FHINHZZZP%2FWickedWhims_v171.2_-_12_May_2022_(1321322).zip_links&ul=en-us&de=UTF-8&dt=WickedWhims_v171.2_-_12_May_2022_(1321322).zip%20-%20Mirrored.to%20-%20Mirrorcreator%20-%20Upload%20files%20to%20multiple%20hosts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=362864480&gjid=1364351918&cid=130746954.1667464151&tid=UA-8586142-1&_gid=954934920.1667464151&_r=1&gtm=2ouav0&z=1341469979
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 08:29:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mirrored.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22www.mirrored.to%22%2C%22publisher%22%3A%22Mirrored%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22JIoGb8wE288hsmdc8%2B2aog%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1667464150542%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-rhv7m518zgmtkuwm75k%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.209.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-209-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Nov 2022 08:29:10 GMT
content-length
2
content-type
text/plain; charset=utf-8
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-8586142-1&cid=130746954.1667464151&jid=362864480&gjid=1364351918&_gid=954934920.1667464151&_u=YEBAAUAAAAAAACAAI~&z=2113780849
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 03 Nov 2022 08:29:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mirrored.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63395fb52705736e6b4c98f6&AV_PUBLISHERID=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv3MtB8ywSkxoFTIcVTwmMCJVLnsqLiokzJPDc1lTU-XBbxh1xIFRlJmFv_ujNnAJO9Rwzbgi9de8Pj1jr87iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
61326
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
server
UploadServer
etag
"9dff0335699f04080269947f40c366ae"
vary
Accept-Encoding
x-goog-generation
1646327924579580
content-type
application/javascript
content-language
en
x-goog-hash
crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
cache-control
public, max-age=300
x-goog-stored-content-length
61326
accept-ranges
bytes
expires
Thu, 03 Nov 2022 08:34:10 GMT
track
servt.modoro360.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?pid=62a5dd93eca90252e90e5307&cid=63395f08f60660296c482968&cb=1667464150604&r=www.mirrored.to&stagid=63395fb52705736e6b4c98f6&stplid=6192229fa59e3976bb4400aa&d35=&d65=ControlGroup&d66=7&e=playerLoaded
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.213.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-213-148.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8586142-1&cid=130746954.1667464151&jid=362864480&_u=YEBAAUAAAAAAACAAI~&z=126640982
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 08:29:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-8586142-1&cid=130746954.1667464151&jid=362864480&_u=YEBAAUAAAAAAACAAI~&z=126640982
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 08:29:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.4.196 , France, ASN16276 (OVH, FR),
Reverse DNS
ip196.ip-141-95-4.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 08:29:10 GMT
X-Openstack-Request-Id
txaa3d11ef6e57473d98717-0063637bd6
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
txaa3d11ef6e57473d98717-0063637bd6
/
signup.adipolo.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signup.adipolo.com/
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 0DE2 		462 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f7731fcafbb53e4d6c59a5a4a4519ad4cfa5a028e13d50c93db519e2978e41a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdusBAGLgpRtqYCtLmdfSC_aCPkM5Hw8_ancUer8l8DsYG_IIsWhCtVOSOUdi8Ple4QZLD_AiAtyf6lb1Y-G6xmODuEg8Q9b
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
137962
last-modified
Wed, 02 Nov 2022 06:18:01 GMT
server
UploadServer
etag
"3ff2e024d864f42958c10b18e91b38b2"
vary
Accept-Encoding
x-goog-generation
1667369881821050
x-goog-hash
crc32c=D2tU1w==, md5=P/LgJNhk9ClYwQsY6Rs4sg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
137962
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 03 Nov 2022 08:34:10 GMT
track
servt.modoro360.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?r=www.mirrored.to&sn=&ic=0&tgt=0&app=&wi=600&he=337&test=&d36=6.2.60&apppkg=&fv=1&proto=https&d65=ControlGroup&clsid=f3f28272-e893-4076-ba15-94ec44ceba1e&rando=100&pid=62a5dd93eca90252e90e5307&cid=63395f08f60660296c482968&stagid=63395fb52705736e6b4c98f6&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1667464150984
Requested by
Host: www.mirrored.to
URL: https://www.mirrored.to/files/HINHZZZP/WickedWhims_v171.2_-_12_May_2022_(1321322).zip_links
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.213.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-213-148.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
serv.modoro360.com/api/adserver/tag/ 		23 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=63395fb52705736e6b4c98f6&AV_PUBLISHERID=62a5dd93eca90252e90e5307&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.mirrored.to%2Ffiles%2FHINHZZZP%2FWickedWhims_v171.2_-_12_May_2022_(1321322).zip_links&AV_CHANNELID=63395f08f60660296c482968&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.mirrored.to&AV_DADPOS=1&AV_TAG=63395fb52705736e6b4c98f6&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.60&responsive=1&sver=3&avtoken=150983&omv=1.0.1&AV_D65=ControlGroup&clsid=f3f28272-e893-4076-ba15-94ec44ceba1e&rando=100&AV_WIDTH=600&AV_HEIGHT=337&AV_CCPA=1---&AV_DNT=0&cb=1667464151002&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.108.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-108-37.compute-1.amazonaws.com
Software
/
Resource Hash
6968b62c29f9fc5f1c38e0c1ad27c849ffa7df12f1a15a92f51915e42bd1b8bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:11 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mirrored.to
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 22 Oct 2022 18:42:31 GMT
/
csync.loopme.me/ Frame A18F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%7Bdevice_id%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
176.236.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 03 Nov 2022 08:29:11 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5E26 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=98164
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 03 Nov 2022 08:29:11 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 04 Nov 2022 11:45:15 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
occ
ups.analytics.yahoo.com/ups/58543/ Frame 0869 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Thu, 03 Nov 2022 08:29:11 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cookiesyncendpoint
servs.modoro360.com/ Frame 9A0B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1667464151294-933492454476-...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1667464151294-9334924...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1667464151294-933492454476-008208-001-005441&key=5061c454-6193-4797-a1f1-9bcbc5c41075
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1667464151294-933492454476-008208-001-005441&key=5061c454-6193-4797-a1f1-9bcbc5c41075
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.38.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-38-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 03 Nov 2022 08:29:11 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Thu, 03 Nov 2022 08:29:11 GMT
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1667464151294-933492454476-008208-001-005441&key=5061c454-6193-4797-a1f1-9bcbc5c41075
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookiesyncendpoint
servs.modoro360.com/ Frame D443
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1667464151294-933492454476-008208-001-005441&key=OPTOUT
0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1667464151294-933492454476-008208-001-005441&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.38.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-38-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 03 Nov 2022 08:29:11 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 03 Nov 2022 08:29:11 GMT
etag
OPTOUT
expires
0
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1667464151294-933492454476-008208-001-005441&key=OPTOUT
pragma
no-cache
services
sync.technoratimedia.com/ Frame 78BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1667464151294-933492454476-008208-001-005441&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.mirrored.to/
age
0
date
Thu, 03 Nov 2022 08:29:11 GMT
server
nginx
via
1.1 varnish
x-varnish
553554431
pixel
ap.lijit.com/ Frame 5A80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1667464151294-933492454476-008208-001-005441%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Thu, 03 Nov 2022 08:29:11 GMT
pod
X-Sovrn-Pod: ad_ap7ams1
cookiesyncendpoint
servs.modoro360.com/ Frame 55E9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1667464151294-933492454476-008208-001-005441&key=ZUBWrjDILn3a&ev=1&us_privacy=${us_privacy}&pid=562704
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1667464151294-933492454476-008208-001-005441&key=ZUBWrjDILn3a&ev=1&us_privacy=${us_privacy}&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.38.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-38-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 03 Nov 2022 08:29:11 GMT

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-6864bf847b-6d58l
expires
-1
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1667464151294-933492454476-008208-001-005441&key=ZUBWrjDILn3a&ev=1&us_privacy=${us_privacy}&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
sync
t.adx.opera.com/pub/ Frame B96B 		0
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1667464151294-933492454476-008208-001-005441%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 03 Nov 2022 08:29:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Tengine
/
onetag-sys.com/usync/ Frame 2A4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.mirrored.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0DE2 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu_CMKOyA4_nJwzD4Q2fAvGBAA78X2aJhAK76pqPlXzBjPWL96LWIOZPcWiMEsaiJl72WdUW80hHqlrLsI4c9OtnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
55951
last-modified
Wed, 02 Nov 2022 06:18:02 GMT
server
UploadServer
etag
"7d9bc6083d765fb5e2957cf1fcb9096c"
vary
Accept-Encoding
x-goog-generation
1667369882068119
x-goog-hash
crc32c=xuKq6A==, md5=fZvGCD12X7XilXzx/LkJbA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
55951
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 03 Nov 2022 08:34:11 GMT
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0DE2 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:29:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtAjJFc2QQc9kAY8kh8Fri0lTlE2Ys-Ys_iaQY_XYq4cWsRz2rbVNp6ak898wu1rcRKsCG53kRNl_LcOarknthiBQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20450
last-modified
Wed, 02 Nov 2022 06:18:02 GMT
server
UploadServer
etag
"faa8ab3c846bd0a4af14ffbd327844a2"
vary
Accept-Encoding
x-goog-generation
1667369882119258
x-goog-hash
crc32c=QjWtwg==, md5=+qirPIRr0KSvFP+9MnhEog==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20450
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 03 Nov 2022 08:34:11 GMT
sync
x.bidswitch.net/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1667464151294-933492454476-008208-001-005441&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.143.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-143-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 08:29:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1667464151294-933492454476-008208-001-005441%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1667464151294-933492454476-008208-001-005441%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.143.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-143-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mirrored.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 08:29:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
mvo
tag.1rx.io/rmp/217227/0/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217227/0/mvo?z=1r&hbv=7.12,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mirrored.to
pragma
no-cache
date
Thu, 03 Nov 2022 08:29:11 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
track
servt.modoro360.com/ Frame 0DE2 		0
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mirrored.to&rs=www.mirrored.to&sid=27394&t=1667464151&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=107.0&brn=Chrome&wi=600&he=337&app=&AV_PUBLISHERID=62a5dd93eca90252e90e5307&test=&aafaid=&proto=https&uid=1667464151294-933492454476-008208-001-005441&cha=0.7&stagid=63395fb52705736e6b4c98f6&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.60&cb=88664666637&d39=&d65=ControlGroup&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=337
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62a5dd93eca90252e90e5307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.213.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-213-148.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mirrored.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 03 Nov 2022 08:29:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| antiClickjack function| openNav function| closeNav function| $ function| jQuery object| fusePbjs object| fusetag function| __tcfapi object| apstag object| googletag object| fusePbjsChunk object| _pbjsGlobals object| pbjs boolean| apstagLOADED object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| regeneratorRuntime function| __tcfapiui function| __uspapi object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga undefined| pageTracker object| gaplugins object| gaGlobal object| gaData object| aniplayerPos object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| com function| _avcp object| __oa360ScriptsState boolean| __isGoogleAllowed object| storageAni

13 Cookies

Domain/Path Name / Value
www.mirrored.to/files/HINHZZZP Name: lang
Value: en
cdn.fuseplatform.net/ Name: akacd_mirrored
Value: 1670056150~rv=80~id=3cbd33139c88b2aef24c7ff967f26efe
.mirrored.to/ Name: _ga
Value: GA1.2.130746954.1667464151
.mirrored.to/ Name: _gid
Value: GA1.2.954934920.1667464151
.mirrored.to/ Name: _gat_gtag_UA_8586142_1
Value: 1
.modoro360.com/ Name: aniC
Value:
.360yield.com/ Name: tuuid
Value: 5061c454-6193-4797-a1f1-9bcbc5c41075
.360yield.com/ Name: tuuid_lu
Value: 1667464151
.adx.opera.com/ Name: UID
Value: OPU2556525e4d83478da33fb3fed88c7d75
.technoratimedia.com/ Name: tads_uid
Value: GDPR
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c2eb34d94001769e
.modoro360.com/ Name: 2_C_200
Value: OPTOUT
servs.modoro360.com/ Name: 2_C_200
Value: OPTOUT

1 Console Messages

Source Level URL
Text
network error URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1667464151294-933492454476-008208-001-005441%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.pubmatic.com
ajax.googleapis.com
ap.lijit.com
audit-tcfv2.cmp.quantcast.com
bh.contextweb.com
c.amazon-adsystem.com
cdn.fuseplatform.net
cmp.quantcast.com
csync.loopme.me
fstatic.netpub.media
imp9.bidgear.com
onetag-sys.com
platform.bidgear.com
player.aniview.com
player.avplayer.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
signup.adipolo.com
stats.g.doubleclick.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.technoratimedia.com
t.adx.opera.com
tag.1rx.io
test.cmp.quantcast.com
tg1.modoro360.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mirrored.to
x.bidswitch.net
13.224.195.78
141.95.4.196
18.156.0.31
193.122.128.135
198.148.27.139
213.19.147.42
213.19.147.45
216.52.2.39
23.23.108.37
23.35.236.201
2600:9000:21f3:1400:3:a4cd:8380:93a1
2600:9000:21f3:ac00:9:46dc:4700:93a1
2606:4700:20::ac43:4691
2606:4700:20::ac43:4a24
2606:4700::6810:f44e
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:26f0:3500:595::2c79
2a02:26f0:3500:c::5c7b:6822
2a02:26f0:3500:c::5c7b:682b
2a02:26f0:6c00::210:ba1b
3.120.143.86
3.65.209.44
34.193.213.148
34.252.105.21
35.214.236.176
51.89.9.252
54.145.38.251
82.145.213.8
91.195.99.122
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c
19c22b759f0237ac8507dd5377ed3a965a858bb76a115263a303fefdec060b17
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
28d8116156a2d6f27fb50eb11724a1dc29765557bc7fa84e1d27e64e92df655e
36835c90abb9ce4c901f6e990db932168ec3702a740e8d241bc997ab9f13f602
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
48525813b27f45b918e79bfc28972d53f198cd45f1187b3cdded2cb194e29107
4a3ae6332ba465d0b06b970bb85bae2753e3d0819ab201a33131a9e29aac259c
4dbc939af13791c0b655ad0da58e70569851d7d4a9074d26a41ba8a327916cff
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563a6885e3348c7db383458483199c7b5956fa0ae914c654cfbf3a5678b23f84
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6968b62c29f9fc5f1c38e0c1ad27c849ffa7df12f1a15a92f51915e42bd1b8bc
6c0f306543b391ef56a8f5b2d8e116436b6accfd4d160605c53f173f8243d83a
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c
6ef8480f87271d77d60ab16a24843d2e8365e5ab566d34c8f263a6973c150336
7506dd3e9b96b5db74cf33f5ff3a07438c311a355b00e1a7f3f49e3b85795a15
821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874e022d42131d4812a271d631e6107ab6d1acb5f1edc2838808dd91801a7eea
a7856a152848cbfb7a56f2915fe3cb1935ca12c80177f445a63f74661eebb0ea
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
cf6156da354e0469cb26d7301c2f6d3eb9b658673e655c9cf8b5bb145e399661
d5963ecbf1db726386f0557788a4e8edcf4fc3b25e75e55898c1ce0fd9953230
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9606dcd460ba287d95144146d36203a17dd44b6ef9d68fe08241313070cdee4
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecdd26adcc4a8c8b6164c4da1adcf9bae9018e1cafdcb9f8c5b80cb488b6d625
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7731fcafbb53e4d6c59a5a4a4519ad4cfa5a028e13d50c93db519e2978e41a4
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8