mineleaks.eu Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mineleaks.eu/
Submission: On December 07 via api (December 7th 2023, 5:49:22 pm UTC) from US — Scanned from NL

Summary HTTP 150 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 21 domains to perform 150 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mineleaks.eu.

This is the only time mineleaks.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	172.217.18.2 172.217.18.2	() ()
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	() ()
1	2620:1ec:46::45 2620:1ec:46::45	() ()
1	23.43.60.179 23.43.60.179	() ()
1	185.89.210.101 185.89.210.101	() ()
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	() ()
1	3.64.99.58 3.64.99.58	() ()
1	142.250.186.98 142.250.186.98	() ()
150	21

29 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

mineleaks.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdx.solo.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (None, )

ASN- ()

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.60.179 (None, )

ASN- ()

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.101 (None, )

ASN- ()

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.99.58 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	563 KB
29	mineleaks.eu mineleaks.eu	1 MB
24	gstatic.com fonts.gstatic.com www.gstatic.com	277 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net Failed	239 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	447 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
4	googleadservices.com www.googleadservices.com
3	google.com 1 redirects www.google.com	151 B
2	adnxs.com cdn.adnxs.com ams3-ib.adnxs.com	28 KB
1	bidswitch.net x.bidswitch.net	146 B
1	quantserve.com cms.quantserve.com	463 B
1	microsoft.com adsdk.microsoft.com	38 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	251 B
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7364	4 KB
1	solo.to cdx.solo.to	890 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	74 KB
0	teads.tv Failed sync.teads.tv Failed
0	onetag-sys.com Failed onetag-sys.com Failed
0	adform.net Failed c1.adform.net Failed
0	yahoo.com Failed pr-bh.ybp.yahoo.com Failed
0	bing.com Failed www.bing.com Failed
150	21

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net mineleaks.eu
29	mineleaks.eu	mineleaks.eu
15	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
14	www.gstatic.com	googleads.g.doubleclick.net mineleaks.eu
10	fonts.gstatic.com	fonts.googleapis.com
9	pagead2.googlesyndication.com	mineleaks.eu pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	www.googletagservices.com	googleads.g.doubleclick.net mineleaks.eu
6	fonts.googleapis.com	mineleaks.eu googleads.g.doubleclick.net
4	www.googleadservices.com	mineleaks.eu
3	www.google.com	1 redirects googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cm.g.doubleclick.net	mineleaks.eu googleads.g.doubleclick.net
1	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	i.imgur.com	mineleaks.eu
1	cdx.solo.to	mineleaks.eu
1	www.googletagmanager.com	mineleaks.eu
0	sync.teads.tv Failed	googleads.g.doubleclick.net
0	onetag-sys.com Failed	googleads.g.doubleclick.net
0	c1.adform.net Failed	googleads.g.doubleclick.net
0	pr-bh.ybp.yahoo.com Failed	googleads.g.doubleclick.net
0	www.bing.com Failed	googleads.g.doubleclick.net
150	25

This site contains links to these domains. Also see Links.

Domain
solo.to
lagmedia.be
www.dohtheme.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdx.solo.to R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 25 frames:

Primary Page: http://mineleaks.eu/
Frame ID: 3D3FA5A0B8CAC04B669A5CF025B16BB9
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/zrt_lookup_fy2021.html
Frame ID: C0A2350C90CFD41897C94E36D8BA034D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&adk=85976724&adf=3412083302&lmt=1701971355&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x540_l%7C140x540_r&format=0x0&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1701971357857&bpp=19&bdt=1636&idt=939&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1651405908036&frm=20&pv=2&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=963
Frame ID: 2952AFBD6AC95A29EC4A260258463953
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971357876&bpp=1&bdt=1655&idt=948&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=951
Frame ID: 226B7416D68FFBC6C08760B586564B19
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Frame ID: 1DD59F2B9B97A71744ED1A50207EDB7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=3973231943&adf=2091684007&pi=t.aa~a.4083216793~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=960x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600&nras=4&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=1340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=27
Frame ID: 940A98FF53B117A63152436D24D7241F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=3961707226&adf=938944237&pi=t.aa~a.4083217474~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=960x90&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=2088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=32
Frame ID: E07204808EBA9F5D7989E2F7F8C20C98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=60&adk=779333288&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=1200x60&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=1&bdt=4377&idt=1&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280%2C960x90&nras=6&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=37
Frame ID: 794DEBB3248C86B33319F1FC5E08201F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D1D8D86EC6A0F5080D1235322A6D88CC
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A13F7713BC1ED8EF3C7D25DD32035186
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D203C77841FC04DD4842978440E23146
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0AD4486F048EF68C1D6DAAE2B985505E
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: FCFD2EB778486390DE6FCCF87BC59ABB
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019
Frame ID: 0CB2E5A184575BDA4D1492EE3295E4AF
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019
Frame ID: E53C66099D9EAD9F26FF39F0BAA43E8D
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 84D8C86BE32DFAF629D9B3A8F1D9A513
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE6D98C185415D959E1BA287A32EE0BA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 564E06AF9F542DFA1331C9DD8A08325F
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 7ABFE3ECFD716294189F2F5933207B29
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: B31696DEC22F635DFBF9F95D2ECF8696
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: B2BAF816F90E98B837337958C11FA015
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C2B79AD62150502899C5C5A9EDED780
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 9A67E36F00D2DCA0FE89D386D86D69D6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 0A2166B34E2929FDD11E6905C739426D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB70AD1F5AB2E7DD7444DBA4873FDD4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MineLeaks

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

71 %
HTTPS

70 %
IPv6

21
Domains

25
Subdomains

21
IPs

2
Countries

2701 kB
Transfer

6397 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://solo.to/terrorysm
Title: Bad (/terrorysm) Â· solo.to

Search URL Search Domain Scan URL

URL: https://lagmedia.be/
Title: Addon provided by lagmedia.be ©2000-2022

Search URL Search Domain Scan URL

URL: http://www.dohtheme.com/
Title: DohTheme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://googleads.g.doubleclick.net/pagead/adview?ai=C-rW4ngVyZdChOt6FtOUPlsmh2AHBgd_KdLiLy_XnEfTXreiYDhABIKCS-J0BYJGEoIWMGKABuMKjgwPIAQmpAq2f90L1ELI-qAMByAPLBKoExgFP0KbQDU8KHLUKHqK8bj3kefO-mlEYhsNWKDdGaiNot0GY7sA7fPXBVeOiZYivU9D4bNteOZyTUy9c9LaPN5jMwKDzhDjGyRO76GylBkhYRCCcZaXFms916X_pSFjOeaC7uaQ9XASR4u_bDt5A95ixfET7rHfLs6gjlSaZsYYvuwQJI5xmoYUC8sv-BvFwdIrcb7-qdWF6LjruuFFOfUgpvM7TKIAloSBmDOwp6PA24A_WnKWOA6AEBPU9eq8Wrl9JM0CR4gfABLi42_LNBIgFi5O-vU2SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH3tvy8ASoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD8sAnSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIeZjrLx_YIDmglQaHR0cHM6Ly93d3cubGFuZHJvdmVyLm5sL3JhbmdlLXJvdmVyL3JhbmdlLXJvdmVyLWV2b3F1ZS9pbmRleC5odG1sP2djbHNyYz1hdy5kcyaACgHICwGiDBAqDgoM5LSxAu61sQK1uLECuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi04NTM1MzMwMzczNjM1NzI5GACyGAQSAqhO&sigh=KDmZy9zcXgQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN3tux7SiKUdW-klJh_7pFsABOvfIYAyU62XJ014GS6CdbZO9AUY4xkjGwulYRKIw7VFpZXIxDdkD-f9VaedVDsIRoAUJwI2VPLBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229153501423234474055%22,%22debug_reporting%22:true,%22destination%22:%22https://landrover.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22812179768%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217781491396622571249%22}&andc=true

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://googleads.g.doubleclick.net/pagead/adview?ai=CDuQrngVyZcW2OtGn2OMPwey0iAaVmuTVdOi7h-yAEsD3vO_NOBABIKCS-J0BYJGEoIWMGKABuK2FxQPIAQmpAmTvV99zErI-qAMByAPLBKoExQFP0PHtGAuc6xGMR3FpIOpZhBn5VY7f9YnRt9UFDxLg_zFC3AxggA0hQ1vhphTIyugc7rXmRP1RVg461Zgq31rEddvVlq9ZIswz4mv-VKd3j5-zu4rxOoIJHer2xCz888bOGVML4TBhE27dVc-BVylIp1QCGjgPcOwbZnnJLecaXBHBiOLC6_0Jf-46lwQ86Xqsmj3j-oz_xIYJ5Jx8uSRiwLkgzqqrSEKUKyvnJpd9fZ15T46aCWw7LlT-7Ft_oO4eDOZAqcAE1Mif8ZcEiAW1isKBRpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfRsv4mqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQyfYY0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliQro6y8f2CA5oJzgFodHRwczovL3d3dy5zYW1zdW5nLmNvbS9ubC9hdWRpby1kZXZpY2VzL2FsbC1hdWRpby1kZXZpY2VzLz9jaWQ9bmxfcGFpZF9wcGNfR09PR0xFX2F1ZGlvX29uZ29pbmdfQ05-TkItQVZELVNvdW5kYmFyLVBtYXhfUFJ-c291bmRiYXJfU0J-aG9tZXRoZWF0X1BIfm9uX0tTfmdjYV9NS35ubF9PQn5jb25fRlN-bG9fdGV4dF9ub25lX25vbmUmZ2Nsc3JjPWF3LmRzJoAKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQK4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTg1MzUzMzAzNzM2MzU3MjkYAA&sigh=aW_KLVN-o6w&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN6INv4X6h0qToRRhJ9-vS8Wigus3gM17_xGxGgp2Qrc8nLw9_iqkxIr2cLRv15FfKzuxi_7PlDCpHxSUaQ3ym-MSbjC5iixn7ms8YAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228478195700444656908%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950097592%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212124287183159250065%22}&andc=true

Request Chain 136

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHUXuPrKhc_ebKBg2pA2TRY&google_cver=1&google_push=AXcoOmSlYkHzpHcHDtNXIwhtAZGrMCXFBsss5W9YckwAH4MP7b8_W52iaVkP37CY3hslLH-H_JHEN2ZRc21fOJsFVAupDbVqazQJ3ULxL3OKFlZSv1gs1x9lvS8VXpD9CZ09nbFU4HJCI3sLlmttTchAV5Y1Gm0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIwMDI2OTU1ODAwODY3NDY0OQ==&gdpr=&gdpr_consent=

150 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mineleaks.eu/ 73 KB
16 KB 777ms
667ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://mineleaks.eu/

Protocol

HTTP/1.1

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f91a3a792eef6d940a34c5be7ea230d7b42a468b2c27c384855b4adb76b5690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 831e9aac48de0e68-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Dec 2023 17:49:15 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZ0p4UnCwEHsy9l0%2Byri%2Fz%2FgEBPV4uuZeljNyyW7dvTtXcjWzD1Sbp9TChAymeeSM39edYRkqvjuvKSK9BMHx8E%2FvwM11o5dKV%2Fxdx7VA1q%2F7FN6Y2ZSNnniANI9m24Iw9oMRi9m8eZmMTw%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, max-age=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 07 Dec 2023 17:49:15 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK fa-regular-400.woff2
mineleaks.eu/styles/fonts/fa/ 165 KB
166 KB 778ms
720ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: http://mineleaks.eu/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 168768
last-modified: Tue, 16 May 2023 15:59:22 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evYx7SELxbysnPygnirRYCMzjcq%2F%2FSkJFflpqSXKuKryMkUGKyjPpWv8ehsTziFdG0jA%2FpvJMt%2FfcSGY%2FSzGLDyQg0KqTMPZ6DbZeqkmanKQ57HB9HQod1fvhFmGAbio7TctztK%2B2v0GZ2g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab2be87b8a0-AMS
expires: Thu, 14 Dec 2023 17:49:16 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
mineleaks.eu/styles/fonts/fa/ 134 KB
134 KB 669ms
612ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: http://mineleaks.eu/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 136824
last-modified: Tue, 16 May 2023 15:59:22 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmsvUZmSFxh0ajD6zjPpBXTGccOA5DUadHoNs6HumSb6xZmsBOLaea%2BhbmR%2BM3M4dIOGV5A%2FVwi5BSlxXVkeEBCDfGMYTs62faS%2B88iBlLa1acQVRRUQ7QITswIRJGmGuBhchrx3HJahaHo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab2bafa0e31-AMS
expires: Thu, 14 Dec 2023 17:49:16 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
mineleaks.eu/styles/fonts/fa/ 75 KB
76 KB 793ms
736ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: http://mineleaks.eu/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 76740
last-modified: Tue, 16 May 2023 15:59:22 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZDa8bFYyh2Ioh2QoaHepM5g5gNZkFluEzxfcgKLSqMh8NmyI17xCdcWbUieBOpKDvc1sfUoq1OoD1bHmHgkmTKH6P6lswL7JpHcK3I%2BTPDwEYEHUchNj0IqgsSJtRnP0tAkIhq93RPTpZw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab2f9070ea4-AMS
expires: Thu, 14 Dec 2023 17:49:16 GMT

GET
H/1.1 200
OK css.php
mineleaks.eu/ 429 KB
90 KB 197ms
145ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1694199703&k=034405c740f279c15adbbc41dfccb627ca90db04

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

HTTP/1.1

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbb905b2d89f4bd0e8664a9d6d335984868d2db4f494b6bed7b8d863bd11e0d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 91591
last-modified: Fri, 08 Sep 2023 19:01:43 GMT
Server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wW14inKEPErlQZYCIfwCZ8L8UFgmRG4Hetog3d3U%2FDzcF%2BWMBlUOYoNbKTpV2zj05FhSae%2FjOOLsdIuOnVW7anXJAdsMwQqyePaWloEBy2GFXr5wBYxDS10frOqUuuUMaXd2VicNIpN%2BG%2FI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
CF-RAY: 831e9ab0ff4e0e68-AMS
expires: Fri, 06 Dec 2024 17:49:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
947 B 202ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 17:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 16:29:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 17:49:16 GMT

GET
H/1.1 200
OK css.php
mineleaks.eu/ 28 KB
8 KB 631ms
577ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://mineleaks.eu/css.php?css=public%3Abb_code.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Asiropu_shoutbox.less%2Cpublic%3Aextra.less&s=31&l=1&d=1694199703&k=ce4e2c46aa55dd01d2921f0c8c131ec60a376ea5

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

HTTP/1.1

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96dd7f81552ffa9ce562acaa707cf5625e26e33ab87c828d724883d140ca46d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 7261
last-modified: Fri, 08 Sep 2023 19:01:43 GMT
Server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62nndfUJMXfpvc6C%2FXrU6zfsHvGGnYxMlHQd4UTLl7VclNtUmGZvf11y3uIld1Pf%2BN%2FDeNzYfy9S9GQlP%2FQbnJTsqqCqlfNFKnLdBMuNHl7AntZBxKanLmFwF6pz32vQb0eBW6ORexxRYqY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
CF-RAY: 831e9ab2b9ff5c4c-AMS
expires: Fri, 06 Dec 2024 17:49:16 GMT

GET
H/1.1 200
OK preamble.min.js Show response
mineleaks.eu/js/xf/ 4 KB
2 KB 197ms
141ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/xf/preamble.min.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1741
last-modified: Tue, 16 May 2023 15:59:20 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NAX8wRkY8F3GPQhGUuTF%2BoXHEZNYFQqEo46Fg3oIJWgYjWeLpbHQi8ZFxnl21L1tvpgs8OFQ8WynYCy9MNh7qYH1jZRP8GTnt5gb7XDK4Ns9CuZT0xKwy0iHQIlP4IcdCORyeJezEc39R4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab10b4806ba-AMS
expires: Thu, 14 Dec 2023 17:49:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
74 KB 739ms
213ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1047BKNRE4

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2694fef10d5e7502aedeaf8ccb472321ffe29e66896aaa9a8ba541401d100e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 17:49:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 708ms
233ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535330373635729

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4efd156950e94cccc872fa7341e8ae3f169e1f64c6264371615d5873cebf1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51945
x-xss-protection: 0
server: cafe
etag: 2807633845777597337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK df078f8d62e9b8e3278539ce77174f8a90cc9865.png
mineleaks.eu/data/assets/logo/ 181 KB
181 KB 326ms
326ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/assets/logo/df078f8d62e9b8e3278539ce77174f8a90cc9865.png
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5deae6d8c1f81c5e57b72c8df1964b08ffa9864e0dac4c0d1a5e9aa3ebf0779

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 185037
last-modified: Wed, 30 Aug 2023 12:09:08 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9x4cu537HbMUM50BDITFuhFuRZZRK%2FO7L4WcgE7rVa6O1NEE%2FpxfNRDHOOqh7VOegjF1hf1qO7F7eoPO8Np7owkSVCMGZKFs3nNggKZxOG9MQbs2dNTwHRudyZsQvGRGhbrhO%2BXDK9an%2BsE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab1ccc906ba-AMS
expires: Thu, 14 Dec 2023 17:49:16 GMT

GET
H2 200 favicon.png
cdx.solo.to/images/ 423 B
890 B 181ms
33ms Image
image/png 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdx.solo.to/images/favicon.png
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 1d7ab1c211e4b5877f875fae049a9114334cee6279a75cbab2271d5d306d8f8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:16 GMT
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 12/03/2023 11:56:13
cdn-pullzone: 223960
content-length: 423
last-modified: Wed, 05 Apr 2023 23:45:25 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 257
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "642e0815-1a7"
content-type: image/png
cdn-cache: HIT
cdn-uid: a8b84be6-16d3-4c29-9fa5-1b1f10654d8a
cache-control: public, max-age=604800
cdn-requestid: 4d22b3dc8e334788aeca615923ddae24
accept-ranges: bytes
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
mineleaks.eu/js/vendor/jquery/ 87 KB
31 KB 267ms
267ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/vendor/jquery/jquery-3.5.1.min.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 30970
last-modified: Tue, 16 May 2023 15:59:20 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wCLsglmroq998ZZC8b5iLe%2Bz66BkG6069xRr1%2BbziF2CQvHKV01Pum2T6saz4A2rHS6hs7J%2FXQ%2FLpoEGp3ttdSWw76Z4NQ8w3cbPjtTNHrxFxlUUY4wv9GWaF8lepdLgbz2XoPcHAkqN4U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab239120e68-AMS
expires: Thu, 14 Dec 2023 17:49:16 GMT

GET
H/1.1 200
OK vendor-compiled.js Show response
mineleaks.eu/js/vendor/ 43 KB
13 KB 254ms
254ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/vendor/vendor-compiled.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:16 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 55970
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 12883
last-modified: Tue, 16 May 2023 15:59:20 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV1Ct%2B0UasxOnRkPSHrZctevsh0fC3UOsyKbQI07%2FqZLsT9eQ69W5pCpW1ToznN7XlpoNDuTB%2FptmGyG1o8HHFgvmaJKyUmHgBPPtOi4S%2FPJFr9VGzMf1Dp3nwjUCNv7VPIKgqEZVVgXA3I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab3fbce0e68-AMS
expires: Thu, 14 Dec 2023 02:16:26 GMT

GET
H/1.1 200
OK core-compiled.js Show response
mineleaks.eu/js/xf/ 211 KB
61 KB 255ms
254ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/xf/core-compiled.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 62006
last-modified: Tue, 16 May 2023 15:59:20 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BJ61uA5Wd8LbSpTJUTMQa1qMGRjo5Yiiusg%2BMgEK59gNg%2F3CWBR%2F1wTY473zLddDcZnL7rgVHNEf0YTznKPONN27yyLPO0AW1zqGINdq%2FH%2FGWfhCJifhjr7PlN2KNMLhnCe87DLRVoEZU4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab48d715c4c-AMS
expires: Thu, 14 Dec 2023 17:49:16 GMT

GET
H/1.1 200
OK core.min.js Show response
mineleaks.eu/js/siropu/shoutbox/ 12 KB
5 KB 199ms
199ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/siropu/shoutbox/core.min.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5d466fef65c2d9d7f14fc02d3377f289709c998596bdfb3548ba4773d025e23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 3844
last-modified: Tue, 29 Aug 2023 10:41:20 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXJgdcc3VHwjI%2FAeq7MHYNyruwWTy9ou3r9BA54WgeDzOFhdMB3RjAxgfzBXZLlxcTt2oupooazlhwRUG1m8l08gydxT0T4otLa0xWTO5poSpM6bUz8aTlZMp6j801qSubNn5cxZ4UaiRUU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab61e0406ba-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK core.min.js Show response
mineleaks.eu/js/siropu/am/ 9 KB
4 KB 192ms
191ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/siropu/am/core.min.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e2fa852542b50f2df4b397c167c3278cbf324928b502b646f7a5d055365794

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 2967
last-modified: Fri, 25 Aug 2023 10:28:34 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d819l7VQKuHfSMXJaWZ%2FnoSidyW6NfbEpqjlM0I%2FTyipRrjYc4R4S4w8ZOXGTMj4GhDuYAXcEx791YQQdWicqHoV8167z20irFYavAXviYzDMKGxEJGT%2B%2BzesTlch940EPUPTqDoHaoVkg8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab628475c4c-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK notice.min.js Show response
mineleaks.eu/js/xf/ 4 KB
2 KB 167ms
166ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/xf/notice.min.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 50095
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1535
last-modified: Tue, 16 May 2023 15:59:20 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7K1unJO2WaNoe0vtcHFk89IUjsU%2F5TSwoWsYSSKgusQycH9vmJDMoHXZ73FkL5TBMvgI%2BixBev0plEzfZb5dmEN8E8HCp7RpAHTARYW4rBTKmb0GONjO5H7j55HZJbNng7b7JrJ0hVNFS4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab63e390ea4-AMS
expires: Thu, 14 Dec 2023 03:54:22 GMT

GET
H/1.1 200
OK index.js Show response
mineleaks.eu/js/foroagency/coloredusername/ 380 B
1 KB 49ms
44ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/js/foroagency/coloredusername/index.js?_v=5a6112eb
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0e6169e39f5c8f93c0dae464faa49979fd869e935a0f9b8be0cb53f04349f57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 77411
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 243
last-modified: Sat, 02 Sep 2023 15:42:50 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEbupySMZ7dS7MaTu2yGLAy1ziM%2BF2E24r23HJECeGKR0KN1XK9USU3urSTjEawpeBreBTlmcd4rM6SxtGKlriua5cbggzNZGbcyAWwPq5MpB2pe8SEmyOqXwgV3989QgkpSM1Glmcjnb20%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab7797006ba-AMS
expires: Wed, 13 Dec 2023 20:19:06 GMT

GET
H2 200 xYHi6bM.gif
i.imgur.com/ 3 KB
4 KB 514ms
34ms Image
image/gif 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/xYHi6bM.gif

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1694199703&k=034405c740f279c15adbbc41dfccb627ca90db04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9f6bf67f30b771aa6ec6f0ba34125704c76f2b94ac180c80fd06351da8d9d788

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:17 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2519215
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 3245
x-served-by: cache-iad-kjyo7100023-IAD, cache-fra-etou8220113-FRA
last-modified: Sat, 26 Aug 2023 02:48:52 GMT
server: cat factory 1.0
x-timer: S1701971357.380310,VS0,VE2
etag: "3e5b9cea2494174a0780f6a96ffc5ae4"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: no96RkbeNbGvYi5K2me1AAVY8JB4y_UKEjoGRm9V0XWynY7rsfFp6Q==
x-cache-hits: 43, 1

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 708ms
221ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:28:36 GMT
x-content-type-options: nosniff
age: 184841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:28:36 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 684ms
197ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:13:02 GMT
x-content-type-options: nosniff
age: 506175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:13:02 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 526ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:46 GMT
x-content-type-options: nosniff
age: 241411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:46 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 691ms
205ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 63645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 00:08:32 GMT

GET
H/1.1 200
OK fa-light-300.woff2
mineleaks.eu/styles/fonts/fa/ 180 KB
181 KB 421ms
280ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/styles/fonts/fa/fa-light-300.woff2?_v=5.15.3
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1694199703&k=034405c740f279c15adbbc41dfccb627ca90db04
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d

Request headers

Referer: http://mineleaks.eu/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=31&l=1&d=1694199703&k=034405c740f279c15adbbc41dfccb627ca90db04
Origin: http://mineleaks.eu
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 184144
last-modified: Tue, 16 May 2023 15:59:22 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEnUdsEYN2%2FnPGw9B5y7YJinbQJoTCje46%2FQa5QPpqDt2hvOjzl7wp4StdtC4yOb6GwXNoSKSnsJHCe8GmJrzwLphAYxXghc4GpSJ25OxlaQwhqQFYU3qk8X%2B0CUUgLmVc0vPi113lvDCEU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab57d950e68-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 53.jpg
mineleaks.eu/data/avatars/s/0/ 4 KB
5 KB 441ms
253ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/53.jpg?1693139487
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a89f2320e41aaa62f85681d944f8095fbe7c53f6d0d3bc0a923369c06c177a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 4167
last-modified: Sun, 27 Aug 2023 04:31:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dy1CflRtWi5hv0CvPJGeXxIzifo%2F5qQel5XCBD4GKFqE3IiGKXPw5ZuGU5jl2P6mGej7iOL6jA6Bw0sNbzCv5uhzOiojXySY5nxP%2Bis0QpZB37iUrM%2FhL%2BmbPOwvbwLy5cIdOccGMgYnMdE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab778210ea4-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 484.jpg
mineleaks.eu/data/avatars/s/0/ 6 KB
7 KB 443ms
259ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/484.jpg?1700082659
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b25e4083dd5a37df6ccc7bdc863541a825b664d4a12eba2614cba5c6b68221b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 6108
last-modified: Wed, 15 Nov 2023 21:11:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33obyqsGuxBr6tOsMVZK3BcywY6nN81zGZ9M%2FtC2I63i1ys06oQkgVPfAi%2BQSwC6oWL3ysaKZBr5hg9gStlMN9ShBIvpRltslZeBIb74pw%2BjZrn55mhK62CrbGQTF2F1T2Ibr7vawj27lfI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab77da3b8a0-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 381.jpg
mineleaks.eu/data/avatars/s/0/ 5 KB
6 KB 443ms
253ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/381.jpg?1698458311
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1768cbb749f55a2500f5e988a6da457decc9381edf3341957c863baae03884

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 5070
last-modified: Fri, 27 Oct 2023 17:58:32 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fom3EEZ5gJ4DR5FmXJPeebe6CFG%2BSH0TmQZrTknC9%2B%2Byf2pJqJsDwC33hwe9fNhkPyRwleIvGjJj%2BV6WIs2pHtcAnlL8gpK%2BgXBWgmkwz8TZfvkuRNI5RHDb2MvHikjNy29M7YxZi4%2BtvAI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab77a365c4c-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 58.jpg
mineleaks.eu/data/avatars/s/0/ 6 KB
7 KB 256ms
254ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/58.jpg?1693154608
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ee0f40b1b3ad827b2b99716479ef6088f6497785c70f97167e104ea484e837

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 6202
last-modified: Sun, 27 Aug 2023 08:43:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0LPObSR4u08dM9OdpTtQaqUgQcPOtZsiTyAwfQgUi2dRvbzad37YrLRIMogXZUy5iGaRgRCCBZLOkC0cIilLoMQfeMKYjxXYQgLPFi6CZ8ypwdhwsoEYmxSuEoqBRuHKiprA7OROlhQZbI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab789310e31-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 173.jpg
mineleaks.eu/data/avatars/s/0/ 4 KB
5 KB 253ms
251ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/173.jpg?1693780875
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb24d1a170227f124cdae323a5cd79a21a40d21c6226a4769aa2edd420b46c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 4257
last-modified: Sun, 03 Sep 2023 14:41:14 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1RHLbGWXhbUUhvXK09QppmisrsbzWUPxifGZSgtVz1eRC3AhsXcXt2VPAq2k%2BMO9%2BYeyLUaZa2AtVcj209iIZtu6uech2qJ5Q7krNR%2FNuQ%2BtLcCjhbsigT3%2Fglr308MdDozfqyYdhUG1Rg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab788080e68-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 235.jpg
mineleaks.eu/data/avatars/s/0/ 2 KB
3 KB 505ms
504ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/235.jpg?1696810224
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb80643e5c401bab5287474d08cb7cf691bd4623f4bbbde745afed45476bce7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 2372
last-modified: Sun, 08 Oct 2023 16:10:24 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsxEm8kGdcV5uJncvD1R38gPDIdBhtR6IjD05qi3NXmR4BhjMOyTGndvr03Ac%2BsSJ7mdJ4H5WRAI0UpgqTRv71hlty2h3269Ektlwd9vboZLSRY3PraGwC1Pngqpx3%2BVdYqi7R8qwYjKODs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab7da2a06ba-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 225.jpg
mineleaks.eu/data/resource_icons/0/ 2 KB
3 KB 250ms
249ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/resource_icons/0/225.jpg?1696998461
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae9ff830d99b505d3622c94769a7ef010d2f9a76abf2c9c2aeb9e56300b4bf7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 2530
last-modified: Tue, 10 Oct 2023 20:27:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV21Lb1l%2FDLNyePXR%2FykxBmeNo7LaBB1BQejEJBxCImbF08KowyP0wnYkGUbA3eTvL%2FttlG1UamqzyGajN2ca9dleSFBS4rkSgYM3nX1niqsPQnvjYiYkcdE1AT4yIJTTYvo5WxYKtgm1ns%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab91aba0ea4-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 291.jpg
mineleaks.eu/data/resource_icons/0/ 5 KB
5 KB 99ms
99ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/resource_icons/0/291.jpg?1699288594
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580b88883d65aeb5e5935df255d2b1cc0988445abca949634dbd464161950a17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 327237
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 4763
last-modified: Mon, 06 Nov 2023 09:36:34 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T64b6U0i43%2B4Ezh6Ken%2FIqJE28%2BEZVnksCxjpydQEOZZW9gMusDEiKMaGuQ8OJl7krnmO29tCCvkbJRts2HSFD3NurYuXVkRulQWNTZc0vwVBHDkOVFGnbP2btSUgop1obBKfMdqF5ma%2FqM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab918c7b8a0-AMS
expires: Sun, 10 Dec 2023 22:55:19 GMT

GET
H/1.1 200
OK 474.jpg
mineleaks.eu/data/avatars/s/0/ 144 B
912 B 248ms
248ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/474.jpg?1699888642
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32763dc6e7b33ec954dbe9d1372acb534afdfa18b0f912fa3b006368d56b25af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 144
last-modified: Mon, 13 Nov 2023 15:17:23 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvwS5FanDf%2BPKKfwpENrkkM6gYwatTM99KbPW09J8MQ7Pcq1iPaRKWcI%2BCKxmIodf9njjTxzCePxyYWKCv0cbOhOnnr7Qu2aZFD9rlt5G4eOqVMa8dBZIkD4WUKNMt8IytjDyoKfHU%2BqpKU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab91d5d5c4c-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 427.jpg
mineleaks.eu/data/avatars/s/0/ 5 KB
6 KB 244ms
244ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/427.jpg?1698999018
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f425d358d9cd9c96411f8a6c243d66b14160331c1bb8b2eb59c11cf3060e4cb4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 5150
last-modified: Fri, 03 Nov 2023 01:10:18 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2C6fl7aYn1iobTCkqeu5f6BbsiuL9cd55yMLTLU3BkyKgwjYGBx5ph0NWEsLz1p504lI94T7Dd7rUDxT2t3UtdgySH8Tyw45N9Bkga2prng18NC0WTmjMJPxIHtJzvcZGi64fS65NxPaiCg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab91a100e68-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 275.jpg
mineleaks.eu/data/avatars/s/0/ 1 KB
2 KB 143ms
143ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/275.jpg?1697222230
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea4832dbe60c116e619ee2bd9d54c88d2c07f3ea446e7a0b762eb6050b4525b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1279
last-modified: Fri, 13 Oct 2023 10:37:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7slHRpxPaiq4W45H%2BbgZq4gHNDfFoQTkYKSlfnFTJ8MHfjH0wEtpFmjboOOASeBcs83Nmz%2FVmJknk9w22DORW7RbH9xVdYk9RHbYHmR5ERU628gJorddcVjTQIIQMgiifwkYWWAY1%2F7nzQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab92b290e31-AMS
expires: Thu, 14 Dec 2023 17:49:17 GMT

GET
H/1.1 200
OK 254.jpg
mineleaks.eu/data/avatars/s/0/ 1 KB
2 KB 158ms
158ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mineleaks.eu/data/avatars/s/0/254.jpg?1696975162
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ecf956346ef32176254197b3baf6a5c1d3956e6527f302b3f1904a7d49ee664

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 327235
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 1153
last-modified: Tue, 10 Oct 2023 13:59:22 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vh1yCBnC5jepZHlZOEC62ofdRV2RrUAOi%2FGVCfmNlvtzScaQw%2BzV6I1q7qZphqIHW8rZutMFFFoHwgAdlA1dFBEvY3QkPi8YEdooev659j1Il%2Bti1kYHTGQfKmMGu%2FkDcx4Df4m4P4wHu1Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 831e9ab9b9e7b8a0-AMS
expires: Sun, 10 Dec 2023 22:55:21 GMT

GET
H/1.1 206
Partial Content new.mp3
mineleaks.eu/styles/default/siropu/shoutbox/ 2 KB
3 KB 147ms
147ms Media
audio/mpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mineleaks.eu/styles/default/siropu/shoutbox/new.mp3
Requested by: Host: mineleaks.eu
URL: http://mineleaks.eu/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ceb880d9140d5f448b9fa0fa04ead8f24cbc24d7b1d5d93ff9909c895ed0d8

Request headers

Referer: http://mineleaks.eu/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 07 Dec 2023 17:49:17 GMT
CF-Cache-Status: MISS
last-modified: Tue, 29 Aug 2023 10:41:20 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TQm0j5bICZnqm%2Fk5Ji7efIMJGY1ANDRRcfwRTS%2BR4x6WZZmOVmC2%2BNCsOzA3d67LHfNPyqJ779gvAGawKE8f6ICvDdyA81E6ud6ecYrukKqi8sd%2FjV1T08dLMgsl2As2cmFcR4gjrI5eWw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: audio/mpeg
Content-Range: bytes 0-2397/2398
Cache-Control: max-age=14400
x-turbo-charged-by: LiteSpeed
Connection: keep-alive
CF-RAY: 831e9aba1c7f0e31-AMS
alt-svc: h3=":443"; ma=86400
Content-Length: 2398

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 320ms
235ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535330373635729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b3e074ab88422c294252a5c54f57398a3141fcea81263901125634ada31fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137568
x-xss-protection: 0
server: cafe
etag: 13766337891887963024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/ Frame C0A2 9 KB
4 KB 248ms
161ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8535330373635729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:03:30 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 19:03:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 211ms
157ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1047BKNRE4&gtm=45je3bt0v899451844&_p=1701971356867&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=405531858.1701971358&ul=en-us&sr=1600x1200&_s=1&sid=1701971357&sct=1&seg=0&dl=http%3A%2F%2Fmineleaks.eu%2F&dt=MineLeaks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2489
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1047BKNRE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 17:49:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://mineleaks.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2952 688 KB
115 KB 1072ms
1070ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&adk=85976724&adf=3412083302&lmt=1701971355&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x540_l%7C140x540_r&format=0x0&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1701971357857&bpp=19&bdt=1636&idt=939&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1651405908036&frm=20&pv=2&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=963

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8535330373635729&plah=mineleaks.eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a8c328421f4b5355c69e88c1b3f290e63f5298d4e44025e31dc5d01bbf68fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 117092
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:19 GMT
expires: Thu, 07 Dec 2023 17:49:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 226B 121 KB
41 KB 683ms
682ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971357876&bpp=1&bdt=1655&idt=948&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=951

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

618eb2bd2a30e92fcfd17b21f16e527573d014f3238cf21fa2a48c4b24caf44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:19 GMT
expires: Thu, 07 Dec 2023 17:49:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 226B 4 KB
751 B 43ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=225472386&adf=2631573148&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=1200x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971357876&bpp=1&bdt=1655&idt=948&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 17:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:58:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 17:49:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 226B 2 KB
902 B 320ms
246ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:42:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 226B 24 KB
9 KB 319ms
247ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:30:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 226B 3 KB
1 KB 320ms
248ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:57:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 226B 20 KB
9 KB 315ms
243ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 226B 202 KB
64 KB 797ms
537ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:19 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 226B 37 KB
16 KB 315ms
238ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8444182308118872598/ Frame 226B 32 KB
32 KB 795ms
728ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8444182308118872598/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f3632594c7ed916e026de1f1c96cbba1b14299a76c7a26eb16884b9ac410822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 02:02:49 GMT
x-content-type-options: nosniff
age: 229590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32535
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 11:21:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 02:02:49 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2855562509720700233/ Frame 226B 1 KB
2 KB 794ms
728ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2855562509720700233/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e8ec0b34594761fcf7b974ebaf83a746a1d351d9d3b7182105220b638b7c3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:44:59 GMT
x-content-type-options: nosniff
age: 205460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1494
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 11:11:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 08:44:59 GMT

GET
DATA 200
OK truncated
/ Frame 226B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff90b969c70358fe2578e3f7a338041b221b12cb3aa6cdf44ae01cf6ddba3e78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 159ms
158ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dce9a6ed33dd04ba8936296467dcd52b33dc28ddbec3025d63ccba9f9db8b224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mineleaks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55952
x-xss-protection: 0
server: cafe
etag: 4866259596889446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:20 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DD5 58 KB
20 KB 804ms
803ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a65047e2477abada89bf79eea31dce29a8215b54303374912c641b5199eefe1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 20709
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:21 GMT
expires: Thu, 07 Dec 2023 17:49:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 940A 123 KB
42 KB 819ms
818ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=3973231943&adf=2091684007&pi=t.aa~a.4083216793~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=960x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600&nras=4&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=1340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd0ec0b14d2ca516b83ffd03637068918c626c4099e0a025b69249074812826a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42837
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:21 GMT
expires: Thu, 07 Dec 2023 17:49:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E072 436 B
237 B 233ms
232ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=90&adk=3961707226&adf=938944237&pi=t.aa~a.4083217474~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=960x90&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280&nras=5&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=2088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170ff66e4d1b262d0f607bff820be0a83a3e80ac300c41de182649b99e03b29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:20 GMT
expires: Thu, 07 Dec 2023 17:49:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 794D 436 B
237 B 575ms
565ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=60&adk=779333288&adf=215438296&pi=t.aa~a.3833140187~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=1200x60&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=1&bdt=4377&idt=1&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600%2C960x280%2C960x90&nras=6&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=37

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edc61d6a26dba546b3700d951d10a3be8c3e834ae5c1a62628d08332ad72facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:21 GMT
expires: Thu, 07 Dec 2023 17:49:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 226B 16 KB
16 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 496269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:58:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 226B 15 KB
15 KB 136ms
136ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 505418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:25:42 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/ Frame D1D8 9 KB
4 KB 49ms
49ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:58:59 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 20:58:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/ Frame A13F 9 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:58:59 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 20:58:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/ Frame D203 9 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:58:59 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 20:58:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/ Frame 0AD4 9 KB
4 KB 43ms
41ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mineleaks.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 75021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 20:58:59 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 20:58:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 226B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-rW4ngVyZdChOt6FtOUPlsmh2AHBgd_KdLiLy_XnEfTXreiYDhABIKCS-J0BYJGEoIWMGKABuMKjgwPIAQmpAq2f90L1ELI-qAMByAPLBKoExgFP0KbQDU8KHLUKHqK8bj3kefO-mlEYhsN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229153501423234474055%22,%22debug_reporting%22:true,%22destination%22:%22https://landrover.nl%22,%22event_report_window%22:%...

0
0

431ms
218ms

Fetch
text/css

172.217.18.2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229153501423234474055%22,%22debug_reporting%22:true,%22destination%22:%22https://landrover.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22812179768%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217781491396622571249%22}&andc=true

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9153501423234474055","debug_reporting":true,"destination":"https://landrover.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["812179768"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"17781491396622571249"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Dec 2023 17:49:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 17:49:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9153501423234474055","debug_reporting":true,"destination":"https://landrover.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["812179768"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"17781491396622571249"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame FCFD 51 KB
19 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame D1D8 4 KB
671 B 87ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 17:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:52:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 17:49:20 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D1D8 205 B
520 B 87ms
85ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:13:25 GMT
x-content-type-options: nosniff
age: 279355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 12:13:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D1D8 604 B
696 B 87ms
86ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:29:57 GMT
x-content-type-options: nosniff
age: 177563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Dec 2024 16:29:57 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/ Frame D1D8 16 KB
7 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 16:56:24 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/ Frame D1D8 22 KB
9 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:56:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 16:56:24 GMT

GET
H2 200 b1fdc9f83bbec90a172a8086cc6d7abe.js Show response
www.gstatic.com/mysidia/ Frame 0CB2 9 KB
4 KB 194ms
188ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 15:24:46 GMT

GET
H2 200 8a584ab346aeed0078ae5ae8e5f91cf8.js Show response
www.gstatic.com/mysidia/ Frame 0CB2 42 KB
16 KB 196ms
190ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8a584ab346aeed0078ae5ae8e5f91cf8.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8fb071d75bc98297ba49716fd5e88eef776d29948452a23ad252adda7aa1811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16603
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 08:49:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 0CB2 2 KB
860 B 196ms
192ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:42:10 GMT

GET
H2 200 b3d22904135f8697752ffb260ada44de.js Show response
www.gstatic.com/mysidia/ Frame 0CB2 23 KB
10 KB 201ms
197ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b3d22904135f8697752ffb260ada44de.js?tag=exit_2019

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cf1c6a1436cf8168814bb044ec74cf2313a75d0949eda35f27377eb8355f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9829
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 18:12:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 0CB2 24 KB
9 KB 198ms
193ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:30:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 0CB2 3 KB
1 KB 198ms
194ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:57:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 0CB2 20 KB
8 KB 193ms
189ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CB2 202 KB
64 KB 201ms
198ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 0CB2 37 KB
15 KB 200ms
197ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H2 200 b1fdc9f83bbec90a172a8086cc6d7abe.js Show response
www.gstatic.com/mysidia/ Frame E53C 9 KB
4 KB 208ms
207ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 15:24:46 GMT

GET
H2 200 8a584ab346aeed0078ae5ae8e5f91cf8.js Show response
www.gstatic.com/mysidia/ Frame E53C 42 KB
16 KB 251ms
250ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8a584ab346aeed0078ae5ae8e5f91cf8.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8fb071d75bc98297ba49716fd5e88eef776d29948452a23ad252adda7aa1811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16603
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 08:49:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame E53C 2 KB
856 B 173ms
171ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:42:10 GMT

GET
H2 200 b3d22904135f8697752ffb260ada44de.js Show response
www.gstatic.com/mysidia/ Frame E53C 23 KB
10 KB 254ms
252ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b3d22904135f8697752ffb260ada44de.js?tag=exit_2019

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cf1c6a1436cf8168814bb044ec74cf2313a75d0949eda35f27377eb8355f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9829
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 18:12:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame E53C 24 KB
9 KB 204ms
202ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:30:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame E53C 3 KB
1 KB 239ms
238ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:57:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame E53C 20 KB
8 KB 173ms
172ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E53C 202 KB
64 KB 261ms
261ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame E53C 37 KB
15 KB 254ms
253ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0AD4 4 KB
655 B 181ms
179ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 17:43:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 0AD4 2 KB
856 B 200ms
199ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:42:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 0AD4 24 KB
9 KB 201ms
200ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:30:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 0AD4 3 KB
1 KB 206ms
205ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:57:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 0AD4 20 KB
8 KB 196ms
196ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AD4 202 KB
64 KB 386ms
386ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 0AD4 37 KB
15 KB 207ms
207ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/2575376116023685620/ Frame 0AD4 43 KB
43 KB 362ms
361ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2575376116023685620/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e410dc641c63e4f731f3358ded0956a1421a647cab725c16259ded82658a8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43677
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 16:31:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 17:49:21 GMT

GET
H2 200 15350372997105118373
tpc.googlesyndication.com/simgad/ Frame 0AD4 2 KB
2 KB 215ms
214ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15350372997105118373?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa1112ba9b7d1aa7471bc27c3641b8419ebae97fed05d175be06d20120b6d347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:06:31 GMT
x-content-type-options: nosniff
age: 222170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1968
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 13:56:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 04:06:31 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 460ms
91ms Preflight
text/html 172.217.18.2

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 17:49:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 84D8 14 KB
1 KB 95ms
94ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:58:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 84D8 2 KB
856 B 112ms
111ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:42:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 84D8 24 KB
9 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:30:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE6D 143 B
166 B 87ms
86ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:04:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 84D8 3 KB
1 KB 121ms
119ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:57:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 84D8 20 KB
8 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84D8 202 KB
64 KB 364ms
362ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 84D8 37 KB
15 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

254ms
253ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:21 GMT
expires: Thu, 07 Dec 2023 17:49:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 17:49:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0AD4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37391901ca8c1a3b8ee694dca828369ec41ca2bcd7ac93a117caef12648b067c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 564E 51 KB
19 KB 433ms
433ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 7ABF 95 KB
38 KB 342ms
51ms Script
application/javascript 2620:1ec:46::45

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 20:39:18 GMT
vary: Accept-Encoding
x-azure-ref: 20231207T174921Z-d29fxut1g92zxd318xpnf3aby800000011u0000000019b7u
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 81af1b7f-201e-0021-38f2-26d08f000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 7ABF 80 KB
27 KB 506ms
199ms Script
application/x-javascript 23.43.60.179

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.60.179 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 17:49:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Fri, 06 Dec 2024 17:49:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 7ABF 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:57:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 7ABF 20 KB
8 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7ABF 0
0 230ms
153ms Image
text/html 2a00:1450:4001:80b::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9hV-UiBY9cNSs-kEITej_ZCFDu33CvF0U2KY2f0X3EL8auwn6DmjOpafQFbFZUyamHVR-ZuZ8oRO2fkloIgXJSpysgw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=600&adk=2488645395&adf=2675318159&pi=t.aa~a.2521332233~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=280x600&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280&nras=3&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1150&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ABF 202 KB
64 KB 229ms
228ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 940A 4 KB
655 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=3973231943&adf=2091684007&pi=t.aa~a.4083216793~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=960x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600&nras=4&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=1340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:56:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame B316 51 KB
19 KB 165ms
159ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 940A 2 KB
822 B 150ms
142ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:42:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 940A 24 KB
9 KB 148ms
142ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:30:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 940A 3 KB
1 KB 149ms
143ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 09:57:34 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1682421460784260625/ Frame 940A 19 KB
19 KB 135ms
134ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1682421460784260625/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61d1fedd22221fe581d237ea040f8aefd9ab5c42dd1c396a6491fc920e2686b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 13:53:21 GMT
x-content-type-options: nosniff
age: 14160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19666
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 15:07:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 13:53:21 GMT

GET
H3 200 3517600294818050806
tpc.googlesyndication.com/simgad/ Frame 940A 2 KB
2 KB 132ms
131ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3517600294818050806?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa1112ba9b7d1aa7471bc27c3641b8419ebae97fed05d175be06d20120b6d347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:52:13 GMT
x-content-type-options: nosniff
age: 79028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1968
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 14:52:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Dec 2024 19:52:13 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0AD4 15 KB
16 KB 122ms
122ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
x-content-type-options: nosniff
age: 80190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0AD4 15 KB
15 KB 123ms
122ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 505419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:25:42 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0AD4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDuQrngVyZcW2OtGn2OMPwey0iAaVmuTVdOi7h-yAEsD3vO_NOBABIKCS-J0BYJGEoIWMGKABuK2FxQPIAQmpAmTvV99zErI-qAMByAPLBKoExQFP0PHtGAuc6xGMR3FpIOpZhBn5VY7f9Yn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228478195700444656908%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%2...

0
0

70ms
70ms

Fetch
text/css

172.217.18.2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228478195700444656908%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950097592%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212124287183159250065%22}&andc=true

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8478195700444656908","debug_reporting":true,"destination":"https://samsung.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950097592"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"12124287183159250065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Dec 2023 17:49:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 17:49:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8478195700444656908","debug_reporting":true,"destination":"https://samsung.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950097592"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"12124287183159250065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame B2BA 51 KB
19 KB 130ms
130ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: mineleaks.eu
URL: http://mineleaks.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2C2B 1 KB
643 B 63ms
61ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 25031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Fri, 08 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 940A 20 KB
8 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 940A 0
0 66ms
65ms Image
text/html 2a00:1450:4001:80b::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTN_VT0DdB085cbSrzbgcID9NOs0SvnYB__ZHXOTszDU_Q4I2eTkyKaMtMP_OAXxJU65tIcy3TidZPA39tO7p_2H20w2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=3973231943&adf=2091684007&pi=t.aa~a.4083216793~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=960x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600&nras=4&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=1340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 940A 202 KB
64 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 17:49:21 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 940A 37 KB
15 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 215ms
214ms Preflight
text/html 172.217.18.2

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 17:49:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 940A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31fd91a20cfdabc009951fb92a29f966aa423452f8bc909040b56db4e419af3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET tracking
www.bing.com/api/v1/mediation/ Frame 7ABF 0
0

GET th
www.bing.com/ Frame 7ABF 0
0

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 7ABF 0
533 B 199ms
37ms Script
text/html 185.89.210.101

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fmineleaks.eu&e=wqT_3QLnA-jnAQAAAwDWAAUBCKCLyKsGEJnq2fSxs8T3IBgAKjYJaMrVNf6RpT8RgVqfutYGpT8ZAAAA4HoU8j8hgQ0SACkRJAAxARvAUbiuPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjN8gWAAQGKAQNVU0SSAQEG8OWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCE2h0dHA6Ly9taW5lbGVha3MuZXWAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFjMHPpIn-uoUawAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGAAUjLPA_0AbCjQTaBhYKEAURHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfN8gXSBw0JESkBJgjaBwYJupzgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=fe2840486479c1a4ab9791b9bc7771e28fb90817&bdref=http%3A%2F%2Fmineleaks.eu%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fmineleaks.eu%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8535330373635729%26output%3Dhtml%26h%3D600%26adk%3D2488645395%26adf%3D2675318159%26pi%3Dt.aa~a.2521332233~rp.4%26w%3D280%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701971355%26rafmt%3D1%26to%3Dqs%26pwprc%3D9288327111%26format%3D280x600%26url%3Dhttp%253A%252F%252Fmineleaks.eu%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1701971360598%26bpp%3D2%26bdt%3D4377%26idt%3D-M%26shv%3Dr20231205%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D252787a9546a6cdf%253AT%253D1701971358%253ART%253D1701971358%253AS%253DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g%26gpic%3DUID%253D00000ce43abc239b%253AT%253D1701971358%253ART%253D1701971358%253AS%253DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D1651405908036%26frm%3D20%26pv%3D1%26ga_vid%3D405531858.1701971358%26ga_sid%3D1701971359%26ga_hid%3D1596497258%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1150%26ady%3D1389%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079864%252C31079919%252C44807754%252C44806140%252C44807763%252C44808148%252C44808284%26oid%3D2%26psts%3DAOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg%26pvsid%3D3932015720857641%26tmod%3D1812472118%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D16,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8535330373635729%26output%3Dhtml%26h%3D600%26adk%3D2488645395%26adf%3D2675318159%26pi%3Dt.aa~a.2521332233~rp.4%26w%3D280%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701971355%26rafmt%3D1%26to%3Dqs%26pwprc%3D9288327111%26format%3D280x600%26url%3Dhttp%253A%252F%252Fmineleaks.eu%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1701971360598%26bpp%3D2%26bdt%3D4377%26idt%3D-M%26shv%3Dr20231205%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D252787a9546a6cdf%253AT%253D1701971358%253ART%253D1701971358%253AS%253DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g%26gpic%3DUID%253D00000ce43abc239b%253AT%253D1701971358%253ART%253D1701971358%253AS%253DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D1651405908036%26frm%3D20%26pv%3D1%26ga_vid%3D405531858.1701971358%26ga_sid%3D1701971359%26ga_hid%3D1596497258%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1150%26ady%3D1389%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079864%252C31079919%252C44807754%252C44806140%252C44807763%252C44808148%252C44808284%26oid%3D2%26psts%3DAOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg%26pvsid%3D3932015720857641%26tmod%3D1812472118%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D16&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 17:49:22 GMT
an-x-request-uuid: c0f47524-a78e-4b60-a0b4-74d09c73e814
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.153.102; 31.204.153.102; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 2C2B
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHUXuPrKhc_ebKBg2pA2TRY&google_cver=1&google_push=AXcoOmSlYkHzpHcHDtNXIwhtAZGrMCXFBsss5W9YckwAH4MP7b8_W52iaVkP37CY3hslLH-H_JHEN2ZRc21fOJsFVAupDbVqazQJ3...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIwMDI2OTU1ODAwODY3NDY0OQ==&gdpr=&gdpr_consent=

0
0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2C2B 35 B
463 B 192ms
39ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB3Ce6vDfIUgaJiEi-fAa4I&google_cver=1&google_push=AXcoOmQun09xhbO47oIzD9r1z3ekaprmiR-DgHEB4iWGu9UNzZi9ii9deCormyx2xv5-NWV2L3g6sNgwJvyl3-zbaWc9ewmRADR89Dnn7QORu0W_FmKBzINfR3AIFS8AQJoiqbj-jUy2efTg_SqxFNmRUkcdH08

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 17:49:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 2C2B 43 B
146 B 191ms
39ms Image
image/gif 3.64.99.58

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEILhtNZGSSFgpJf5NZanzow&google_cver=1&google_push=AXcoOmQsxdkyKhCZ6elG1ryraDycE2E_pGWgO9Z012rCgzS0aDUT82EFODxaPcfoojpZsIxOAnNpw-jm9c-9Rlc1cgZVL5uwPR3vVp_HDUu6PnvB1SXqPRnyNbMyVd7Pj1554myBWDV8ylNq_8woVBRhhIY1oc4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8535330373635729&output=html&h=280&adk=3973231943&adf=2091684007&pi=t.aa~a.4083216793~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1701971355&rafmt=1&to=qs&pwprc=9288327111&format=960x280&url=http%3A%2F%2Fmineleaks.eu%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701971360598&bpp=2&bdt=4377&idt=-M&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D252787a9546a6cdf%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g&gpic=UID%3D00000ce43abc239b%3AT%3D1701971358%3ART%3D1701971358%3AS%3DALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw&prev_fmts=0x0%2C1200x280%2C280x600&nras=4&correlator=1651405908036&frm=20&pv=1&ga_vid=405531858.1701971358&ga_sid=1701971359&ga_hid=1596497258&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=1340&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079864%2C31079919%2C44807754%2C44806140%2C44807763%2C44808148%2C44808284&oid=2&psts=AOrYGsmdImHtYeWPOPdYXGv6Vtw7hTdmXWj9tNlvQpH0yG1GMnb1nKYA-CzQQwHTMB8M-B3ZUNjUeXYhVq6nWGXJ7VmQ7cNg&pvsid=3932015720857641&tmod=1812472118&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.99.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET adx
pr-bh.ybp.yahoo.com/sync/ Frame 2C2B 0
0

GET /
c1.adform.net/serving/cookie/match/ Frame 2C2B 0
0

GET /
onetag-sys.com/match/ Frame 2C2B 0
0

GET um
sync.teads.tv/ Frame 2C2B 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2C2B 0
130 B 204ms
43ms Image
text/html 142.250.186.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0xu7v5_ZRMRbTGRJ3TiBvEG7Mv3vljVg9FLuBTFL2ARTZOHJC104UyICzPH1PJfsQ979tew

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:49:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 226B 42 B
174 B 87ms
86ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslnxFV99RDuW2MFq3osLGx6KvRvnyQLLtgsiGPEOgl1GzEbUFBKoa-cE7bciOP7X9PrHPsy9V87plOff6V9Rv2wh10bdYx1-AhdcNeWKeYM2SegRHMVKJjGAUHSATucLI68FwmpJsdzdUR&sai=AMfl-YRQEdxXBYRtwI1VS8mvOapWb2ztTmQPXgz9GypA33xJbsOTI1jCrsQDxUrXv1uN-eEIWehyBlKWsKHJSs7W8xQuql5CscYUAGS22dSoCcmnP_UNZ1JEtdvD3MJyoAVaLY8GWqlPSIERAUvtJnLt3hnGhKBLVYAzpQg&sig=Cg0ArKJSzFeUGjWmCbXUEAE&cid=CAQSTgDICaaN3tux7SiKUdW-klJh_7pFsABOvfIYAyU62XJ014GS6CdbZO9AUY4xkjGwulYRKIw7VFpZXIxDdkD-f9VaedVDsIRoAUJwI2VPLBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=225472386&rs=2&la=1&cr=0&vs=4&r=v&rst=1701971358828&rpt=2066&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 17:49:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 940A 16 KB
16 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:58:11 GMT
x-content-type-options: nosniff
age: 496271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:58:11 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 940A 15 KB
15 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 505420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:25:42 GMT

GET adview
googleads.g.doubleclick.net/pagead/ Frame 940A 0
0

GET 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame 9A67 0
0

GET 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame 0A21 0
0

GET cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AB70 0
0

GET
DATA 200
OK truncated
/ Frame 7ABF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16745e22615e3980b430398ede043aaed1da106cd5aa168bb3f6e6119cb70630

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST vevent
ams3-ib.adnxs.com/ Frame 7ABF 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bing.com
URL: https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c5a2291d-c42e-49b0-8cd1-2d8c3b7e4d59&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=65e51c63-aaca-4819-b297-f5e125c88113&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D550c1e45b591462799a35e6d6be49ca7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2373134886578320665

Domain: www.bing.com
URL: https://www.bing.com/th?id=OADD2.7215849254011_15FBLLZGJ4KXTDJK7C&pid=21.2&c=16&roil=0.2383&roit=0&roir=0.7617&roib=1&w=180&h=180&qlt=90

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIwMDI2OTU1ODAwODY3NDY0OQ==&gdpr=&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN3IfZVIt48olIZQsE-k-LY&google_cver=1&google_push=AXcoOmST4gbEQr2qw_TNNcOWJtn24bADZ9pgZ1Y66YBf0U87HXdS_AMPwlAJNpULdT9dO0xCymN6ogdXU5bQxu-UfDLR-lSTi1aZA4VYFVdJvjEeL5QtwSXnrCD4flMk0JfLfq64CBnX0YJZSI6K8xreQMOIw8Y

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGPhpMvtmzkkjV91R3OBB14&google_cver=1&google_push=AXcoOmTOME4IqmJ-B2iH_3QxJoB6mRZSG08CKkk6loNlAlrR1jX93YZDPZHsNP75YarWX9Ox_Bkx4BkyrNfQKmSYFq_XFI712BnZhKLexXOlNBUl7bgv2cW2R0vwDLbnW7mzf4kLpRiayVhRpwL24P-G7GKOwzs

Domain: onetag-sys.com
URL: https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMfnoGoDLiQPbnNyztAZ3GA&google_cver=1&google_push=AXcoOmRMSuroOrFF7KWYkdi4IosvN1r7mGq5Vo5i6ECglTGbcr1qFKetbs4bQtRj17nCgE_jhk2GWYe6CRLOIUpBgv1mcl25JsBxRvAn8US65Xfn_78e9Gp77oADx979XuVsLIg-4yu77PLzYKRfhCRok-Lrgyo

Domain: sync.teads.tv
URL: https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEdFa8w-BotXRFUKeA66WLI&google_cver=1&google_push=AXcoOmTGEN-EWj-MXIEByjz9EGdD2XTadHjjnyF-X6wBtKtgIURHNa6irhhw8enjzFRIY5gQ4X2IWYlrQl7k-0TOeWpC-84Yf4bJ3nHuIxwvCPcD_YLz_uK3hrSkYlfhG-wRuCTpNSEtgCBg-jUGqpxuuHE10rQ

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adview?ai=CXo2joAVyZeWWLZ6QtOUPx_Oe8AO48uTVdIvlsYHzEc-mxOqEEBABIKCS-J0BYJGEoIWMGKABuK2FxQPIAQmpAq2f90L1ELI-qAMByAPLBKoExAFP0FcYJqO7PAri-vgz2eJ85YLMc0TH00HEvwkwi48NLNiLHSUHQPcrxe-bwHMEiW_rSecE-fnH7BfyBfvCjC6CT7Wyni8Twkmt0ILLzgXIJsBRQCSe-XvZGwZYEkzHa1IPvWLtoHSwWtH5ZLv5RGqkWf5B2rfPUklTvc59KapYgXh4HhH943qgTtoABh1kqvsEF7yeJvY8i8lxyXef4qCLLnKyAH6v-2QBgh4nVHeu6wfWQvZNZZotkzXm2UGgj8KydjimwATylYiohASIBcvYv65GkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8q5jiOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCE0gLSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNyW-7Lx_YIDmgmoAWh0dHBzOi8vd3d3LnNhbXN1bmcuY29tL25sL3R2cy8_Y2lkPW5sX3BhaWRfcHBjX0dPT0dMRV90ZWxldmlzaW9uc19vbmdvaW5nX0NOfk5CLUFWRC1UVi1QbWF4X1BSfm11bHRpX1NCfnR2X1BIfm9uX0tTfmdjYV9NS35ubF9PQn5jb25fRlN-bG9fdGV4dF9ub25lX25vbmUmZ2Nsc3JjPWF3LmRzJoAKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxArgT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODUzNTMzMDM3MzYzNTcyORgA&sigh=s1ME3mUxzBI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaN4ZplwHNhk4Jtd51O1zH66v6edPXAR4Vp3R5F2Up6MWsavOchHPXRyuHRbIa-HknHu9XdaMBYGAE&template_id=484&cbvp=2&vis=1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Domain: ams3-ib.adnxs.com
URL: https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fmineleaks.eu&e=wqT_3QKFB-iFAwAAAwDWAAUBCKCLyKsGEJnq2fSxs8T3IBgAKjYJaMrVNf6RpT8RgVqfutYGpT8ZAAAA4HoU8j8hgQ0SACkRJAAxARvAUbiuPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjN8gWAAQGKAQNVU0SSAQEG9F4BmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhNodHRwOi8vbWluZWxlYWtzLmV1gAMAiAMBkAMAmAMJoAMBqgOaAwqwAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY1ZTUxYzYzLWFhY2EtNDgxOS1iMjk3LWY1ZTEyNWM4ODExMyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NjVlNTFjNjMtYWFjYS00ODE5LWIyOTctZjVlMTI1Yzg4MTEzJnJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRb0NAFTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjM3MzEzNDg4NjU3ODMyMDY2NSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekkxTmpnd09UazJOVGsyT1RZak1qTXlORE0yTnpVNE1UVTJNVEU0T1E9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWMwc-kif66hRrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXOmwH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAANPwGLZOAGAfIGAggAgAcBiAcAoAcByAfN8gXSBw0JDSUFJgzaBwYIBQmo4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=0637e9635882dc7c96c1fb6a14d44a7f997cc24d&type=nv&nvt=5&jm=1003&px=60&py=0&bw=160&bh=160&sid=4832624171713361369&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=280&ph=600&ww=280&wh=600&ft=3

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mineleaks.eu/	1969-12-31 23:59:59	Name: xf_csrf Value: 4Fj8WkxTkjPXAnmg
.mineleaks.eu/	1970-01-21 02:22:11	Name: _ga_1047BKNRE4 Value: GS1.1.1701971357.1.0.1701971357.0.0.0
.mineleaks.eu/	1970-01-21 02:22:11	Name: _ga Value: GA1.1.405531858.1701971358
.mineleaks.eu/	1970-01-21 02:07:47	Name: __gads Value: ID=252787a9546a6cdf:T=1701971358:RT=1701971358:S=ALNI_MavMC_EQusomX_j4U1PtwBTIPJV8g
.mineleaks.eu/	1970-01-21 02:07:47	Name: __gpi Value: UID=00000ce43abc239b:T=1701971358:RT=1701971358:S=ALNI_Mbbij9OfdbR3mnHwZJZcIm18Yf5cw
.doubleclick.net/	1970-01-21 02:07:47	Name: IDE Value: AHWqTUkiyTsAjXNwfA348Oc-wIhE2w3kLEnus0qICe9lCBsez31peDiN-C4fN9ll4U4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: http://mineleaks.eu/js/vendor/jquery/jquery-3.5.1.min.js?_v=5a6112eb(Line 1) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
c1.adform.net
cdn.adnxs.com
cdx.solo.to
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
mineleaks.eu
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
sync.teads.tv
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ams3-ib.adnxs.com
c1.adform.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
sync.teads.tv
www.bing.com
142.250.186.98
146.75.120.193
172.217.18.2
185.89.210.101
2001:4860:4802:32::36
23.43.60.179
2400:52e0:1e00::1082:1
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:46::45
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a06:98c1:3120::3
3.64.99.58
06b3e074ab88422c294252a5c54f57398a3141fcea81263901125634ada31fb7
16745e22615e3980b430398ede043aaed1da106cd5aa168bb3f6e6119cb70630
170ff66e4d1b262d0f607bff820be0a83a3e80ac300c41de182649b99e03b29b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d7ab1c211e4b5877f875fae049a9114334cee6279a75cbab2271d5d306d8f8f
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2694fef10d5e7502aedeaf8ccb472321ffe29e66896aaa9a8ba541401d100e38
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f91a3a792eef6d940a34c5be7ea230d7b42a468b2c27c384855b4adb76b5690
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32763dc6e7b33ec954dbe9d1372acb534afdfa18b0f912fa3b006368d56b25af
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
37391901ca8c1a3b8ee694dca828369ec41ca2bcd7ac93a117caef12648b067c
3a89f2320e41aaa62f85681d944f8095fbe7c53f6d0d3bc0a923369c06c177a6
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3f3632594c7ed916e026de1f1c96cbba1b14299a76c7a26eb16884b9ac410822
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51ee0f40b1b3ad827b2b99716479ef6088f6497785c70f97167e104ea484e837
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
580b88883d65aeb5e5935df255d2b1cc0988445abca949634dbd464161950a17
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e8ec0b34594761fcf7b974ebaf83a746a1d351d9d3b7182105220b638b7c3c9
618eb2bd2a30e92fcfd17b21f16e527573d014f3238cf21fa2a48c4b24caf44b
6a1768cbb749f55a2500f5e988a6da457decc9381edf3341957c863baae03884
6ecf956346ef32176254197b3baf6a5c1d3956e6527f302b3f1904a7d49ee664
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e410dc641c63e4f731f3358ded0956a1421a647cab725c16259ded82658a8c6
85e2fa852542b50f2df4b397c167c3278cbf324928b502b646f7a5d055365794
8a8c328421f4b5355c69e88c1b3f290e63f5298d4e44025e31dc5d01bbf68fd1
8cb80643e5c401bab5287474d08cb7cf691bd4623f4bbbde745afed45476bce7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
96dd7f81552ffa9ce562acaa707cf5625e26e33ab87c828d724883d140ca46d3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937
9f6bf67f30b771aa6ec6f0ba34125704c76f2b94ac180c80fd06351da8d9d788
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4efd156950e94cccc872fa7341e8ae3f169e1f64c6264371615d5873cebf1c9
a5d466fef65c2d9d7f14fc02d3377f289709c998596bdfb3548ba4773d025e23
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
a65047e2477abada89bf79eea31dce29a8215b54303374912c641b5199eefe1d
a7ceb880d9140d5f448b9fa0fa04ead8f24cbc24d7b1d5d93ff9909c895ed0d8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e6169e39f5c8f93c0dae464faa49979fd869e935a0f9b8be0cb53f04349f57
b25e4083dd5a37df6ccc7bdc863541a825b664d4a12eba2614cba5c6b68221b5
b8cf1c6a1436cf8168814bb044ec74cf2313a75d0949eda35f27377eb8355f55
bae9ff830d99b505d3622c94769a7ef010d2f9a76abf2c9c2aeb9e56300b4bf7
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d5deae6d8c1f81c5e57b72c8df1964b08ffa9864e0dac4c0d1a5e9aa3ebf0779
d61d1fedd22221fe581d237ea040f8aefd9ab5c42dd1c396a6491fc920e2686b
d8fb071d75bc98297ba49716fd5e88eef776d29948452a23ad252adda7aa1811
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dbb905b2d89f4bd0e8664a9d6d335984868d2db4f494b6bed7b8d863bd11e0d2
dce9a6ed33dd04ba8936296467dcd52b33dc28ddbec3025d63ccba9f9db8b224
e31fd91a20cfdabc009951fb92a29f966aa423452f8bc909040b56db4e419af3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
ea4832dbe60c116e619ee2bd9d54c88d2c07f3ea446e7a0b762eb6050b4525b7
edb24d1a170227f124cdae323a5cd79a21a40d21c6226a4769aa2edd420b46c3
edc61d6a26dba546b3700d951d10a3be8c3e834ae5c1a62628d08332ad72facd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f425d358d9cd9c96411f8a6c243d66b14160331c1bb8b2eb59c11cf3060e4cb4
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa1112ba9b7d1aa7471bc27c3641b8419ebae97fed05d175be06d20120b6d347
fd0ec0b14d2ca516b83ffd03637068918c626c4099e0a025b69249074812826a
ff90b969c70358fe2578e3f7a338041b221b12cb3aa6cdf44ae01cf6ddba3e78

mineleaks.eu Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

71 %HTTPS

70 %IPv6

21 Domains

25 Subdomains

21 IPs

2 Countries

2701 kBTransfer

6397 kBSize

6 Cookies

3 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mineleaks.eu Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

71 %
HTTPS

70 %
IPv6

21
Domains

25
Subdomains

21
IPs

2
Countries

2701 kB
Transfer

6397 kB
Size

6
Cookies

150 HTTP transactions
4 data transactions