urlscan.io logo urlscan.io
SecurityTrails logo

themaxlevelherohasreturned.online Open in urlscan Pro
172.67.189.82  Public Scan

Go To Rescan Add Verdict Report
URL: https://themaxlevelherohasreturned.online/
Submission: On November 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 1 countries across 17 domains to perform 42 HTTP transactions. The main IP is 172.67.189.82, located in United States and belongs to CLOUDFLARENET, US. The main domain is themaxlevelherohasreturned.online.
TLS certificate: Issued by GTS CA 1P5 on October 27th 2023. Valid for: 3 months.
This is the only time themaxlevelherohasreturned.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    172.67.189.82 (United States)

ASN13335 (CLOUDFLARENET, US)
themaxlevelherohasreturned.online
3    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
6    172.67.191.60 (United States)

ASN13335 (CLOUDFLARENET, US)
readdemonslayer.com
6    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    34.198.51.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-51-67.compute-1.amazonaws.com
api.purpleads.io
1    172.67.75.241 (None, )

ASN- ()
script.4dex.io
1    104.18.34.178 (None, )

ASN- ()
mp.4dex.io
1    54.171.212.190 (None, )

ASN- ()
hb.minutemedia-prebid.com
1    213.227.153.224 (None, )

ASN- ()
b1h-euc1.zemanta.com
1    54.155.236.110 (None, )

ASN- ()
hb-api.omnitagjs.com
1    52.212.105.38 (None, )

ASN- ()
ads.servenobid.com
1    8.2.109.170 (None, )

ASN- ()
prebid.admanmedia.com
1    51.89.9.252 (None, )

ASN- ()
onetag-sys.com
1    147.75.84.158 (None, )

ASN- ()
prebid.a-mo.net
1    23.212.89.151 (None, )

ASN- ()
images.outbrainimg.com
2    64.202.112.63 (None, )

ASN- ()
log.outbrainimg.com
Domain Requested by
7 themaxlevelherohasreturned.online themaxlevelherohasreturned.online
6 fonts.gstatic.com fonts.googleapis.com
6 readdemonslayer.com 1 redirects themaxlevelherohasreturned.online
readdemonslayer.com
5 api.purpleads.io readdemonslayer.com
3 fonts.googleapis.com themaxlevelherohasreturned.online
readdemonslayer.com
2 log.outbrainimg.com readdemonslayer.com
1 images.outbrainimg.com readdemonslayer.com
1 prebid.a-mo.net readdemonslayer.com
1 onetag-sys.com readdemonslayer.com
1 prebid.admanmedia.com readdemonslayer.com
1 ads.servenobid.com readdemonslayer.com
1 hb-api.omnitagjs.com readdemonslayer.com
1 b1h-euc1.zemanta.com readdemonslayer.com
1 hb.minutemedia-prebid.com readdemonslayer.com
1 mp.4dex.io readdemonslayer.com
1 script.4dex.io readdemonslayer.com
script.4dex.io
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com themaxlevelherohasreturned.online
0 cadmus.script.ac Failed script.4dex.io
42 19

This site contains no links.

Subject Issuer Validity Valid
themaxlevelherohasreturned.online
GTS CA 1P5		 2023-10-27 -
2024-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
readdemonslayer.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.purpleads.io
Amazon RSA 2048 M01		 2023-10-01 -
2024-10-28		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-01 -
2024-07-31		 a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh

This page contains 5 frames:

Primary Page: https://themaxlevelherohasreturned.online/
Frame ID: 9677D506E0AA6D5B5DC6923439E952F1
Requests: 15 HTTP requests in this frame

Frame: https://readdemonslayer.com/insurance.html
Frame ID: BA3D2550B65FAC78F084AC6AB20A69AA
Requests: 4 HTTP requests in this frame

Frame: https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: D80B59E4FFE204A86E731902098617A4
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: A074DC07CB9A994768A73007D713025A
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 67AFAF0AEB3B5E4F2DFB7518A83C6880
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Max Level Hero Has Returned Manga Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

93 %
HTTPS

0 %
IPv6

17
Domains

19
Subdomains

19
IPs

1
Countries

648 kB
Transfer

1268 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://readdemonslayer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
themaxlevelherohasreturned.online/ 		45 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e46134f45d5f39fb2d0f6921a8593624f5167a69188ae757bec9b8372ab9e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
825cdd926d38fa1c-AMS
content-encoding
br
content-security-policy
upgrade-insecure-requests upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 05:30:58 GMT
last-modified
Tuesday, 14-Nov-2023 05:30:58 GMT
link
<http://themaxlevelherohasreturned.online/wp-json/>; rel="https://api.w.org/" <http://themaxlevelherohasreturned.online/wp-json/wp/v2/pages/379>; rel="alternate"; type="application/json" <http://themaxlevelherohasreturned.online/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
nginx-cache
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfNOyW3D4I0MFaPTHc93CuNROZsFF2LPLOMCM6Lfe%2B5V2DFSRzJ%2BK162p4TxAZpPR72ba6onJrdray82OWvDzTXcEB2c9zPhNGKhOOGggJ0c8EeKWyFUxX5MtOpc490QHEVOLGhDfXtWirI2MGu5a5S7vGs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
HIT From themaxlevelherohasreturned.online
x-content-type-options
nosniff
x-xss-protection
1; mode=block
autoptimize_af4045d24ababb1aee67bb5b5d78a4f2.css
themaxlevelherohasreturned.online/wp-content/cache/autoptimize/css/ 		84 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themaxlevelherohasreturned.online/wp-content/cache/autoptimize/css/autoptimize_af4045d24ababb1aee67bb5b5d78a4f2.css
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7495644645f34a1a1617e364c8cd7c2ea933dd381ac906ae2549a1ba3d03e23b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 11:06:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543829c-14e03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdlVwLEQ47K4RQmwEwZiREX3M1axJXhM9ehL5znYRQ7BEZtgsJrABTujs9ZCg27o8mfJBCnsGBVKWEE7hbMb5i4uevaAIrem1mGptixysLDpQO4Yr3iMl1WEvre9LQHnpYWjQbvNUQTa3ODv0q2y0ShLPd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
825cdd92ed4ffa1c-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 17:30:58 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
b8945ad8256f6574f3ca27e41a465d21403d8b6bbabd1e875cf4578ac57fec55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 05:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 04:56:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 05:30:58 GMT
jquery.min.js
themaxlevelherohasreturned.online/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themaxlevelherohasreturned.online/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Nr8ecJRcx8aArfQsWo6zNJGooaMGBQty3%2BwiOJA1TSTOG4XBFO17%2Fi0vM7D%2FTM%2Bh1hpWA4Du4aEi7Xsw2RA5r%2By%2FiZ4vmRKPpqyrvKp%2BLUo8wH1fWsMNBseMRnqunjAcW%2BvUslG4ov6JHI8d3I%2FY1dxF7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
825cdd92ed50fa1c-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 17:30:58 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9JY3BQ4DPF
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
761c2ae15dfce53ca9aeac49d04c1d676e0fbd7cda270e698a2a99a964c055d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91437
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 05:30:58 GMT
themaxlevelherohasreturned-1024x576.jpg
themaxlevelherohasreturned.online/wp-content/uploads/2023/10/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themaxlevelherohasreturned.online/wp-content/uploads/2023/10/themaxlevelherohasreturned-1024x576.jpg
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d2eac391abf111fa8f3fa3998fef4735a07860b444365323eb5c285764804f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11251
alt-svc
h3=":443"; ma=86400
content-length
99452
last-modified
Tue, 31 Oct 2023 21:31:56 GMT
server
cloudflare
etag
"6541724c-1847c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q62pse4Q570SFVB7xaqbqtTSKtAO25TXxib7TL0aYXEKJZPBg88D3PyUn93xqIjOYlstavD9ukEAo4Y5xgGFLSdtSg4KQsk%2FIKxvdif1jW3snrnAHAcw%2Fi3faxYRcIhNVbg0Gi2kqJR7kRNbi%2BpKu%2BPTY84%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
825cdd92ed51fa1c-AMS
expires
Thu, 14 Dec 2023 02:23:27 GMT
lazysizes.min.js
themaxlevelherohasreturned.online/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themaxlevelherohasreturned.online/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 04 Jun 2022 23:42:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11251
etag
W/"629bedd0-2655"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEoJ4xl%2Fb9GHl7I1SeJWQaS6LBG2qoI30xbY5AUXdkUJCXFNMVHModApR9MXoKKvKJ9mos0vx7DXaSOMsgiuX7GM67YPVm%2B6u1HF9ysH%2BVVWTD67KdMDRt6XwtPcfrBm8cHksjvUAoE01Hom12T56bqlDUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
825cdd962ddbfa1c-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 14:23:27 GMT
autoptimize_066e4c16c073f7afe60536831aff6583.js
themaxlevelherohasreturned.online/wp-content/cache/autoptimize/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themaxlevelherohasreturned.online/wp-content/cache/autoptimize/js/autoptimize_066e4c16c073f7afe60536831aff6583.js
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6445e7f9e3dc441b35a69686595960a406c660336f988bd5a18bd6f025e3cdbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 11:06:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11251
etag
W/"6543829c-54dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tQ6e6u%2B3JJJfCS3wdYqSxf8mgQdQikxxvTPHQ8z6iy2lEB80Rcl55Yfcm9E7ovzed68kWQukMAu0rZBUki%2BCeMmDtI6Kb3sGKfsV71mcyWNB%2FbyGeA0Kjfy%2BF%2FTczwTjqRyS9MjKdxiAkS1%2FjWc2bWqLm4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
825cdd963de3fa1c-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 14:23:27 GMT
insurance.html
readdemonslayer.com/ Frame BA3D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://readdemonslayer.com/insurance.html
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.191.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8955ad7ca76ee326f74f9ab429e4c61d02850f554a58ec98986030374ee9b0a

Request headers

Referer
https://themaxlevelherohasreturned.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1116624
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
cf-cache-status
HIT
cf-ray
825cdd99dffa241b-IAD
content-encoding
br
content-type
text/html
date
Tue, 14 Nov 2023 05:30:59 GMT
expires
Fri, 01 Dec 2023 07:20:35 GMT
last-modified
Mon, 11 Sep 2023 17:01:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnL9WeIGgX0%2BwyfT7BQQeEYynyDFBNp%2FZRq9S5mlWXUrPY6RKBV7wPg7QD22%2FMP1pJTQAmBElZLPpaha0k6lZ%2Bow8vfoG9W8LXnZDRsfLNtqn0dQq5QAl8MGLMRCrRJdH3N6F2yU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cropped-The-Eminence-in-Shadow-Manga-Header.webp
themaxlevelherohasreturned.online/wp-content/uploads/2023/04/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themaxlevelherohasreturned.online/wp-content/uploads/2023/04/cropped-The-Eminence-in-Shadow-Manga-Header.webp
Requested by
Host: themaxlevelherohasreturned.online
URL: https://themaxlevelherohasreturned.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.189.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e10df5858d3dfcdf02eddc91c1e79e4a5730249cd1decee19207f2ec25b3013

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:58 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Apr 2023 15:42:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3085
etag
"6447f4cd-123be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFRIahbuMZJSHukqyc5Ic02O326LzefpYZbBrcCIpqXT2KMqq%2B42POkkNwIZWMy5Axxa1cJIz41RiTFhbPcPsDOQ3xMgEvNos%2F78yOvO%2F1sXPU0rkaOJs8HYLk667qQxJkdRtpzbGI3OFDV04oi275elOv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825cdd966deffa1c-AMS
alt-svc
h3=":443"; ma=86400
content-length
74686
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://themaxlevelherohasreturned.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 03:38:46 GMT
x-content-type-options
nosniff
age
438733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 03:38:46 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://themaxlevelherohasreturned.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:01:37 GMT
x-content-type-options
nosniff
age
462562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Nov 2024 21:01:37 GMT
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://themaxlevelherohasreturned.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 03:55:37 GMT
x-content-type-options
nosniff
age
92122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17728
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 03:55:37 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://themaxlevelherohasreturned.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options
nosniff
age
169248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Nov 2024 06:30:11 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Referer
Origin
https://themaxlevelherohasreturned.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
collect
region1.google-analytics.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9JY3BQ4DPF&gtm=45je3b81v9103631095&_p=1699939858915&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1896188837.1699939859&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699939859&sct=1&seg=0&dl=https%3A%2F%2Fthemaxlevelherohasreturned.online%2F&dt=The%20Max%20Level%20Hero%20Has%20Returned%20Manga%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1226
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JY3BQ4DPF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themaxlevelherohasreturned.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 05:30:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://themaxlevelherohasreturned.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load.js
readdemonslayer.com/ Frame BA3D 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/insurance.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.191.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c2ce28e68f846c4821e6f5ebfa5f7aab4cd2db02736225b70425fb5a09de9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/insurance.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:30:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27703
cf-polished
origSize=54467
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Jun 2023 12:42:11 GMT
server
cloudflare
etag
W/"648c58a3-d4c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F6fGYxgEGCooWHr0AhN9GCDWGF8BjgjwXu1ZZYdLl6EkLj%2FkDDTBND9CvAVe8B%2F4yOeLc6jhC3zyYS%2F%2BJi3V9zIAi2b%2BrOIomsklv8qYB%2FbpkrPo4eOV0yLUE1u6StpkkFDx3o7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
825cdd9af946241b-IAD
expires
Tue, 14 Nov 2023 09:49:16 GMT
f
api.purpleads.io/x/v2/ Frame BA3D 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e996125305b14532b34983a597db4ba1&ts=1699939859753
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.51.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-51-67.compute-1.amazonaws.com
Software
/
Resource Hash
d0e18fddb22875279c809af8793649aa712e1f67166b1870c8a331ea0d935887

Request headers

x-request-url
aHR0cHM6Ly9yZWFkZGVtb25zbGF5ZXIuY29tL2luc3VyYW5jZS5odG1s
accept-language
de-DE,de;q=0.9
Authorization
Bearer fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://readdemonslayer.com/
x-purpleads-version
2.0.1

Response headers

date
Tue, 14 Nov 2023 05:31:00 GMT
content-encoding
br
pa-user-id
504ed534-fb2d-4701-864c-fb7f768cd6fb
etag
W/"dae-R7I2TSVoNJwQKHsfN/vbtltNn5c"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://readdemonslayer.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e996125305b14532b34983a597db4ba1&ts=1699939859753
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.51.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-51-67.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://readdemonslayer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://readdemonslayer.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Tue, 14 Nov 2023 05:31:00 GMT
main.js
readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame D80B
Redirect Chain
  • https://readdemonslayer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Protocol
H2
Server
172.67.191.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca53be9b57577d05f8ff072c00ccd1c9649eea8b62f0c3d617a37947b9c32bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfFBD2dDReRoURKrzF9HqJ9bm5bGnnYwAT%2B03i%2Fh8ua5h17mTgKyOf24lRwbcY2L2IV36vqSPeYA6PSL2a016ZcoNRw%2Bt77L%2F5iUNoFvmNtnXG1leuZbUqSPr%2Fu6y7xkxUMzNLdY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
825cdd9d0b52241b-IAD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 14 Nov 2023 05:30:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uX%2FNUETOdb24sVS02ihTXBRPStnZChNMmFYpwyzuutdDpn8t2zD29PmAz0zwctf3ODczKAlVTkutaDUbFZXz%2Fm1GD%2Fmjydx526niiF55sJpaTi8HfPLOPZwvfXwkpNf%2BNkOcxtHD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
cf-ray
825cdd9c6aaf241b-IAD
alt-svc
h3=":443"; ma=86400
825cdd99dffa241b
readdemonslayer.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D80B 		0
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/jsd/r/825cdd99dffa241b
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.191.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 05:31:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXfj%2F%2FI4cu6matWcRW5eI6QyexRIZ4q0g5mrYYCZanl6PRKIKq2do9Ae2sDsswF7atLur5y2SltoxUjBmoFkSAitwhu%2FWng8yl4Zm0HcsTBRSEoMotfD1BVzExHlVlgzY0FD7xSK"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
825cdda05e7e241b-IAD
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ Frame A074 		761 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 05:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:28:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 05:31:01 GMT
prebid.js
readdemonslayer.com/ Frame A074 		328 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://readdemonslayer.com/prebid.js?v=1.1.8
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.191.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
811e76111eea686fab6c7cfe682017b4c319656cb9f2e02b9ab2723c8d95fea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/insurance.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:31:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15765
cf-polished
origSize=908753
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 09 May 2023 17:02:32 GMT
server
cloudflare
etag
W/"645a7ca8-dddd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYAp6ZE80QO9kCLCFcGLVa2aKTC8IUWWshMQw0R%2FaxQy3yW30RIzeIAOVW6xZBKU14ZJ0GNxgMQOcKVYaQBSxlGfgEwmPZuu%2F7ujsL4iPJUa2FcDXsHJcZa8mZz0H3zzeKAPTdWX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
825cdda8be39241b-IAD
expires
Tue, 14 Nov 2023 13:08:16 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame A074 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://readdemonslayer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 03:38:46 GMT
x-content-type-options
nosniff
age
438735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 03:38:46 GMT
localstore.js
script.4dex.io/ Frame A074 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 05:31:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Nov 2023 14:13:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
261874
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gawrtCDaDHgghsjxXr11Nzu8CEO28l3SdfuFvaUn1NYXoguS6yh%2Fr3p8f37qYy8uufBLBRPmwpPbopxbue1rujTdUZJ1QPlgR6L5nb5lMbePQL9BNS7SZIgzDkuFdi59"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
825cddae1f0f9a23-FRA
prebid
mp.4dex.io/ Frame A074 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 05:31:02 GMT
x-err
Parsing the Prebid Request. with empty page host
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://readdemonslayer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
825cddaee9044dc5-FRA
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/ Frame A074 		105 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.171.212.190 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
a649239e50bd4c76b572e7f94edc3bf46592972def55e5e4a735fce7b5fa59ec

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 05:31:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://readdemonslayer.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame A074 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.224 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://readdemonslayer.com
Access-Control-Allow-Credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame A074 		179 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?PageUrl=&PageReferrer=
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3367a6bc95cc4f267513ae2976df2bd3ba59dcb50f333b2891b80650bb26a165
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 05:31:02 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
8
content-length
179
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://readdemonslayer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
adreq
ads.servenobid.com/ Frame A074 		327 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2497
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe7cfd9d183fcf2560ac3ea2e6f517793df5d9e10a89e72b538c7ab635bc93c

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 05:31:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://readdemonslayer.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
pbjs
prebid.admanmedia.com/ Frame A074 		2 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.170 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://readdemonslayer.com
Date
Tue, 14 Nov 2023 05:31:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid-request
onetag-sys.com/ Frame A074 		15 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://readdemonslayer.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
c
prebid.a-mo.net/a/ Frame A074 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://readdemonslayer.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://readdemonslayer.com
date
Tue, 14 Nov 2023 05:31:02 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
script.js
cadmus.script.ac/dahhc4ozyvjm6/ Frame A074 		0
0
adagio.js
script.4dex.io/ Frame A074 		0
0
f
api.purpleads.io/x/v2/ Frame BA3D 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e996125305b14532b34983a597db4ba1&demand=unifiedPb&ts=1699939863279
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.51.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-51-67.compute-1.amazonaws.com
Software
/
Resource Hash
b0e3cb11b41321d2cdd082d894befaf1081cf16c71c0956cf583ffeb7889d41b

Request headers

x-request-url
aHR0cHM6Ly9yZWFkZGVtb25zbGF5ZXIuY29tL2luc3VyYW5jZS5odG1s
accept-language
de-DE,de;q=0.9
Authorization
Bearer fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://readdemonslayer.com/
x-purpleads-version
2.0.1

Response headers

date
Tue, 14 Nov 2023 05:31:04 GMT
content-encoding
br
pa-user-id
98ed5342-8c95-479c-994b-205d196b87d4
etag
W/"573-BvtPGnOkuu5DmCuAnXhZP2Ot19U"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://readdemonslayer.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e996125305b14532b34983a597db4ba1&demand=unifiedPb&ts=1699939863279
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.51.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-51-67.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://readdemonslayer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://readdemonslayer.com
access-control-expose-headers
pa-user-id
access-control-max-age
86400
date
Tue, 14 Nov 2023 05:31:03 GMT
css
fonts.googleapis.com/ Frame 67AF 		761 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 05:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 04:20:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 05:31:05 GMT
eyJpdSI6ImQ0YmMxM2JlMDA4NGRjYzNlYWM3MWU2OTBkZjU2MDllNjIzYWM2NmEzOTdkNzhkM2ViNTU0ZjM3OWNmOTJjOWQiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 67AF 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ0YmMxM2JlMDA4NGRjYzNlYWM3MWU2OTBkZjU2MDllNjIzYWM2NmEzOTdkNzhkM2ViNTU0ZjM3OWNmOTJjOWQiLCJ3IjoxODAsImgiOjE2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.151 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
df7e080b3ce07647b86ac173a4cf634d2ccaa024ddc24fa6135c6f65ccf41a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:31:06 GMT
last-modified
Wed, 04 Oct 2023 19:00:38 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2147888
access-control-allow-credentials
false
x-traceid
cf0c90c3e50db8af9a9ee6ac0a25032e
timing-allow-origin
*, *
content-length
11614
i
api.purpleads.io/x/a/b20ed93e5b5229006e1692ac9411900e:a1b27517f8cc411253cbe28325bcfb00a529650903232ec9278cb9987d0d795eb3f4dbb336461362cd8294e6c166795e6f09b7e37ef52e32e53373e6f76c215fe67a5920f8f5838... Frame 67AF 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/b20ed93e5b5229006e1692ac9411900e:a1b27517f8cc411253cbe28325bcfb00a529650903232ec9278cb9987d0d795eb3f4dbb336461362cd8294e6c166795e6f09b7e37ef52e32e53373e6f76c215fe67a5920f8f5838bd4cb15390c4f385d860fc890ef9486532c04ea878a04856f/i?id=f8726508-4b46-4860-aedd-758f41c77efe
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.51.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-51-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Tue, 14 Nov 2023 05:31:06 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 67AF 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=216a56f2dfd5ad74891b3f70a1efac33&pvId=216a56f2dfd5ad74891b3f70a1efac33&sid=8943706&pid=45718&idx=0&wId=140&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 05:31:06 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b958b7c794e19ec76824886e6f0417b3
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 67AF 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=216a56f2dfd5ad74891b3f70a1efac33&position=0
Requested by
Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://readdemonslayer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 05:31:06 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
9059259c10007055f96cdbb1c91b298d
Content-Length
4
Expires
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 67AF 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://readdemonslayer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 03:38:46 GMT
x-content-type-options
nosniff
age
438740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 03:38:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cadmus.script.ac
URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Domain
script.4dex.io
URL
https://script.4dex.io/adagio.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture undefined| $ function| jQuery function| gtag object| dataLayer object| lazySizesConfig object| google_tag_manager object| google_tag_data function| setCookie function| getCookie object| buttonMain object| navMain undefined| buttonTop undefined| navTop undefined| buttonSocial undefined| navSocial function| responsiveNav function| onYouTubeIframeAPIReady object| gaGlobal object| lazySizes

4 Cookies

Domain/Path Name / Value
.themaxlevelherohasreturned.online/ Name: _ga_9JY3BQ4DPF
Value: GS1.1.1699939859.1.0.1699939859.0.0.0
.themaxlevelherohasreturned.online/ Name: _ga
Value: GA1.1.1896188837.1699939859
.readdemonslayer.com/ Name: cf_clearance
Value: Wxf.03TpI0KaBCXO07FbwqF6wcJKUlK_MWE2G29maBc-1699939860-0-1-53c7def3.e25787e2.4c68113-0.2.1699939860
.prebid.a-mo.net/ Name: __amc
Value: 1_1699939862_1699939862

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.servenobid.com
api.purpleads.io
b1h-euc1.zemanta.com
cadmus.script.ac
fonts.googleapis.com
fonts.gstatic.com
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
images.outbrainimg.com
log.outbrainimg.com
mp.4dex.io
onetag-sys.com
prebid.a-mo.net
prebid.admanmedia.com
readdemonslayer.com
region1.google-analytics.com
script.4dex.io
themaxlevelherohasreturned.online
www.googletagmanager.com
cadmus.script.ac
script.4dex.io
104.18.34.178
142.250.185.136
142.250.185.234
142.250.185.99
147.75.84.158
172.67.189.82
172.67.191.60
172.67.75.241
213.227.153.224
216.239.34.36
23.212.89.151
34.198.51.67
51.89.9.252
52.212.105.38
54.155.236.110
54.171.212.190
64.202.112.63
8.2.109.170
21c2ce28e68f846c4821e6f5ebfa5f7aab4cd2db02736225b70425fb5a09de9a
3367a6bc95cc4f267513ae2976df2bd3ba59dcb50f333b2891b80650bb26a165
4fe7cfd9d183fcf2560ac3ea2e6f517793df5d9e10a89e72b538c7ab635bc93c
5ca53be9b57577d05f8ff072c00ccd1c9649eea8b62f0c3d617a37947b9c32bb
6445e7f9e3dc441b35a69686595960a406c660336f988bd5a18bd6f025e3cdbe
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
7495644645f34a1a1617e364c8cd7c2ea933dd381ac906ae2549a1ba3d03e23b
761c2ae15dfce53ca9aeac49d04c1d676e0fbd7cda270e698a2a99a964c055d6
7e10df5858d3dfcdf02eddc91c1e79e4a5730249cd1decee19207f2ec25b3013
811e76111eea686fab6c7cfe682017b4c319656cb9f2e02b9ab2723c8d95fea9
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d2eac391abf111fa8f3fa3998fef4735a07860b444365323eb5c285764804f2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a649239e50bd4c76b572e7f94edc3bf46592972def55e5e4a735fce7b5fa59ec
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b0e3cb11b41321d2cdd082d894befaf1081cf16c71c0956cf583ffeb7889d41b
b8945ad8256f6574f3ca27e41a465d21403d8b6bbabd1e875cf4578ac57fec55
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
d0e18fddb22875279c809af8793649aa712e1f67166b1870c8a331ea0d935887
df7e080b3ce07647b86ac173a4cf634d2ccaa024ddc24fa6135c6f65ccf41a44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e46134f45d5f39fb2d0f6921a8593624f5167a69188ae757bec9b8372ab9e7
e8955ad7ca76ee326f74f9ab429e4c61d02850f554a58ec98986030374ee9b0a
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c