m.manhuagui.com Open in urlscan Pro
45.32.60.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.manhuagui.com/
Effective URL:
https://m.manhuagui.com/
Submission: On July 16 via manual (July 16th 2021, 9:39:33 am UTC) from IN

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 24 domains to perform 79 HTTP transactions. The main IP is 45.32.60.39, located in Heiwajima, Japan and belongs to AS-CHOOPA, US. The main domain is m.manhuagui.com.
TLS certificate: Issued by R3 on July 4th 2021. Valid for: 3 months.

This is the only time m.manhuagui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.32.60.39 45.32.60.39	20473 (AS-CHOOPA) (AS-CHOOPA)
14	104.24.8.56 104.24.8.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	128.1.164.123 128.1.164.123	21859 (ZNET) (ZNET)
1	52.194.18.12 52.194.18.12	16509 (AMAZON-02) (AMAZON-02)
2	35.190.35.45 35.190.35.45	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:219... 2600:9000:2190:3c00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.95.67.231 34.95.67.231	15169 (GOOGLE) (GOOGLE)
4	210.61.33.232 210.61.33.232	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:dc00:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	175.41.232.18 175.41.232.18	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.117.219.39 34.117.219.39	15169 (GOOGLE) (GOOGLE)
6	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2 6	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
6	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e4:... 2606:4700:e4::ac40:a512	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	35.241.5.209 35.241.5.209	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
1	13.224.96.86 13.224.96.86	16509 (AMAZON-02) (AMAZON-02)
2	54.249.77.228 54.249.77.228	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
79	38

2 45.32.60.39 (Heiwajima, Japan)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.60.39.vultr.com

m.manhuagui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.24.8.56 (United States)

ASN13335 (CLOUDFLARENET, US)

cf.hamreus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.1.164.123 (United States)

ASN21859 (ZNET, US)

jy.ggweb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.194.18.12 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-18-12.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.35.45 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 45.35.190.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2190:3c00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.61.33.232 (Kaohsiung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-61-33-232.HINET-IP.hinet.net

banner-cfnetwork.cdn.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:dc00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.41.232.18 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.219.39 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.HINET-IP.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d9b00c21-ced5-4daf-b36e-fcec99e11211.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.210.196.208 (United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a512 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lookit.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.5.209 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 209.5.241.35.bc.googleusercontent.com

ad.adondemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.146 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c204::b000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-86.zrh50.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.249.77.228 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-77-228.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	hamreus.com cf.hamreus.com	620 KB
10	hinet.net banner-cfnetwork.cdn.hinet.net t.ssp.hinet.net d9b00c21-ced5-4daf-b36e-fcec99e11211.t.ssp.hinet.net	8 KB
10	holmesmind.com 1 redirects cdn.holmesmind.com fcm.holmesmind.com c.holmesmind.com adcdn.holmesmind.com ad.holmesmind.com fp.holmesmind.com	29 KB
6	googlesyndication.com 958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	37 KB
6	aralego.net cdn.aralego.net	90 KB
6	aralego.com 2 redirects ads.aralego.com sync.aralego.com agent.aralego.com	3 KB
4	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	139 KB
3	logly.co.jp l.logly.co.jp sync.logly.co.jp	1 KB
3	google.com www.google.com adservice.google.com	1 KB
2	im-apps.net dmp.im-apps.net audiencedata.im-apps.net	3 KB
2	yahoo.com ads.yap.yahoo.com geo.yahoo.com	1016 B
2	google-analytics.com www.google-analytics.com	19 KB
2	sitemaji.com ad.sitemaji.com	12 KB
2	manhuagui.com m.manhuagui.com	9 KB
1	criteo.com gum.criteo.com	724 B
1	yimg.com s.yimg.com	28 KB
1	adondemand.com ad.adondemand.com	13 KB
1	google.be adservice.google.be	853 B
1	lookit.tw www.lookit.tw	832 B
1	creativecdn.com prebid-asia.creativecdn.com	177 B
1	criteo.net static.criteo.net	38 KB
1	google.de www.google.de	107 B
1	compass-fit.jp nt.compass-fit.jp	16 KB
1	ggweb.net jy.ggweb.net	634 B
79	24

	Domain	Requested by
14	cf.hamreus.com	m.manhuagui.com cf.hamreus.com
6	cdn.aralego.net	m.manhuagui.com ads.aralego.com www.lookit.tw agent.aralego.com
5	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
4	banner-cfnetwork.cdn.hinet.net	cdn.holmesmind.com
4	cdn.holmesmind.com	ad.sitemaji.com cdn.holmesmind.com ad.holmesmind.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com m.manhuagui.com
3	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
3	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	sync.aralego.com	ads.aralego.com m.manhuagui.com
2	c.holmesmind.com	1 redirects cdn.holmesmind.com
2	www.google.com	m.manhuagui.com tpc.googlesyndication.com
2	www.google-analytics.com	m.manhuagui.com www.google-analytics.com
2	ad.sitemaji.com	jy.ggweb.net m.manhuagui.com
2	m.manhuagui.com	m.manhuagui.com
1	gum.criteo.com	static.criteo.net
1	l.logly.co.jp	nt.compass-fit.jp
1	audiencedata.im-apps.net	dmp.im-apps.net
1	dmp.im-apps.net	nt.compass-fit.jp
1	agent.aralego.com	1 redirects
1	geo.yahoo.com	www.lookit.tw
1	ads.yap.yahoo.com	s.yimg.com
1	s.yimg.com	ad.adondemand.com
1	ad.adondemand.com	www.lookit.tw
1	958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	www.lookit.tw	ads.aralego.com
1	d9b00c21-ced5-4daf-b36e-fcec99e11211.t.ssp.hinet.net	m.manhuagui.com
1	prebid-asia.creativecdn.com	banner-cfnetwork.cdn.hinet.net
1	fp.holmesmind.com	cdn.holmesmind.com
1	static.criteo.net	cdn.holmesmind.com
1	ad.holmesmind.com	cdn.holmesmind.com
1	adcdn.holmesmind.com	cdn.holmesmind.com
1	fcm.holmesmind.com	cdn.holmesmind.com
1	www.google.de	m.manhuagui.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	nt.compass-fit.jp	m.manhuagui.com
1	jy.ggweb.net	m.manhuagui.com
79	40

This site contains no links.

Subject Issuer	Validity	Valid
hamreus.com R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
jy.ggweb.net R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2021-04-08` - `2022-05-10`	a year	crt.sh
feebee.com.tw R3	`2021-06-08` - `2021-09-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.cdn.hinet.net	`2021-06-11` - `2022-06-11`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.ssp.hinet.net	`2020-10-19` - `2021-10-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.t.ssp.hinet.net	`2020-05-06` - `2022-05-06`	2 years	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.google.be GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
adondemand.com R3	`2021-06-22` - `2021-09-20`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-23` - `2021-08-04`	a month	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gw.flurry.com DigiCert SHA2 High Assurance Server CA	`2021-06-28` - `2021-12-22`	6 months	crt.sh
analytics.query.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-08` - `2021-09-01`	6 months	crt.sh
*.im-apps.net DigiCert SHA2 Secure Server CA	`2021-06-25` - `2022-06-30`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.logly.co.jp Amazon	`2020-08-31` - `2021-09-30`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://m.manhuagui.com/
Frame ID: D86AA2782C7DFECF2B140352300D2230
Requests: 28 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 0C986E5B18DF37BE91AA2872E483BB71
Requests: 2 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 6F8D72841EC5C9B34F3831AA55571199
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 62F834E91DFF519983961194C1F7E7D4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 10F85BA795F9528DB3D992960C07E0D0
Requests: 15 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=5872-kbF1M01UwGDTEHSK0fvRCMWuCvqFbzV0&CFFPCKUUID=8979-m3uJwOa0k1uLy55dZvsn9voP1UQDjsyz&url=https%3A%2F%2Fm.manhuagui.com%2F&maindomain=manhuagui.com
Frame ID: 998F0931C757455A39BCECAB0F40381F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: A772B79940DA374339EC8151AF4C4966
Requests: 5 HTTP requests in this frame

Frame: https://www.lookit.tw/native.html?s=320x50IK
Frame ID: 60AE41AC71B1BDC9FB57EF5836559161
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 7A5014E65820148564AF8A5E50D76A95
Requests: 9 HTTP requests in this frame

Frame: https://958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: C3D275ABD377457DEFAEB2CB730C86BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3405DC244E7D29BA19DE169B2E55EB02
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F704BFE871D3411BA1FACC2708140DB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/house/housead-55c83e0ac8eed1df04c1e6d6-1625551208830.png
Frame ID: 3E635ED0117A201621C432E14DD0088C
Requests: 1 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 911BDB77CBCD5612C644D3F2EEA2EFBF
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=m.manhuagui.com
Frame ID: 507859067053193148239AF93A85389B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://m.manhuagui.com/ HTTP 307
https://m.manhuagui.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

79
Requests

100 %
HTTPS

53 %
IPv6

24
Domains

40
Subdomains

38
IPs

8
Countries

1071 kB
Transfer

1708 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.manhuagui.com/ HTTP 307
https://m.manhuagui.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 38

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 63

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
m.manhuagui.com/
Redirect Chain

http://m.manhuagui.com/
https://m.manhuagui.com/

17 KB
5 KB

733ms
241ms

Document
text/html

45.32.60.39
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://m.manhuagui.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.32.60.39 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.32.60.39.vultr.com

Software

nginx/1.14.2 / SEEMH.COM

Resource Hash

577bf72652465e6b387e12a324138170ca5f793cb2db18c9678695a680c12529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:method: GET
:authority: m.manhuagui.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.14.2
date: Fri, 16 Jul 2021 09:39:00 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
expires: Fri, 16 Jul 2021 10:39:00 GMT
x-powered-by: SEEMH.COM
x-frame-options: DENY
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;preload
x-cache: HIT
content-encoding: gzip

Redirect headers

Location: https://m.manhuagui.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css
cf.hamreus.com/css/ 26 KB
7 KB 170ms
37ms Stylesheet
text/css 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.hamreus.com/css/main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

d63245c98c466091fa4a8bb7ca4de4c4a9d338833cea4a1baa2e8e4af68911ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7234186
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 22 Sep 2020 00:54:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"de1b9ce77a90d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B94oPCyMHOPQ2z8h3dOcJpnu7P6xZQjlnd%2ButHIzpaUQSmUhE0tYJSzjHEgoTZGPM3Zb9tSgp7PwCm51kg%2Bue%2FuBjTzEQcOLBwPnp0TozDfd3VanagIX1J1VgntYf%2BioeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 66fa42cc786e4ec2-FRA
expires: Sat, 23 Apr 2022 16:09:15 GMT

GET
H2 200 logo_mini.gif
m.manhuagui.com/images/ 3 KB
3 KB 662ms
661ms Image
image/gif 45.32.60.39
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.manhuagui.com/images/logo_mini.gif

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.32.60.39 Heiwajima, Japan, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.32.60.39.vultr.com

Software

nginx/1.14.2 / SEEMH.COM

Resource Hash

aa57468383b53d9b60458647e700cac69a75326752b41c9a6db4fdbab461a58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /images/logo_mini.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: m.manhuagui.com
referer: https://m.manhuagui.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:30:26 GMT
server: nginx/1.14.2
x-powered-by: SEEMH.COM
etag: "45da52744ee7d31:0"
x-frame-options: DENY
x-cache: HIT
content-type: image/gif
cache-control: max-age=3600
strict-transport-security: max-age=31536000; includeSubDomains;preload
accept-ranges: bytes
content-length: 3244
expires: Fri, 16 Jul 2021 10:39:01 GMT

GET
H2 200 3020373790.jpg
cf.hamreus.com/cpic/ 86 KB
86 KB 171ms
40ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/3020373790.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

ebe4455f17c3ef199c26084feecedb6f6fadc5e3c36b636ef38a0f44a59c218c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7142520
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 87639
last-modified: Wed, 09 May 2018 03:57:03 GMT
server: cloudflare
x-frame-options: DENY
etag: "a94422ca49e7d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvg57ApjKWJbXB6ghT%2Bi3K3Y2QKyB5snJM%2BSRz727jlY8O7Sykz56IJwbKP90gGy4WDkFVumHEdG4B8XgqT1X5uSgioz2rYVCE71cSxsJGPayDihjl7wlKcYR5yEf1DQzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42cc78724ec2-FRA
expires: Sun, 24 Apr 2022 17:37:01 GMT

GET
H2 200 core_68D72EB7E730B6C6A0B7A62FB8C5F282D0CCEDFE.js Show response
cf.hamreus.com/scripts/ 75 KB
26 KB 208ms
76ms Script
application/javascript 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.hamreus.com/scripts/core_68D72EB7E730B6C6A0B7A62FB8C5F282D0CCEDFE.js

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

1dc1b0a343a35b161b7a15101c9e9ee44e5bb63af09f70197df5c1c799ba0dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7222816
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 22 Sep 2020 00:54:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"703e0e87a90d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bFwxv3K%2BZDUfnNeObjxmaNbN%2B9AaVPQ2p5xPNOZMElqdqmpgkXZbozjvzWlJPo%2F%2B8xvWXCxGZUVlWhOW9QRnxc7BMGORZwWcOhj94U93zD8j7V5a0nHXt6n2LX6CjMILA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 66fa42cc786f4ec2-FRA
expires: Sat, 23 Apr 2022 19:18:45 GMT

GET
H2 200 wapgd.js Show response
jy.ggweb.net/ikanman/ 1 KB
634 B 489ms
156ms Script
application/javascript 128.1.164.123
ZNET

General

Check archive.org

Show headers Download Go to

Full URL: https://jy.ggweb.net/ikanman/wapgd.js
Requested by: Host: m.manhuagui.com
URL: https://m.manhuagui.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.1.164.123 , United States, ASN21859 (ZNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ebc945ec243d245659fc3139528a6f335e656333b5d7fd54e89780a92d260917

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:24 GMT
content-encoding: gzip
last-modified: Sun, 13 Jun 2021 14:36:59 GMT
server: nginx
etag: W/"60c6180b-4f5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 16 Jul 2021 21:39:24 GMT

GET
H3-29 200 iconfont.woff
cf.hamreus.com/css/mobile/ 14 KB
14 KB 153ms
33ms Font
font/x-woff 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.hamreus.com/css/mobile/iconfont.woff

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

1b83424b581a2bbc489aed4c5528ac899b07de0f8a17cfe68b02b778d7674f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://m.manhuagui.com
Referer: https://cf.hamreus.com/css/main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7222461
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 09 May 2018 04:30:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"95fa78704ee7d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2hoylVzw9yrDizgGwOB6T8rEL1sqMJQaOQ6mN5P8K8RKb3ZPgfj4o6SqopsBtC2%2BSle4Dqwe0iCYhdLak7YQulnw%2B0yPRygZ1C06U%2Fi2wU0VyB7rizCdm9vx72W%2FGH8bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/x-woff
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 66fa42cd7b5adfff-FRA
expires: Sat, 23 Apr 2022 19:24:40 GMT

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 71 KB
16 KB 8492ms
6924ms Script
text/javascript 52.194.18.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Requested by: Host: m.manhuagui.com
URL: https://m.manhuagui.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.18.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-18-12.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 40f8089c5f70fbac32be2c6d6685964978c8f979891af2a40583c77cdccdc55a

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 09:39:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
content-type: text/javascript

GET
H2 200 ysm_ikanman.js Show response
ad.sitemaji.com/ 26 KB
9 KB 72ms
20ms Script
application/javascript 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_ikanman.js
Requested by: Host: jy.ggweb.net
URL: https://jy.ggweb.net/ikanman/wapgd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.35.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e12210f408f5dbfa5c9327c74d95e2ed04a8b33ea655da4a90e132cad2857c58

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 16 Jul 2021 03:48:17 GMT
content-encoding: br
last-modified: Mon, 12 Jul 2021 04:45:46 GMT
age: 21044
etag: W/"60ebc8fa-69c4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 8685
via: AmigoCDN 1.0, 1.1 google
expires: Sat, 17 Jul 2021 03:48:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6495
date: Fri, 16 Jul 2021 07:50:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 16 Jul 2021 09:50:46 GMT

GET
H3-29 200 19430.jpg
cf.hamreus.com/cpic/g/ 39 KB
40 KB 91ms
61ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/g/19430.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

9f8fafd406cacb16ae0ef6304e1687cb1a02f4ef44ee96ed6678af4fd459b319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7142520
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 40334
last-modified: Fri, 10 Jul 2020 15:59:45 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pssZAYu2gWwC3FseZt7LA1zx7a38HhuTv69l3dnXJv70%2BwOzmlktvxaSHczznm4roE78pmdmx9RVtnAwmY3ukH0TmgJJcSUHJRGl6MsL9TXR0Ieyc2ru9w9ZYJ9aapOi8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42cf794b64eb-FRA
expires: Sun, 24 Apr 2022 17:37:01 GMT

GET
H3-29 200 7620.jpg
cf.hamreus.com/cpic/g/ 36 KB
37 KB 161ms
132ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/g/7620.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

9493b54962b4b477b04c5815f58e7748a50227be9fe8855ec41b18194601851e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7142520
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 36817
last-modified: Fri, 10 Jul 2020 16:09:55 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flKZg72dIzszHHLd6EWoPnJM0ZyapsBQiOE0eFx6hgsj2MpgqvREAcfwzfAe7nRwxZMgGI%2BeEDLvHm9wlx6Qwj2QNdw%2B2%2Bd2jVY6aXj3VFHlQD99W%2BXDg9mCoIOf%2FLKkqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42cf794964eb-FRA
expires: Sun, 24 Apr 2022 17:37:01 GMT

GET
H3-29 200 7382.jpg
cf.hamreus.com/cpic/g/ 37 KB
37 KB 186ms
157ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/g/7382.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

c7db02d7d0d3bc873259556351a127d4c8b9e60c09311bcfec79e01fc11bf9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7142520
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 37404
last-modified: Fri, 10 Jul 2020 16:09:55 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JR%2FLsK3Yd188vKwyCofYkDzLT45SIhi2WBut4xJs%2BpdtskGWoudi1DSammvNIGvpY5uxj97%2Bnqx6IlrfAI2Po8ded94VB%2FFR7y%2BEhjnAhpAYq4sXnWSMl1%2FtJmeQCA0XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42cf794d64eb-FRA
expires: Sun, 24 Apr 2022 17:37:01 GMT

GET
H3-29 200 19300.jpg
cf.hamreus.com/cpic/g/ 35 KB
36 KB 185ms
156ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/g/19300.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

63e294eacd6b2b907c4503e6e2489d1c33944c08489e73b1c496c824039c799b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7142520
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35823
last-modified: Fri, 10 Jul 2020 16:09:55 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpR9esV8bk2w3tEqlEHYJ0nkJ6c0S7YZpcWNj3Qm8Jb7Clrn0sL6PPvuI%2BpTRjMJ4bvA%2BxQUwLhEIPkJ0pWfztdft0cRP4ofHCUV7HeYtPUJNsUXiyBOu8miTLJVR%2BNq1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42cf794c64eb-FRA
expires: Sun, 24 Apr 2022 17:37:01 GMT

GET
H3-29 200 29821.jpg
cf.hamreus.com/cpic/g/ 43 KB
44 KB 114ms
85ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/g/29821.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

ebff4bdabba89b14dfc3698fbbd41fd3468b9aec1a5415e33fa6c72e505670ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6114706
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 44372
last-modified: Fri, 10 Jul 2020 16:09:55 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzzZy5g26QiGb9bE0%2FUDmCSGoSd5LZmZj5suaWC4z01uPYsqDVl2mUdTj6toeAVAOvMP7xIO4jgQXmrT5V6YMHH%2B709K%2FDX8V1YCfitIYV6HgfI%2BZneR0%2Fg6Xyoh%2FlG3mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42cf794a64eb-FRA
expires: Fri, 06 May 2022 15:07:14 GMT

GET
H3-29 200 20568.jpg
cf.hamreus.com/cpic/g/ 36 KB
37 KB 138ms
109ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/g/20568.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

898537e9613d0afb6a6c0b1260b5d75ea9a7e39eb7619fb8ce1f2d458de3dfb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7142520
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 36881
last-modified: Fri, 10 Jul 2020 16:09:55 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfFsbVT%2BVS%2FblzNxIrLnfDEBF3zi%2FlHgXlFU4lhPHJ9W4J%2F%2FNkZgG8O7o%2FRwLCn3gdGf7hHcsV%2FoFve%2F4EoXqizeI7WizGfi0GHAmjfrn1ddvDj0wfm836tArpw1%2FP5e5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42cf794764eb-FRA
expires: Sun, 24 Apr 2022 17:37:01 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=334448727&t=pageview&_s=1&dl=https%3A%2F%2Fm.manhuagui.com%2F&ul=en-us&de=UTF-8&dt=%E6%89%8B%E6%9C%BA%E7%9C%8B%E6%BC%AB%E7%94%BB_%E9%A3%92%E6%BC%AB%E4%B9%90%E7%94%BB_%E5%A6%83%E5%A4%95%E5%A6%8D%E9%9B%AA%20-%20%E7%9C%8B%E6%BC%AB%E7%94%BB%E6%89%8B%E6%9C%BA%E7%89%88%E9%A6%96%E9%A1%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2060652561&gjid=1038789033&cid=1420558195.1626428342&tid=UA-22850279-5&_gid=1814745307.1626428342&_r=1&_slc=1&z=593717853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.manhuagui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-22850279-5&cid=1420558195.1626428342&jid=2060652561&gjid=1038789033&_gid=1814745307.1626428342&_u=IEBAAEAAAAAAAC~&z=320867752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Jul 2021 09:39:01 GMT
content-type: text/plain
access-control-allow-origin: https://m.manhuagui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-22850279-5&cid=1420558195.1626428342&jid=2060652561&_u=IEBAAEAAAAAAAC~&z=859945019

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-22850279-5&cid=1420558195.1626428342&jid=2060652561&_u=IEBAAEAAAAAAAC~&z=859945019

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 09:39:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 close_circle.png
ad.sitemaji.com/static/ 3 KB
3 KB 21ms
21ms Image
image/png 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/close_circle.png
Requested by: Host: m.manhuagui.com
URL: https://m.manhuagui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.35.190.35.bc.googleusercontent.com
Software: /
Resource Hash: f45251ca5f051c72ad1fb169af736cc21c8a16f798f4b7583f8717c3ff0773d6

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 19:46:09 GMT
content-encoding: gzip
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
age: 49973
etag: W/"5d0b49e9-bd0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 3047
via: AmigoCDN 1.0, 1.1 google
expires: Fri, 16 Jul 2021 19:46:09 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 0C98 6 KB
7 KB 65ms
21ms Script
application/javascript 2600:9000:2190:3c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0beffdab5eb3e5bb2d2bd0a0222d54397a2583b3a8b5681cf353d5f35f893afe

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:02 GMT
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jul 2021 09:20:58 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "dfe9b96fd56e29211a8dd79116e44a79"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6564
x-amz-cf-id: sTeGU2KybISgSyhki3O_bbo2pH7sc8u9k1x2yabfvS-DR7noqeM6mQ==

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 6F8D 332 B
450 B 9159ms
9112ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

:method: GET
:authority: fcm.holmesmind.com
:scheme: https
:path: /cm.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.manhuagui.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.manhuagui.com/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 332
date: Fri, 16 Jul 2021 09:39:11 GMT
alt-svc: clear

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 62F8 3 KB
3 KB 21ms
21ms Document
text/html 2600:9000:2190:3c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcab50b80facdd8259667f6902b74c713dc70feaf073cfed9b8de4a69fca6a0e

Request headers

:method: GET
:authority: cdn.holmesmind.com
:scheme: https
:path: /js/capmapping.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.manhuagui.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.manhuagui.com/

Response headers

content-type: text/html
content-length: 2642
last-modified: Mon, 05 Jul 2021 09:22:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Jul 2021 09:39:02 GMT
etag: "e1a480f03215f2f740d3ac73c7b1c641"
x-cache: Hit from cloudfront
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: W1RaeBnpS3f-p9-wXeID8bBgZtxYmFipcaaP3XovLCobtEzZqktCdA==

GET
H2 200 edmp_init.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 0C98 662 B
635 B 1113ms
299ms Script
application/javascript 210.61.33.232
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.61.33.232 Kaohsiung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-61-33-232.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:03 GMT
via: 1.1 bd565b05d504b5a50ede08599d37479d.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: HiNetCDN/2104
age: 30
etag: W/"f58f8a90686f8ffb3325107e8a788b71"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE51-C1
content-encoding: br
x-amz-cf-id: dznkeC-th3abA2TOh4cBE24E0z-NREnyp9408ONhK_9rbhPvrtNqSg==
x-request-id: 25860c36b108a5cce435ae8cddbfc17c

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 10F8 6 KB
6 KB 21ms
21ms Script
application/javascript 2600:9000:2190:3c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30a3ff10c02fd69f1209bd9153c983a776c8863cb91c3effb4a1be7c9b80e1bb

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:02 GMT
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 02:19:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "c62e62c152e57c979abe141ef4e128de"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6102
x-amz-cf-id: ut-T5RwkwGmUObzm4EoTn_CwFXo-uF_vSnjB8BYxVPw_loC1qDqjVg==

GET
H2

200

cm
c.holmesmind.com/ Frame 62F8
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
506 B

123ms
123ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:02 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 16 Jul 2021 09:39:02 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 10F8 428 B
599 B 85ms
12ms Script
text/html 2600:9000:2190:dc00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=9394
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:dc00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b65acca8ab39c8f8aceec0510e4f85c3951ee6214b78c9a7693f03b9624fe697

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:29:14 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 587
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.manhuagui.com
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: OJqnzC38u2_foZZoG9ZfXEHIcbdxWmpvVqay5oZR3H2SBxV9EcKD9Q==
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 10F8 2 KB
1 KB 847ms
291ms Script
text/html 175.41.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=9394&rf=https%3A%2F%2Fm.manhuagui.com%2F&n=916&o=1&d=1&b=2&ts=1&ii=2&FPCK=8979-m3uJwOa0k1uLy55dZvsn9voP1UQDjsyz
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.232.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 188b0d3eb0be2485653ea47f9f8baa11e4f0d2a07e0e27806faebbcd989df78e

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://m.manhuagui.com
date: Fri, 16 Jul 2021 09:39:03 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 10F8 3 KB
1 KB 995ms
300ms Script
application/javascript 210.61.33.232
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.61.33.232 Kaohsiung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-61-33-232.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:03 GMT
via: 1.1 a55d34628b043ad0c3a5f728ad027e04.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: HiNetCDN/2104
x-amz-cf-pop: TPE51-C1
etag: W/"6a605eea47197fa280f27aaf1fa1521d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-encoding: br
x-amz-cf-id: drrNQ5dgaRzNnyflE4YdMaNsm6EgsOC2SeamvKL_khKX0odFXu0gjA==
x-request-id: c7f36d168904e3f6927062780142dbdf

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 10F8 117 KB
38 KB 45ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 911e1ae59bee7c424cdc950ea226bec46af2a4048a51fec42fe2a7009e8ddb9b

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:02 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 11:00:01 GMT
server: nginx
etag: W/"60ec20b1-1d47a"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Jul 2021 09:39:02 GMT

GET
H2 200 criteoV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 10F8 2 KB
964 B 995ms
300ms Script
application/javascript 210.61.33.232
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.61.33.232 Kaohsiung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-61-33-232.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:03 GMT
via: 1.1 fbf94e317a2eadeb551cc7c3ef6e546d.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: HiNetCDN/2104
age: 34
etag: W/"e8f33fcb581483ced4a09b3c8e7550e4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE50-C1
content-encoding: br
x-amz-cf-id: dUOaWQaAe0Jq8tOA8SfSgFSiNKrV3C5msU0QmrCoqTPMNtZMt5wxLg==
x-request-id: 348cefefd3baba2dc5aa5c3976ec4e5a

GET
H2 200 appierV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 10F8 3 KB
1 KB 995ms
301ms Script
application/javascript 210.61.33.232
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.61.33.232 Kaohsiung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-61-33-232.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:03 GMT
via: 1.1 b1e98d6f23bf8312e5a34847053352cc.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: HiNetCDN/2104
age: 15
etag: W/"548ed610a8571343fb3022f543174735"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE51-C1
content-encoding: br
x-amz-cf-id: l7UQiGAvAVwFZZr2wv85AHy9gfKz_EK2qJ-45bBYEahI9tbm5TZbCw==
x-request-id: 4539dce5c691134082735e12e18a7017

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 998F 0
217 B 325ms
272ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=5872-kbF1M01UwGDTEHSK0fvRCMWuCvqFbzV0&CFFPCKUUID=8979-m3uJwOa0k1uLy55dZvsn9voP1UQDjsyz&url=https%3A%2F%2Fm.manhuagui.com%2F&maindomain=manhuagui.com
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: fp.holmesmind.com
:scheme: https
:path: /landing.php?CFFPCKUUIDMAIN=5872-kbF1M01UwGDTEHSK0fvRCMWuCvqFbzV0&CFFPCKUUID=8979-m3uJwOa0k1uLy55dZvsn9voP1UQDjsyz&url=https%3A%2F%2Fm.manhuagui.com%2F&maindomain=manhuagui.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.manhuagui.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.manhuagui.com/

Response headers

server: nginx/1.20.0
date: Fri, 16 Jul 2021 09:39:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: x-requested-with,content-type
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 10F8 6 KB
3 KB 881ms
290ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7d48483199e6616d96fc8b45c384f40ecf0409fabb06398614cc4cab77ccb277

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:03 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-164b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 16 Jul 2021 09:49:03 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 10F8 10 KB
10 KB 21ms
21ms Script
application/javascript 2600:9000:2190:3c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=9394&rf=https%3A%2F%2Fm.manhuagui.com%2F&n=916&o=1&d=1&b=2&ts=1&ii=2&FPCK=8979-m3uJwOa0k1uLy55dZvsn9voP1UQDjsyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:03 GMT
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: pCntBrfQSKPFY1yXczvov55rwGDjuyEuEZ_GYhawP9S50diEZqJoUA==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 10F8 0
177 B 516ms
172ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://m.manhuagui.com
date: Fri, 16 Jul 2021 09:39:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 10F8 37 B
406 B 292ms
292ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

74587997700a21432ad612415c3de3ae84e65c5e95d2c59691d714697e8434e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 10F8 30 B
276 B 293ms
292ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=d9b00c21-ced5-4daf-b36e-fcec99e11211

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://m.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame A772
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

43ms
26ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: m.manhuagui.com
URL: https://m.manhuagui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2407
content-length: 40120
last-modified: Fri, 28 May 2021 01:36:32 GMT
server: cloudflare
etag: "60b04920-9cb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD1eCkRnqcV6l1zcn7wdD4ixLM8d61xKMZKVRxAmIVlZOCsJhvTYEPgtjRBvA8Um%2Fc%2FhsSvUKnZKDeikG%2F%2BWjKm%2FRGKYLv%2BnHC13Li1ZNSd3bXpKAaPbT%2F88piMhzfxds4NVISSNDq%2B%2BuRRoGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66fa42e2aa662b89-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 10F8 30 B
276 B 293ms
292ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=d9b00c21-ced5-4daf-b36e-fcec99e11211

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://m.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 10F8 0
192 B 293ms
292ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=5872-kbF1M01UwGDTEHSK0fvRCMWuCvqFbzV0&mp=d9b00c21-ced5-4daf-b36e-fcec99e11211

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:04 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://m.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
d9b00c21-ced5-4daf-b36e-fcec99e11211.t.ssp.hinet.net/ Frame 10F8 0
80 B 1121ms
283ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d9b00c21-ced5-4daf-b36e-fcec99e11211.t.ssp.hinet.net/pixel?bd=d9b00c21-ced5-4daf-b36e-fcec99e11211&t=50ef57

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame A772 975 B
637 B 12ms
12ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2415
cf-polished: origSize=1191
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Bqnu3NEf4XteOqsAxdN%2FjYhmz1HnCzIOq%2BbIVzujO4jIJTp2mPW1qaaBBRvAzf7TOrHn3AQ26cw3%2F%2BwDpVNy9yKv9%2Fax2bH5vmB1%2BY5iV6NT8kbtxQF16ltj%2Bwkb%2F4Jq4kWUlfTjl7908mLxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 66fa42e2dac02b89-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame A772 46 B
493 B 433ms
108ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 503843cc1faed5f2981e39e348d7f6ec3e798b27b2ed7e04067f09cf957e4e84

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://m.manhuagui.com
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame A772 345 B
979 B 354ms
145ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=m.manhuagui.com&u=https%3A%2F%2Fm.manhuagui.com%2F&xr=0&adid=ad-9A22ADA67222DA49183D9A62DD27962&w=320&h=50&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8582097654236163&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Fm.manhuagui.com
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6a713eaad71494ad23db3b6b0114c722736c4316800dae694327eca886cfc22a

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
x-width: 320
x-height: 50
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://m.manhuagui.com
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 345
x-adstyle: banner

GET
H2 200 native.html Show response
www.lookit.tw/ Frame 60AE 441 B
832 B 320ms
279ms Document
text/html 2606:4700:e4::ac40:a512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lookit.tw/native.html?s=320x50IK
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26

Request headers

:method: GET
:authority: www.lookit.tw
:scheme: https
:path: /native.html?s=320x50IK
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.manhuagui.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.manhuagui.com/

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
content-type: text/html
last-modified: Thu, 16 Jan 2020 04:03:45 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHo7606fkgoWLuX6czZGgAHYRcUFn2c1U79IOZiR1XhQFsMeYSo799OH0DaDky8sMNp6Fo%2FIUMU%2FP%2BE4lfZfGDXkbUv%2F0vVG7BCGL9UinRPV%2BukQcsLusweo8Bs1aGggsZWMguDIriZh5Y%2FW"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66fa42e56ee200da-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 7A50 807 B
659 B 14ms
13ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.manhuagui.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.manhuagui.com/

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 2411
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmbuqUu5bioNVrM5DUQiPIoHiKDyQv7bm4UxWbu0GEIg4GAuTpRE4yCQM%2F8lv4CBOEPQcNn4yy7i4LEBqmzsmtA4%2FSsrspV90ZSQHFHVuw4pvpnJ0g52gMrJrWend4w9KvQ7sO8%2BLtVhWG8qLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66fa42e599152b89-FRA
content-encoding: br

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame A772 35 B
266 B 317ms
107ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync
Requested by: Host: m.manhuagui.com
URL: https://m.manhuagui.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7A50 70 KB
25 KB 92ms
35ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f4439204edeee9a47439824147376f7701f7d2058670511e1a174b644a1fb0d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "931 / 563 of 1000 / last-modified: 1626387168"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24831
x-xss-protection: 0
expires: Fri, 16 Jul 2021 09:39:05 GMT

GET
H3-29 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7A50 329 KB
114 KB 63ms
32ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Fri, 16 Jul 2021 09:39:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 7A50 107 B
853 B 54ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7A50 107 B
313 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7A50 337 B
169 B 55ms
54ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1410638668426849&correlator=2209355605591267&output=ldjh&impl=fifs&eid=31061650%2C31061819%2C21064367%2C21068766&vrg=2021071501&ptt=17&sc=1&sfv=1-0-38&ecs=20210716&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1626428345493&dlt=1626428345226&idt=240&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=nel72basym5q&ifi=1&ifk=923963767&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fm.manhuagui.com%2F&top=https%3A%2F%2Fm.manhuagui.com%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=221395951.1626428345&ga_sid=1626428345&ga_hid=1098784110&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

709b26160e7b4871b06e874b63ce1248c4b54621f4db524e5dd2abc74696647b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3D2 6 KB
3 KB 50ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 16 Jul 2021 09:39:05 GMT
expires: Sat, 16 Jul 2022 09:39:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lookit_passback_aod.js Show response
ad.adondemand.com/native/ Frame 60AE 43 KB
13 KB 74ms
21ms Script
application/javascript 35.241.5.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=320x50IK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 209.5.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 7f9f5fa2facafe4859bfa262185556ea5b844ca3b8a8cbc6c9f4e0170db380d2

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 08:15:06 GMT
content-encoding: br
last-modified: Fri, 09 Jul 2021 08:34:51 GMT
age: 5039
etag: W/"60e80a2b-ac1c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 13556
via: AmigoCDN 1.0, 1.1 google
expires: Sat, 17 Jul 2021 08:15:06 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A50 11 KB
9 KB 40ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a258f226f3f385fc296ab0a53f8bb8a5d9d6905e0eae81d0c9e9de81efbd73aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8403
x-xss-protection: 0

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 60AE 75 KB
28 KB 20ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 16 Jul 2021 09:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 752
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 28248
x-amz-id-2: 5Ox2hLEaC1vX3eq6fymxsHlb1vvEK45I2A8vK48WQTbWCfQMJyEgBHPd9Hu7bHemyzmQWq5W7G4=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Mar 2021 21:21:21 GMT
server: ATS
etag: "a0ca719a83f21a792c0b10708c948074-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: ZMPENSRJBK1Q0X1E
x-xss-protection: 1; mode=block
cache-control: max-age=900
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A50 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 16 Jul 2021 09:39:05 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 60AE 290 B
486 B 160ms
69ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=f80561fd-98f6-4eb2-b0d0-c5536abc8475&apiKey=G5D534CYNKYB889CQJQ6&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.lookit.tw%2Fnative.html&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f895d8ace58f9236c358ca5fd7b2fac47e490553e97fbb8f96a61667a3cddea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:05 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 b
geo.yahoo.com/ Frame 60AE 43 B
530 B 104ms
37ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=320x50IK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 09:39:05 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3405 12 KB
5 KB 21ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 16 Jul 2021 09:38:15 GMT
expires: Sat, 16 Jul 2022 09:38:15 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 50
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8F70 783 B
795 B 19ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

254d92f8e38ae2537bbb5441141dbf0fbc633660a3bf9c15fb15372346b7ba17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v6iJanNMUsm0FI0qAJbLTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

expires: Fri, 16 Jul 2021 09:39:05 GMT
date: Fri, 16 Jul 2021 09:39:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-v6iJanNMUsm0FI0qAJbLTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3405 35 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 07:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 07:54:12 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 60AE
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

21ms
21ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=320x50IK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:06 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2409
content-length: 40120
last-modified: Fri, 28 May 2021 01:36:32 GMT
server: cloudflare
etag: "60b04920-9cb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ggZsTfK1nRM1megBWuLkkFzhrBTTx%2BlbicV2oSdUMl%2BNRQG8IBe%2Fvw0RzyhZnx69fc0SAzK6gggsX2yt7xo1i0QPfu6BqbHBaRFeMg6nr%2FD02fgovdqjyrneewoGzd7CYAA7VymYYXW10alIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66fa42ebedf02b89-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A50 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071501&jk=1410638668426849&bg=!Tk2lTQnNAAZjFomlYxY7ACkAdvg8Wvz6ahHzA5wulBOXF0rB1Hw2lbHz3xhz9YkDJLGcw_e3OFGb-wIAAABbUgAAAAxoAQcKAA5qyqWoM_RhJlpEtzuvOZkC2c34aZrC_b5VyN7BRGHKqqoZf_XhSW6N7U5aM7ZXodGiavS6Mrids_6dmIsU2LQMa3bwO1GsfU6J_NGvmumIZ1JArGQjU43VlhvRE001K4TN83lVmYv9jsjP_1rwRwBSHAV4YHiNqUJgW8LUPwaGW_7_INr8ptm2EjBK-0mpNWcuUEZZYO6X9h1pljMiBojyBx5snzrUuLUcpWYDZM-q-OcfiHjHs8xKna949kJAR_9fc-qnu1zYkB6kcc9kYJQP8CUzFoMfQn_HEiRpUax4g9rgsW4Smf-uoBJHTRQheLqUkaZ09-wopmGBFkuhNZGPD09okCtbcEFNg9EpZ8kFyso69OUB8Faap-uAptV1sC9z1LArPeg8aZtASnLensyXRXwvXG5hFBwQJx3unkQ0UUlUG5rQr_Z-rit-iPZ7S6h2SwXYQ_f9puAV2z45bcsvT2kmsz1cM3SUsR39AJEZYzQ2HDOcKW9byxZds2qkW8NUgOIesxfCUc6d6LaC1ByGZmLBNlkTb1xpBG5MqxLyVJmSkVvQk57nHUWwDEl_fhyh7FjIU-DN0dvTZwh1diELp8mSOgqM-tzujqU26M1QN36jmhza_LUePVU6g-9npwNjjI02xE_gyt1wQbHskY1HPnE9E4ScU77sLS9ieL2eUV24Srlo8aX8hijilwSgzQP80OwYSgpl18Sdq3Zzl9QyYq0piGMD91eHbszWrqDDR-xNtYmD7Rwz0_3hoF1069a3k__i_1gLX1ys0AQ3WzZIWudcTKJegXUjlzuHW_W-dM00jXtyn4Q4zcAVBkw8Jjcz7dqM6AtR7TyZ2HMDyKS0SvrqKKYFA3rKlhr43M7iCnQfjhgpnYuDxmXlmlBHwKIK9-uJ-YaTeVbn7I5_x3e_6lHUDeKNa10_QtvatNt806pvUJSLkKZiT1uPyEVDaaGD336qnz7Wl3Pgfw3vd46zGD3rLxIV2LNNrg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 09:39:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 60AE 975 B
549 B 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2417
cf-polished: origSize=1191
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoT9nStQ96H5Z8KUzkw1wqDJYFqpEALR4aex%2FAIV2QWnPKRfx%2B2loOdPerrfn2BdiGJQng6MRnrPbGZE6wgVMTVksP7UiixB2tW8hL0cJ%2B7a7ZA0mlLGrbUHL2I7Xl4wtB3jQ2nsA16XgxIjXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 66fa42ec0e2b2b89-FRA
cf-bgj: minify

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 60AE 631 B
1 KB 1375ms
148ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=www.lookit.tw&u=https%3A%2F%2Fm.manhuagui.com%2F&xr=1&adid=ad-D2329734AB63EDD90DD3AE844B2EEDE2&w=320&h=50&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.8508019422870585&ao=https%3A%2F%2Fm.manhuagui.com
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 38dc213220da56b254b5f6e0010485e2ca9d288d4b0c63dcdb4109f15f3f93fa

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:07 GMT
x-width: 320
x-height: 50
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 631
x-adstyle: banner

GET
H2 200 3020252450.jpg
cf.hamreus.com/cpic/ 60 KB
60 KB 34ms
33ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/3020252450.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

d6a982739bf872311170208aa249907e8945dd009a6ff2be4cc3cefa3efe4509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6116059
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 61224
last-modified: Wed, 09 May 2018 03:57:03 GMT
server: cloudflare
x-frame-options: DENY
etag: "9d9d39ca49e7d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aen228K%2BrQpKq0C%2BMDsP1Hs05u%2FNpCV%2Bmrlqnk0%2Bz3woB0ZMYg9Lbd%2BllRyiLdgNA7K%2BC6dIgTl8ZC6%2FtRC0Bt3X0CKuAu7O7MeLcjbTPOSEx3Lw6R4z9Bi5yYUT3XYWdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa42f08f544ec2-FRA
expires: Fri, 06 May 2022 14:44:47 GMT

GET
H2 200 housead-55c83e0ac8eed1df04c1e6d6-1625551208830.png
cdn.aralego.net/ucfad/house/ Frame 3E63 9 KB
9 KB 13ms
12ms Image
image/png 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/ucfad/house/housead-55c83e0ac8eed1df04c1e6d6-1625551208830.png
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=320x50IK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc0c2d442b00c1e369dd5b81ec6e719dd1a32812efef4b89e155dd47ffb1a26

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2153
content-length: 8707
last-modified: Tue, 06 Jul 2021 06:00:12 GMT
server: cloudflare
etag: "60e3f16c-2203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49t7AMbRAFG7HyygfkweEcdOatNJCTOhs92mrTc4XaH98CIR218qU8ElgLTKCSefXCYFAvDlFFGoYtSRtVmwjO8AOOn5z989ok52HYe9kb%2BgocDIbF3oLcAsCC3orgXpMnyf1AiFdf2sFXPH7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 66fa42f4a9472b89-FRA

GET
H/1.1 200
OK im-uid.ctp.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 26ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.ctp.js
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mXEwxZJaq1mTCT8210HVBrBkzexqDSro
Content-Encoding: gzip
Last-Modified: Fri, 04 Jun 2021 06:40:52 GMT
ETag: "acb4a4c0b7c909aa8d76098134b478a6"
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=3600
Date: Fri, 16 Jul 2021 09:39:10 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2415

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 28 B
169 B 247ms
232ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?vid=01FAQAY7KWZMBJWRCW3G88BC95&cid=6858
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.ctp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://m.manhuagui.com
date: Fri, 16 Jul 2021 09:39:10 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 28
content-type: application/json

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 796ms
705ms Script
text/plain 13.224.96.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4299839&widget_id=40015&auc_id=&callback=_lgy_lift_callback_4299839&url=https%3A%2F%2Fm.manhuagui.com%2F&ref=&im_uid=h.3ca6c8fd41e51ee2
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-86.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 09:39:10 GMT
Via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: ZRH50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: n5q1qJr1LRPTHDPcC6JJtQSQbdGPZWb-04Vj5DHkerpe0Ex6hs6QnA==

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 911B 495 B
664 B 2154ms
965ms Document
text/html 54.249.77.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.77.228 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-77-228.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

:method: GET
:authority: sync.logly.co.jp
:scheme: https
:path: /sync/sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.manhuagui.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.manhuagui.com/

Response headers

date: Fri, 16 Jul 2021 09:39:12 GMT
content-type: text/html
content-length: 495
server: nginx
last-modified: Thu, 15 Jul 2021 05:22:22 GMT
etag: "60efc60e-1ef"
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 3021512953.jpg
cf.hamreus.com/cpic/ 70 KB
70 KB 32ms
31ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/3021512953.jpg

Requested by

Host: m.manhuagui.com
URL: https://m.manhuagui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

311b61f049c78b8f3589dd4dc1b076ea41e7f4cf1904378f15f083509248515d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7135147
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 71312
last-modified: Wed, 09 May 2018 03:57:03 GMT
server: cloudflare
x-frame-options: DENY
etag: "31af5c949e7d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2pELty%2BcrkLtBHtFhbPv0ncz5DN%2BhA%2F5wulC%2FMAZZ2v%2F3VIRc1uW340SNy2FkiA8HJmMiWLgEFwj1dQ6TUKDVWr7RJKEc3c43azAR%2FYzGykaNQL4J7UMS%2Bo7Z1JBUVsRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa4311bea64ec2-FRA
expires: Sun, 24 Apr 2022 19:40:05 GMT

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 911B 0
268 B 251ms
251ms Script
text/plain 54.249.77.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.77.228 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-77-228.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 16 Jul 2021 09:39:13 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5078 291 B
724 B 43ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=m.manhuagui.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=m.manhuagui.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://m.manhuagui.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://m.manhuagui.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1522
set-cookie: uid=85e966f9-99cf-46a6-8627-f300325413e7; expires=Sat, 16 Jul 2022 09:39:12 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 16 Jul 2021 09:39:12 GMT
content-length: 321

GET
H2 200 2515260853.jpg
cf.hamreus.com/cpic/ 58 KB
58 KB 37ms
36ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/2515260853.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

4fd7cbc84a012b2087349173c47f754c01ed8b287acfb7db52f49deed9d25267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7134196
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58993
last-modified: Wed, 09 May 2018 04:02:42 GMT
server: cloudflare
x-frame-options: DENY
etag: "386985944ae7d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA8trRKC8Fo9pXINOBwos0V1AkyxnZga1atrpU787B6WGdH35pqXgcpuCUTVjQkOi2f9L3EEcrzOh4XpScCmkJ38y0LXL7JiNpWjCm7D9VGstgMGxFT8BmcBiwd7IeOdKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa4332fc5c4ec2-FRA
expires: Sun, 24 Apr 2022 19:56:01 GMT

GET
H3-29 200 3020162347.jpg
cf.hamreus.com/cpic/ 68 KB
69 KB 39ms
39ms Image
image/jpeg 104.24.8.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/cpic/3020162347.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.24.8.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

67fcdf56a3de5f3b83f3a289bb364d166469bd70fea58f193cfd5dcddc3c46bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://m.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:39:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6116059
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 69670
last-modified: Wed, 09 May 2018 03:57:03 GMT
server: cloudflare
x-frame-options: DENY
etag: "4844bca49e7d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8XHegixaFOFEPsNN8ZRGqNU73GUuYxbeekf%2FqtkB4unSzu%2B9J6b6UoypFSH243PkX5IFbdgJTESnCrlbGJlvlDfiOShiGC626GYyG04fE74OOcnsNw6XWWOs2wukPpAEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66fa43542ab964eb-FRA
expires: Fri, 06 May 2022 14:45:02 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cf.hamreus.com/scripts/core_68D72EB7E730B6C6A0B7A62FB8C5F282D0CCEDFE.js(Line 22) Message: aaa
console-api	log	URL: https://cf.hamreus.com/scripts/core_68D72EB7E730B6C6A0B7A62FB8C5F282D0CCEDFE.js(Line 22) Message: 无评论载入div

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

958f53d6a6cbb6f671b5923305b025a8.safeframe.googlesyndication.com
ad.adondemand.com
ad.holmesmind.com
ad.sitemaji.com
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.be
adservice.google.com
agent.aralego.com
audiencedata.im-apps.net
banner-cfnetwork.cdn.hinet.net
c.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cf.hamreus.com
d9b00c21-ced5-4daf-b36e-fcec99e11211.t.ssp.hinet.net
dmp.im-apps.net
fcm.holmesmind.com
fp.holmesmind.com
geo.yahoo.com
gum.criteo.com
jy.ggweb.net
l.logly.co.jp
m.manhuagui.com
nt.compass-fit.jp
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
s.yimg.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
t.ssp.hinet.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.lookit.tw
103.132.192.30
104.24.8.56
128.1.164.123
13.224.96.86
142.250.74.194
162.210.196.208
175.41.232.18
203.75.214.136
210.61.33.232
212.82.100.146
2600:1901:0:e207::
2600:9000:2190:3c00:0:e06c:e940:93a1
2600:9000:2190:dc00:3:1794:2540:93a1
2606:4700:20::681a:467
2606:4700:e4::ac40:a512
2a00:1288:110:c204::b000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:400c:c04::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:bb90
34.117.219.39
34.95.67.231
35.190.35.45
35.201.76.93
35.241.5.209
45.32.60.39
52.194.18.12
54.249.77.228
0beffdab5eb3e5bb2d2bd0a0222d54397a2583b3a8b5681cf353d5f35f893afe
136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
188b0d3eb0be2485653ea47f9f8baa11e4f0d2a07e0e27806faebbcd989df78e
1a9163963ae4e7fae1d0aef79cd92d029b29843766ce501c764fc91092b2c314
1b83424b581a2bbc489aed4c5528ac899b07de0f8a17cfe68b02b778d7674f96
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1dc1b0a343a35b161b7a15101c9e9ee44e5bb63af09f70197df5c1c799ba0dd8
254d92f8e38ae2537bbb5441141dbf0fbc633660a3bf9c15fb15372346b7ba17
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637
30a3ff10c02fd69f1209bd9153c983a776c8863cb91c3effb4a1be7c9b80e1bb
311b61f049c78b8f3589dd4dc1b076ea41e7f4cf1904378f15f083509248515d
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
38dc213220da56b254b5f6e0010485e2ca9d288d4b0c63dcdb4109f15f3f93fa
40f8089c5f70fbac32be2c6d6685964978c8f979891af2a40583c77cdccdc55a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd7cbc84a012b2087349173c47f754c01ed8b287acfb7db52f49deed9d25267
503843cc1faed5f2981e39e348d7f6ec3e798b27b2ed7e04067f09cf957e4e84
577bf72652465e6b387e12a324138170ca5f793cb2db18c9678695a680c12529
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678
63e294eacd6b2b907c4503e6e2489d1c33944c08489e73b1c496c824039c799b
67fcdf56a3de5f3b83f3a289bb364d166469bd70fea58f193cfd5dcddc3c46bf
6a713eaad71494ad23db3b6b0114c722736c4316800dae694327eca886cfc22a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
709b26160e7b4871b06e874b63ce1248c4b54621f4db524e5dd2abc74696647b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74587997700a21432ad612415c3de3ae84e65c5e95d2c59691d714697e8434e6
7ae50713261aba1a94afe26df21e722fa3c82a4eb136b4f95a95b50edc10bcf8
7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba
7d48483199e6616d96fc8b45c384f40ecf0409fabb06398614cc4cab77ccb277
7f9f5fa2facafe4859bfa262185556ea5b844ca3b8a8cbc6c9f4e0170db380d2
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
898537e9613d0afb6a6c0b1260b5d75ea9a7e39eb7619fb8ce1f2d458de3dfb7
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
911e1ae59bee7c424cdc950ea226bec46af2a4048a51fec42fe2a7009e8ddb9b
9493b54962b4b477b04c5815f58e7748a50227be9fe8855ec41b18194601851e
9f8fafd406cacb16ae0ef6304e1687cb1a02f4ef44ee96ed6678af4fd459b319
a258f226f3f385fc296ab0a53f8bb8a5d9d6905e0eae81d0c9e9de81efbd73aa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa57468383b53d9b60458647e700cac69a75326752b41c9a6db4fdbab461a58c
abc0c2d442b00c1e369dd5b81ec6e719dd1a32812efef4b89e155dd47ffb1a26
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28
b65acca8ab39c8f8aceec0510e4f85c3951ee6214b78c9a7693f03b9624fe697
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bcab50b80facdd8259667f6902b74c713dc70feaf073cfed9b8de4a69fca6a0e
c7db02d7d0d3bc873259556351a127d4c8b9e60c09311bcfec79e01fc11bf9bb
d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d63245c98c466091fa4a8bb7ca4de4c4a9d338833cea4a1baa2e8e4af68911ea
d6a982739bf872311170208aa249907e8945dd009a6ff2be4cc3cefa3efe4509
e12210f408f5dbfa5c9327c74d95e2ed04a8b33ea655da4a90e132cad2857c58
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc945ec243d245659fc3139528a6f335e656333b5d7fd54e89780a92d260917
ebe4455f17c3ef199c26084feecedb6f6fadc5e3c36b636ef38a0f44a59c218c
ebff4bdabba89b14dfc3698fbbd41fd3468b9aec1a5415e33fa6c72e505670ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f4439204edeee9a47439824147376f7701f7d2058670511e1a174b644a1fb0d9
f45251ca5f051c72ad1fb169af736cc21c8a16f798f4b7583f8717c3ff0773d6
f895d8ace58f9236c358ca5fd7b2fac47e490553e97fbb8f96a61667a3cddea7

m.manhuagui.com Open in urlscan Pro 45.32.60.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

53 %IPv6

24 Domains

40 Subdomains

38 IPs

8 Countries

1071 kBTransfer

1708 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

m.manhuagui.com Open in urlscan Pro
45.32.60.39 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

53 %
IPv6

24
Domains

40
Subdomains

38
IPs

8
Countries

1071 kB
Transfer

1708 kB
Size

0
Cookies

79 HTTP transactions
0 data transactions