ww9.mangaheroacademia.online Open in urlscan Pro
2606:4700:3031::ac43:bee3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww9.mangaheroacademia.online/
Effective URL:
https://ww9.mangaheroacademia.online/?2023-10-28
Submission: On October 28 via api (October 28th 2023, 3:37:30 am UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 22 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3031::ac43:bee3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww9.mangaheroacademia.online.
TLS certificate: Issued by E1 on September 9th 2023. Valid for: 3 months.

This is the only time ww9.mangaheroacademia.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3031::ac43:bee3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1 23	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700:303... 2606:4700:3037::ac43:bf3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	44.196.11.14 44.196.11.14	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	80.77.87.130 80.77.87.130	46636 (NATCOWEB) (NATCOWEB)
1	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.171.39.110 54.171.39.110	16509 (AMAZON-02) (AMAZON-02)
1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1	52.18.191.233 52.18.191.233	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	3.248.171.173 3.248.171.173	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
109	28

9 2606:4700:3031::ac43:bee3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ww9.mangaheroacademia.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:bf3c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

readdemonslayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.196.11.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-11-14.compute-1.amazonaws.com

api.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net

p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1h-euc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.130 (Clifton, United States)

ASN46636 (NATCOWEB, US)

prebid.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.39.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-39-110.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.191.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-191-233.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.171.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-171-173.eu-west-1.compute.amazonaws.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	490 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com	182 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	147 KB
9	mangaheroacademia.online 1 redirects ww9.mangaheroacademia.online	218 KB
6	readdemonslayer.com 1 redirects readdemonslayer.com — Cisco Umbrella Rank: 677037	117 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 Failed	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	236 KB
4	purpleads.io api.purpleads.io — Cisco Umbrella Rank: 43211	3 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1523 mp.4dex.io — Cisco Umbrella Rank: 2070	26 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	611 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	clean.gg i.clean.gg — Cisco Umbrella Rank: 894
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1421	47 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481	587 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	367 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2437	567 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	279 B
1	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3706	449 B
1	admanmedia.com prebid.admanmedia.com — Cisco Umbrella Rank: 57732
1	zemanta.com b1h-euc1.zemanta.com — Cisco Umbrella Rank: 27486	149 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	263 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35 Failed	89 KB
109	22

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	ww9.mangaheroacademia.online pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	ww9.mangaheroacademia.online	1 redirects ww9.mangaheroacademia.online
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	readdemonslayer.com	1 redirects ww9.mangaheroacademia.online readdemonslayer.com
5	fonts.googleapis.com	ww9.mangaheroacademia.online googleads.g.doubleclick.net readdemonslayer.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	api.purpleads.io	readdemonslayer.com
2	script.4dex.io	readdemonslayer.com script.4dex.io
2	www.google.com	1 redirects tpc.googlesyndication.com
2	p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com
2	www.googleadservices.com	ww9.mangaheroacademia.online
2	p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com
1	i.clean.gg	cadmus.script.ac
1	cadmus.script.ac	script.4dex.io
1	hb-api.omnitagjs.com	readdemonslayer.com
1	onetag-sys.com	readdemonslayer.com
1	ads.servenobid.com	readdemonslayer.com
1	prebid.a-mo.net	readdemonslayer.com
1	hb.minutemedia-prebid.com	readdemonslayer.com
1	mp.4dex.io	readdemonslayer.com
1	prebid.admanmedia.com	readdemonslayer.com
1	b1h-euc1.zemanta.com	readdemonslayer.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ww9.mangaheroacademia.online
109	28

This site contains links to these domains. Also see Links.

Domain
coffeemanga.online
mangaheroacademia.online

Subject Issuer	Validity	Valid
mangaheroacademia.online E1	`2023-09-09` - `2023-12-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
readdemonslayer.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.purpleads.io Amazon RSA 2048 M01	`2023-10-01` - `2024-10-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-01` - `2024-07-31`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.a-mo.net R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
cadmus.script.ac E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://ww9.mangaheroacademia.online/?2023-10-28
Frame ID: 1728E5DA46AC7FDBE8BF79531063ADCA
Requests: 25 HTTP requests in this frame

Frame: https://readdemonslayer.com/insurance.html
Frame ID: 8784418BD95AE2F07CE1A70B346572E3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 77238F605353ED20B029CAA8C18E0281
Requests: 1 HTTP requests in this frame

Frame: https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: CB7529EF69B8A290222877FF6FF9CCE5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9372914289208041&output=html&adk=1812271804&adf=3025194257&lmt=1698457045&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698464245913&bpp=26&bdt=421&idt=297&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8415491363538&frm=20&pv=2&ga_vid=800838399.1698464246&ga_sid=1698464246&ga_hid=2001878247&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079096%2C42531706%2C44801484%2C44805932%2C44806738%2C31078297%2C31079155&oid=2&pvsid=18393527245557&tmod=1019952850&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fww9.mangaheroacademia.online%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321
Frame ID: A0410EC242870FA595EFBA298704C729
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9372914289208041&output=html&h=280&slotname=5394072804&adk=1597958676&adf=2886570521&pi=t.ma~as.5394072804&w=815&fwrn=4&fwrnh=100&lmt=1698457045&rafmt=1&format=815x280&url=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698464245939&bpp=2&bdt=447&idt=301&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8415491363538&frm=20&pv=1&ga_vid=800838399.1698464246&ga_sid=1698464246&ga_hid=2001878247&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079096%2C42531706%2C44801484%2C44805932%2C44806738%2C31078297%2C31079155&oid=2&pvsid=18393527245557&tmod=1019952850&uas=0&nvt=1&ref=https%3A%2F%2Fww9.mangaheroacademia.online%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cJpmDci2kk&p=https%3A//ww9.mangaheroacademia.online&dtd=307
Frame ID: 351159AB0AD4C6B7117441EAD7BB0B33
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9372914289208041&output=html&h=70&slotname=5394072804&adk=4011234837&adf=3241307840&pi=t.ma~as.5394072804&w=1580&lmt=1698457045&rafmt=12&format=1580x70&url=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698464245942&bpp=1&bdt=450&idt=316&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C815x280&nras=1&correlator=8415491363538&frm=20&pv=1&ga_vid=800838399.1698464246&ga_sid=1698464246&ga_hid=2001878247&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079096%2C42531706%2C44801484%2C44805932%2C44806738%2C31078297%2C31079155&oid=2&pvsid=18393527245557&tmod=1019952850&uas=0&nvt=1&ref=https%3A%2F%2Fww9.mangaheroacademia.online%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&cms=2&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qKYJwMD1Qr&p=https%3A//ww9.mangaheroacademia.online&dtd=323
Frame ID: AD1C514336EE53D4303764B25C13F155
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 684856823DF4E661671505F484547A6A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2D570732964BC0063F2A8333A7AA1D98
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: A029D68DBD1296C4E9BE7C308922AD71
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 95F8A6771A70570A96219483936F8E20
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5D44EFE42B4DE9D79AEEB292930710F2
Requests: 2 HTTP requests in this frame

Frame: https://p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: FFCB73EB6D8EDE454B9883BDEE5C5971
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Frame ID: 7E4DD9C1E771AAF58853AB640F9369E8
Requests: 1 HTTP requests in this frame

Frame: https://p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: BD1B6346A3F140645D4302EE1D81B042
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Frame ID: 64475029532519931CF9F409F104A862
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Frame ID: C0D70DBBF290F6CFE370B1B9E4A41F3F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js
Frame ID: FC53014FEBCD328C454A34DD66FC6A97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A833A5ED93160452EB0805350D3A399
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3D74335188668744EFE5C07146F9730
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: DEDCC9897F69382630C79D7FC5F07F67
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Hero Academia Manga Online

Page URL History Show full URLs

http://ww9.mangaheroacademia.online/ HTTP 301
https://ww9.mangaheroacademia.online/ Page URL
https://ww9.mangaheroacademia.online/?2023-10-28 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

94 %
HTTPS

56 %
IPv6

22
Domains

28
Subdomains

28
IPs

5
Countries

1562 kB
Transfer

4745 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://coffeemanga.online/
Title: Read All Manga

Search URL Search Domain Scan URL

URL: https://mangaheroacademia.online/
Title: My Hero Academia

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww9.mangaheroacademia.online/ HTTP 301
https://ww9.mangaheroacademia.online/ Page URL
https://ww9.mangaheroacademia.online/?2023-10-28 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ww9.mangaheroacademia.online/ HTTP 301
https://ww9.mangaheroacademia.online/

Request Chain 24

https://readdemonslayer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=COdW39oE8ZYKDErqW78EP1YmN0A237NHnc5m43KbZEcCNtwEQASDQ9NKFAWCVgoCAtAegAeLfvJQqyAEJqAMByAPLBKoE5gFP0FKLcqvoi2fd8y-pJG7c-hgSboAiBJP6AgSGdPAgNNyC6MLyJHnA6fntx5HUz2YRhjBerVSP0TQ6oYR-aiXZDfLia2wlzpi1ww3xinm7wTtyzCWSry0Z3P4RWW-2-mp2bpd7xVSlr2_QVdCDCmpoB1SZI8jyQDjMHAPGMvCbByRwq3aXEW9nuLIMZljHeygEbqM4YKkHT9S4AZJCnrqpQsb_wENYIofKWsGKdp4eS1zMDVERUC-1RUuE9TcVQ5syRpIYA7eoEncV4kC6JldmpN_ERoQk8NmDMzQmXl4jjvbQiiJIZcAE-PT23sIEiAX4s8WTTZIFBAgEGAGSBQQIBRgEoAYugAfil430BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKvDC9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCZ4BaHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzP2NvbnQ9ZWIyJkhSK1NvZnR3YXJlJnNyYz1tZyZnY2g9VDAwMDA3MTgmdmlzaXRvcl9pZD0lN0JnY2xpZCU3RF9fX18lN0JwbGFjZW1lbnQlN0QmbGlua19rZXk9MmFhMWY4ZGM4MjAxOTEwZjViNDI0MGM2MDc1ZjZlYTOACgHICwG4E-QD2BMNiBQD0BUBgBcBshccChoIABIUcHViLTkzNzI5MTQyODkyMDgwNDEYAA&sigh=gcIzXrVjKio&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNo_mPg_J1LfY-1jY_4KOiP2c9nvWoKai74RZY1rVo9tauOEPB0e_rxXfyUoqg-MTUER0A_mK7aTH0am-bZ9lhVh1wbgWDMBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211218234532477829454%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211317227490%22],%224%22:[%2210-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217761273886508239265%22}&andc=true

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
ww9.mangaheroacademia.online/
Redirect Chain

http://ww9.mangaheroacademia.online/
https://ww9.mangaheroacademia.online/

153 KB
35 KB

166ms
79ms

Document
text/html

2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ww9.mangaheroacademia.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 81d023dd2a389b9e-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 28 Oct 2023 03:37:25 GMT
last-modified: Saturday, 28-Oct-2023 03:37:25 GMT
link: <http://ww9.mangaheroacademia.online/wp-json/>; rel="https://api.w.org/" <http://ww9.mangaheroacademia.online/wp-json/wp/v2/pages/379>; rel="alternate"; type="application/json" <http://ww9.mangaheroacademia.online/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
nginx-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYoBJZ2zlbJ3JWlN%2FKUklEGma9dywVMBJgaKijZ6208g3Us%2Ft17R9pUct0%2FO%2BJHKgGXGc%2BRdW%2B4MaTaiMDvJ6qg73NTUmvcKpmnMjZv7odIrMfowI6KHxXjVYoqy%2BXVmUvqKk5aEwuiFOhIg2SERsj%2B1EcSf2Tn5XqGx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-cache: HIT From ww9.mangaheroacademia.online
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 81d023dc4d442bda-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 28 Oct 2023 03:37:25 GMT
Expires: Sat, 28 Oct 2023 04:37:25 GMT
Location: https://ww9.mangaheroacademia.online/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaPB5WAR8WnMfOwRxI3BHqW1d2ofTp62YckJK0MPkgdkrgrP6ybmiCEARiwenyR5TVZnGxleELzctcmNXdhcrR37HEH9tCrTqmFwXgMyFmhUkmpnEt2pAoYBa7sqE6UlVRaefVTwz1Osl8PHsOrYgOZnc%2BmRYttnrOVE"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 autoptimize_98fc86670e415a6293b86e6cf333ec6f.css
ww9.mangaheroacademia.online/wp-content/cache/autoptimize/css/ 173 KB
33 KB 53ms
52ms Stylesheet
text/css 2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww9.mangaheroacademia.online/wp-content/cache/autoptimize/css/autoptimize_98fc86670e415a6293b86e6cf333ec6f.css
Requested by: Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39507
cf-polished: origSize=177348
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Aug 2023 17:39:05 GMT
server: cloudflare
etag: W/"64dd09b9-2b4c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77YT%2BOghvgKcYpweHQ%2BxJRREVeiHjmcFVXVSdfsJepGDHlkfy%2FJdkcFRwVIBKvZiWmOg%2FaHzfS7ylnVGjCqsIVXs%2FA9DQCuafAn%2BwLbKHcGyL3xmX3tbi2kNV5%2BijgLg6x3oygdUa9bKUqgaX%2BSU8CMkh%2B0RCHUyZdCz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 81d023ddba899b9e-FRA
expires: Sat, 28 Oct 2023 04:38:58 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 jquery.min.js
ww9.mangaheroacademia.online/wp-includes/js/jquery/ 87 KB
32 KB 50ms
50ms Script
application/javascript 2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww9.mangaheroacademia.online/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30147
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf86HIQ0FmTGkVKaS73QugPTdfDiEPdCzWhqr1B4JxSE71jP8hTNgZxh87FwpS1QHsXhnIa7z72gPVzghIjUcDkCyE3SeJFx%2F10HnT06SnKg647dudBX5tA%2BFBwcheazLev%2Bk8brppi0O843Xxw%2F%2FNW3DEpUFIWxAKmS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 81d023ddba8b9b9e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Oct 2023 07:14:58 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET lazysizes.min.js
ww9.mangaheroacademia.online/wp-content/plugins/autoptimize/classes/external/js/ 0
0

GET
H2 200 Primary Request / Show response
ww9.mangaheroacademia.online/ 155 KB
35 KB 98ms
97ms Document
text/html 2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ww9.mangaheroacademia.online/?2023-10-28

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e8c70ff6a41e32c71c42eef47edf0c2194f0f39b2f0178869feb2d949527d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 81d023ddca9c9b9e-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 28 Oct 2023 03:37:25 GMT
last-modified: Saturday, 28-Oct-2023 03:37:25 GMT
link: <http://ww9.mangaheroacademia.online/wp-json/>; rel="https://api.w.org/" <http://ww9.mangaheroacademia.online/wp-json/wp/v2/pages/379>; rel="alternate"; type="application/json" <http://ww9.mangaheroacademia.online/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
nginx-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsXWRgoacFHHsZM57IsNK0Wq5xCEJe4S8HwYeraqv%2Bsf9d1U%2BpEyBK%2Fvidd0xx15m7sTUU9bGnRC4MIwQ9Th6ChcudsyFTQw0isnNrOPXJrPRkjoGMajpm7pbfV7SUEphx%2FpibkteiVgcEjF97J%2BskJdFl%2B29AhgzPCk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-cache: HIT From ww9.mangaheroacademia.online
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 autoptimize_adfa3b7d6516a619d4706de343157faf.css
ww9.mangaheroacademia.online/wp-content/cache/autoptimize/css/ 174 KB
33 KB 52ms
52ms Stylesheet
text/css 2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww9.mangaheroacademia.online/wp-content/cache/autoptimize/css/autoptimize_adfa3b7d6516a619d4706de343157faf.css
Requested by: Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50a9d83140fe27b328466b68ee9589b849984e0ecc3df3510b60fe37ed645fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/?2023-10-28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32187
cf-polished: origSize=178193
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 22 Sep 2023 19:34:04 GMT
server: cloudflare
etag: W/"650dec2c-2b811"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fFyIuvgTWx0IichSgxRm5mL2cqUJ0ZjlGn0MjwGvVfp%2FDxnsm%2BmZh5eezUmQZQZLcxtGbH0O%2BJj1nVv6oUzGCPlzDoDSfr3cjjI4Pw3PbcJvegGOiSxa%2BRVxGmlqn64V%2F88l%2BesLMd4drU0QwTAhHUobcwae328lFND"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 81d023de8f7f1a49-FRA
expires: Sat, 28 Oct 2023 06:40:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
890 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd82f6fc030a4b38eca7176b079619808ba33965e942cf6273c18dac1ddb39c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 02:09:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 03:37:25 GMT

GET
H3 200 jquery.min.js Show response
ww9.mangaheroacademia.online/wp-includes/js/jquery/ 87 KB
32 KB 130ms
130ms Script
application/javascript 2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww9.mangaheroacademia.online/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/?2023-10-28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28599
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8e%2Bepg1Bq2EFATbqrHlzESp4Q89PFwBFqfeCXpjf3I4U4HdRAFS9w8Exvtql921g%2ByF02y8qHB6FRmHIGnbjf5K4NKNATrd3VYC%2B0ek3L8N1JRuH3pUuVB6IEkRTbuxOq2vw1oWUtfSmcqz1YEPAI7OenJUjlCwFchr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 81d023de8f831a49-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Oct 2023 07:40:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9JY3BQ4DPF

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb3a30bc486d55e2d8f1f916f8c0e7e75d1d23fc1c289c4ca898349d763fc30a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 28 Oct 2023 03:37:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 147ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9372914289208041

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f20ffef711ef888e040385517e047575abfcb007a5bfca425cfafb61662946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Origin: https://ww9.mangaheroacademia.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51128
x-xss-protection: 0
server: cafe
etag: 5618886861781074942
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:25 GMT

GET
H3 200 lazysizes.min.js Show response
ww9.mangaheroacademia.online/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 46ms
46ms Script
application/javascript 2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww9.mangaheroacademia.online/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4
Requested by: Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/?2023-10-28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Jun 2022 23:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 32394
etag: W/"629bedd0-2655"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPX7ebKOTqNjLcOsvuoj9ydTSMYNLnGBWrI4n2pwBK6IFn2xkg7iZK%2FVH8dLThcFFHvKkK5ZuGcHnejUNXQ4lRo9HNXDHgABXqb5iAGHgHGAXAlyIxVd2bIDdmTv1Z6THLLYpYvtC7HATE02TtbFwTdIHYIOEX8ispc%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 81d023dfa84f1a49-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Oct 2023 06:37:31 GMT

GET
H3 200 autoptimize_831eb2c3b24329301ddf75738429cbbe.js Show response
ww9.mangaheroacademia.online/wp-content/cache/autoptimize/js/ 49 KB
15 KB 48ms
48ms Script
application/javascript 2606:4700:3031::ac43:bee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww9.mangaheroacademia.online/wp-content/cache/autoptimize/js/autoptimize_831eb2c3b24329301ddf75738429cbbe.js
Requested by: Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:bee3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22b1c669782602af39ff8d71e23c0568def8f95fe9113bfd3fc37d6700a7efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/?2023-10-28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32394
cf-polished: origSize=50356
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 27 Oct 2023 17:52:10 GMT
server: cloudflare
etag: W/"653bf8ca-c4b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu5QcPq20VIVs7XtvBZ7%2B7SLGMB0aRIvbtJNmUHT1Nid%2FZre1HIwAM9YY86e2%2BOBsiE9NuXnojCUmanBgd1vmZBLy1J07i7zT5%2B4N2xNXq56yCoUui46zgRd%2Bfjg3NIrxTbsZOc6rSshUW%2FbVrK%2FODX%2B7DjudP4IEPAV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 81d023dfa8501a49-FRA
expires: Sat, 28 Oct 2023 06:37:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 191ms
117ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9372914289208041

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a88aef0ab2cd802f65de0e4d8cef41721ec341d70f76fb2ace4865463ba584f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Origin: https://ww9.mangaheroacademia.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51461
x-xss-protection: 0
server: cafe
etag: 15402084224576247689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:25 GMT

GET
H2 200 insurance.html Show response
readdemonslayer.com/ Frame 8784 1 KB
1 KB 162ms
46ms Document
text/html 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://readdemonslayer.com/insurance.html
Requested by: Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605ec05b3db071b83d036f5c4f7fc9e24f92dd5c5ce007d10891a0d3644e4c62

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1420371
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
cf-cache-status: HIT
cf-ray: 81d023e06a719296-FRA
content-encoding: br
content-type: text/html
date: Sat, 28 Oct 2023 03:37:25 GMT
expires: Fri, 10 Nov 2023 17:04:34 GMT
last-modified: Mon, 11 Sep 2023 17:01:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v4xCKRWp%2BbWTvB2vf4CMh2dGdx0Aj8zoiqfWV0%2B2nx46FWiHMJs4Xwf6Yn2cZ2nnvm4BeKodjoFDS2JtnXxgMo1fnj5fQ5vpGCc5HTGOjk%2BNRQlBy3ui1KOj%2FZGON6HXbUPFcWCW8SMMcDk0XwgYwCW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 178ms
88ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ww9.mangaheroacademia.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 541132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 21:18:33 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 129ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ww9.mangaheroacademia.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 169068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 170ms
81ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ww9.mangaheroacademia.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 66868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 09:02:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 142ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9JY3BQ4DPF&gtm=45je3ap0v9103631095&_p=2001878247&gcd=11l1l1l1l1&cid=800838399.1698464246&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698464245&sct=1&seg=0&dl=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&dr=https%3A%2F%2Fww9.mangaheroacademia.online%2F&dt=My%20Hero%20Academia%20Manga%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JY3BQ4DPF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 03:37:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ww9.mangaheroacademia.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load.js Show response
readdemonslayer.com/ Frame 8784 42 KB
12 KB 50ms
50ms Script
application/javascript 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/insurance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21c2ce28e68f846c4821e6f5ebfa5f7aab4cd2db02736225b70425fb5a09de9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://readdemonslayer.com/insurance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12574
cf-polished: origSize=54467
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 12:42:11 GMT
server: cloudflare
etag: W/"648c58a3-d4c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ah%2FtIIQYIlwZpX%2FgoxJdU3Y5o0DZhqboV524yao5cB1F75Mi0zGewIisB8kU9eFAT4Zut6%2FLrmVAnUvOIuvjgV3ZxkLeFvDNEsemmmdq2nPWvBaqnwILGyvPFDeqd5Bw3edCT2OMElZIeT0uNWfLVdcO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 81d023e0ca8c9296-FRA
expires: Sat, 28 Oct 2023 12:07:51 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 395 KB
134 KB 155ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9372914289208041&plah=ww9.mangaheroacademia.online

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9372914289208041

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

280b8fac5bbf3bf9fba67e961cf10c6ea77974b78e5dba168140b78815dfc54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137230
x-xss-protection: 0
server: cafe
etag: 16800772247083956201
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 7723 10 KB
5 KB 126ms
38ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9372914289208041

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 19:29:22 GMT
etag: 4569948109300706969
expires: Fri, 10 Nov 2023 19:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f Show response
api.purpleads.io/x/v2/ Frame 8784 3 KB
2 KB 435ms
150ms Fetch
application/json 44.196.11.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/f?pid=71bbe119171b48318e28a79448e2e744&ts=1698464245996
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-14.compute-1.amazonaws.com
Software: /
Resource Hash: e8f56fec032768adce9c800a615c543750de3ebf6a46f5681b79c126a10f0b99

Request headers

x-request-url: aHR0cHM6Ly9yZWFkZGVtb25zbGF5ZXIuY29tL2luc3VyYW5jZS5odG1s
accept-language: de-DE,de;q=0.9
Authorization: Bearer fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://readdemonslayer.com/
x-purpleads-version: 2.0.1

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: br
pa-user-id: f48b2b93-f6aa-48f1-be4a-57c0ef5cb7b4
etag: W/"dae-t192gXB5mUeBLfYIYdB/y9e0Swo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://readdemonslayer.com
access-control-expose-headers: pa-user-id
access-control-allow-credentials: true

OPTIONS
H2 200 f
api.purpleads.io/x/v2/ Frame 0
0 460ms
142ms Preflight 44.196.11.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/f?pid=71bbe119171b48318e28a79448e2e744&ts=1698464245996
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-14.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://readdemonslayer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin: https://readdemonslayer.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Sat, 28 Oct 2023 03:37:26 GMT

GET
H3

200

main.js Show response
readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame CB75
Redirect Chain

https://readdemonslayer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

7 KB
4 KB

44ms
44ms

Script
application/javascript

2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28

Protocol

Server

2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65f617b7024778edb132228194421ddc4a6cfbb0c4f58c474d05621c094b9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSWO81OFG35T%2FGTj8ryyggRGatuJkKBlElGWuW5gegsETwgJ24d%2FZ1bApinond0ZsYYbc0O8REdRWKjYUobxIAY8odU1mBUgN5RsNtlWq5UP5%2BFIIS5h2lWBHmOw7l4sVCljdN%2BCJmntBogq7Fmk47SO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 81d023e1ef3018ef-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 28 Oct 2023 03:37:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4f0mVS3fO%2B8EW74baxiRyh%2FPtDV653LHB5LiySKMxFb8w%2F1a7J9f%2BwLOx3lYV72F%2B%2FXauPEWkanZkiuQaSTFF4z0fKVmHq8JgJsd%2FVYPrHyh%2FuJA4Cu1lZhf%2FjfeESY9pmBhnlRQPqFLhfj%2B5dmWuIT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
cache-control: max-age=300, public
cf-ray: 81d023e19eed18ef-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 81d023e06a719296 Show response
readdemonslayer.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CB75 0
566 B 59ms
57ms XHR
text/plain 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://readdemonslayer.com/cdn-cgi/challenge-platform/h/g/jsd/r/81d023e06a719296
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d3gbQGhk0vhPSJhTa7kzy%2FLAa%2BnAJeRliJ%2F1xOwFNV8pocSMrIbl%2B53VqVnu3qWXI1EVLzkeZnHKxZGPsQ4Cf7wlLuPFfg9AMZORnS8m68SB7WOEEa%2F2ysTL30P6jI0p2P%2FJM22UD8lmgn3Ygb5HyPl"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 81d023e2dfec18ef-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 415 B
611 B 142ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww9.mangaheroacademia.online&callback=_gfp_s_&client=ca-pub-9372914289208041

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9372914289208041&plah=ww9.mangaheroacademia.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e066a7b7cf8f908414188c9991bce798f8d01f998b01ca3a85b1d6c2502e6061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A041 473 KB
89 KB 522ms
521ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9372914289208041&output=html&adk=1812271804&adf=3025194257&lmt=1698457045&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698464245913&bpp=26&bdt=421&idt=297&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8415491363538&frm=20&pv=2&ga_vid=800838399.1698464246&ga_sid=1698464246&ga_hid=2001878247&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079096%2C42531706%2C44801484%2C44805932%2C44806738%2C31078297%2C31079155&oid=2&pvsid=18393527245557&tmod=1019952850&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fww9.mangaheroacademia.online%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ef6c6e261bb9b814c60ba8ab0e890e8d23dc1db4f55c558c68608b9cdfa7d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 91535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:26 GMT
expires: Sat, 28 Oct 2023 03:37:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3511 115 KB
39 KB 473ms
472ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9372914289208041&output=html&h=280&slotname=5394072804&adk=1597958676&adf=2886570521&pi=t.ma~as.5394072804&w=815&fwrn=4&fwrnh=100&lmt=1698457045&rafmt=1&format=815x280&url=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698464245939&bpp=2&bdt=447&idt=301&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8415491363538&frm=20&pv=1&ga_vid=800838399.1698464246&ga_sid=1698464246&ga_hid=2001878247&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079096%2C42531706%2C44801484%2C44805932%2C44806738%2C31078297%2C31079155&oid=2&pvsid=18393527245557&tmod=1019952850&uas=0&nvt=1&ref=https%3A%2F%2Fww9.mangaheroacademia.online%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cJpmDci2kk&p=https%3A//ww9.mangaheroacademia.online&dtd=307

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df92a840b426bc4233439d72a71d25c186c07b499056a886a391b35e26c0737d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39456
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:26 GMT
expires: Sat, 28 Oct 2023 03:37:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD1C 743 B
382 B 250ms
250ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9372914289208041&output=html&h=70&slotname=5394072804&adk=4011234837&adf=3241307840&pi=t.ma~as.5394072804&w=1580&lmt=1698457045&rafmt=12&format=1580x70&url=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698464245942&bpp=1&bdt=450&idt=316&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C815x280&nras=1&correlator=8415491363538&frm=20&pv=1&ga_vid=800838399.1698464246&ga_sid=1698464246&ga_hid=2001878247&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=1125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079096%2C42531706%2C44801484%2C44805932%2C44806738%2C31078297%2C31079155&oid=2&pvsid=18393527245557&tmod=1019952850&uas=0&nvt=1&ref=https%3A%2F%2Fww9.mangaheroacademia.online%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeoE%7C&abl=CF&pfx=0&cms=2&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qKYJwMD1Qr&p=https%3A//ww9.mangaheroacademia.online&dtd=323

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57ed3e4aeb23e301179fd7db0783e4b96b4a456ca064386d2d2584263685b335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:26 GMT
expires: Sat, 28 Oct 2023 03:37:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3511 4 KB
751 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9372914289208041&output=html&h=280&slotname=5394072804&adk=1597958676&adf=2886570521&pi=t.ma~as.5394072804&w=815&fwrn=4&fwrnh=100&lmt=1698457045&rafmt=1&format=815x280&url=https%3A%2F%2Fww9.mangaheroacademia.online%2F%3F2023-10-28&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698464245939&bpp=2&bdt=447&idt=301&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8415491363538&frm=20&pv=1&ga_vid=800838399.1698464246&ga_sid=1698464246&ga_hid=2001878247&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079096%2C42531706%2C44801484%2C44805932%2C44806738%2C31078297%2C31079155&oid=2&pvsid=18393527245557&tmod=1019952850&uas=0&nvt=1&ref=https%3A%2F%2Fww9.mangaheroacademia.online%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cJpmDci2kk&p=https%3A//ww9.mangaheroacademia.online&dtd=307

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 02:55:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 03:37:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 3511 2 KB
907 B 142ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 3511 23 KB
9 KB 134ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:59:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 3511 3 KB
1 KB 141ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:57:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 3511 20 KB
9 KB 137ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:48:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3511 187 KB
59 KB 146ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:26 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 3511 36 KB
15 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15170646118931434642/ Frame 3511 9 KB
10 KB 157ms
76ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15170646118931434642/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31da0caa7aea97a7e787626c6a4ebae4c491e55fa7c4c9a0474c127bfb74bf64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 10:54:30 GMT
x-content-type-options: nosniff
age: 146576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9665
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 09:29:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Oct 2024 10:54:30 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1134159255481059755/ Frame 3511 633 B
748 B 165ms
84ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1134159255481059755/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a19e71daeb720ebe229965c98d19c89354d5a59c1de8b6f18804ab02e637dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:36:56 GMT
x-content-type-options: nosniff
age: 3630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 633
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 16:34:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Oct 2024 02:36:56 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 159 KB
54 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31f26c5c331b14a9b5ec21d6dd08fd40a1e9642f2eaaadf4a6e8aff5939d166b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55373
x-xss-protection: 0
server: cafe
etag: 10964807778848147608
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:26 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 6848 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 19:28:25 GMT
etag: 4569948109300706969
expires: Fri, 10 Nov 2023 19:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 2D57 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 19:28:25 GMT
etag: 4569948109300706969
expires: Fri, 10 Nov 2023 19:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame A029 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29341
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 19:28:25 GMT
etag: 4569948109300706969
expires: Fri, 10 Nov 2023 19:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3511 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e2e269a77a872510808c5dbd8e32dd624aa70096d9eb10a176f3c4ec90f6fad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 6848 4 KB
671 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 03:13:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 03:37:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6848 205 B
519 B 41ms
40ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 02:28:25 GMT
x-content-type-options: nosniff
age: 90541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Oct 2024 02:28:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6848 604 B
695 B 41ms
40ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 11:17:16 GMT
x-content-type-options: nosniff
age: 145210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Oct 2024 11:17:16 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 6848 15 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6638
x-xss-protection: 0
server: cafe
etag: 5714928435844906340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:32:55 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 6848 20 KB
9 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:20:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 2D57 2 KB
859 B 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 2D57 23 KB
9 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:59:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 2D57 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:57:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 2D57 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:48:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D57 187 KB
59 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:26 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 2D57 36 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame A029 2 KB
859 B 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame A029 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:59:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame A029 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:57:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame A029 20 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:48:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A029 187 KB
59 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:26 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame A029 36 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3511 16 KB
16 KB 41ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 295873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3511 15 KB
15 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 362120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 23:02:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 95F8 14 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 03:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 03:10:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 03:37:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 95F8 2 KB
825 B 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 16:14:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 95F8 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:59:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D44 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 95F8 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:57:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 95F8 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 02:48:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95F8 187 KB
59 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 03:37:27 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 95F8 36 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:04:13 GMT

GET
H2 200 redir.html Show response
p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame FFCB 247 B
870 B 173ms
47ms Document
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

0ce0988c87ed7e13373998ed805912c117068fe6b089c5cb4132d1219f22cb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-ujLZ6RozAw45YpsfI3TRtQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3511
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=COdW39oE8ZYKDErqW78EP1YmN0A237NHnc5m43KbZEcCNtwEQASDQ9NKFAWCVgoCAtAegAeLfvJQqyAEJqAMByAPLBKoE5gFP0FKLcqvoi2fd8y-pJG7c-hgSboAiBJP6AgSGdPAgNNyC6ML...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211218234532477829454%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:...

0
0

157ms
74ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211218234532477829454%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211317227490%22],%224%22:[%2210-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217761273886508239265%22}&andc=true

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/?2023-10-28

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11218234532477829454","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11317227490"],"4":["10-28"],"6":["true"]},"priority":"500","source_event_id":"17761273886508239265"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 28 Oct 2023 03:37:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 28 Oct 2023 03:37:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11218234532477829454","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11317227490"],"4":["10-28"],"6":["true"]},"priority":"500","source_event_id":"17761273886508239265"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E4D 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15118
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 09:38:21 GMT

GET
H2 200 redir.html Show response
p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame BD1B 247 B
874 B 176ms
49ms Document
text/html 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

8d5d7d026f14366b5f54830d8b88171cdf8a09d6ffe28c4c8a8e225f63601c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 209
content-security-policy-report-only: script-src 'nonce-6RmvG3TSRdVEdMpM7MZ5_g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D44
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
49ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:27 GMT
expires: Sat, 28 Oct 2023 03:37:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 181ms
73ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 28 Oct 2023 03:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame FFCB 5 KB
2 KB 49ms
47ms Document
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

8866db5f4c0449d963acfa4ce708d012e25df2b64125d667992988e9acabdefe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-bByh-YJhzcyooFRnwEJ8SQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame BD1B 5 KB
2 KB 67ms
64ms Document
text/html 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

5c9c2d7f4f43be78f8d492740fe8c4303a580b74af915900255626c4d80d6ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-bPpIeFf1YhM5lwxzrcXTRQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js Show response
pagead2.googlesyndication.com/bg/ Frame 6447 39 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15118
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 09:38:21 GMT

GET
H3 200 KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js Show response
pagead2.googlesyndication.com/bg/ Frame C0D7 39 KB
15 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15118
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 09:38:21 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
66ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c128e56a21caa5afddb3c944534ead730e08a31e99a7a632681d0a425b67f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12226
x-xss-protection: 0

GET
H3 200 KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js Show response
pagead2.googlesyndication.com/bg/ Frame FC53 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtAbZGk4YSFPe8sm4rTLIGwqP9qmdNmoJQ7Qir-Zr9M.js

Requested by

Host: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15118
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 09:38:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 03:37:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A83 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 10:11:35 GMT
expires: Sat, 26 Oct 2024 10:11:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A3D7 829 B
998 B 57ms
56ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f87dae9b5239e481021ae9500b1830a3aebfb6bda94454fc9e6df3bd9e792b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4lR2pSwR4YPq4LFM_SHBog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww9.mangaheroacademia.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4lR2pSwR4YPq4LFM_SHBog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 03:37:27 GMT
expires: Sat, 28 Oct 2023 03:37:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A83 38 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Oct 2024 03:23:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3D7 0
0 76ms
75ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=18393527245557&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5A83 0
10 B 43ms
43ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dzYkzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DEDC 761 B
382 B 78ms
78ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://readdemonslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 03:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 03:09:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 03:37:28 GMT

GET
H3 200 prebid.js Show response
readdemonslayer.com/ Frame DEDC 328 KB
99 KB 86ms
85ms Script
application/javascript 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811e76111eea686fab6c7cfe682017b4c319656cb9f2e02b9ab2723c8d95fea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://readdemonslayer.com/insurance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32234
cf-polished: origSize=908753
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 09 May 2023 17:02:32 GMT
server: cloudflare
etag: W/"645a7ca8-dddd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ac776J6JbZBBBkin4tqCGMqAi1pqOKOSJuagd6s9Cb03ce%2FjiGF7Q0cPQvpPWIgbmjzfn0J6TC56t61QgnmMNOseYTNOk3uniiSV%2BIvqNMe13OqUrcLUJs7Akv6%2F6x5ErNbgiNkJLnbBaTOBTVXhyO7Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 81d023ee487e18ef-FRA
expires: Sat, 28 Oct 2023 06:40:14 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame DEDC 23 KB
23 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://readdemonslayer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 169071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3511 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugTb7n3KIL9mh5Igvdi9oiJ_fC_2M5Np4ImTVgfhQxckfc5VPPEMKa-MP2TLnkLhQ859hbtU5bjdso1soD-525-LEJm84IxRhaIJxm_Bh-c1Nc1dFEmlUpgLsXChgkMo5xM7A0hm0Id1mL&sai=AMfl-YSfXh1N1Tc7SOz7vWuWHOheRAz9LbvAlO5MGlUzj6qx8kjrWqxhZIifGBS59uByW6RwOZ3gPOIIw85BQSnZnZIkTN95bblPKS09te7JS-mLA69QJQBD45X3_Z2ghtLanln-G50vf0ZrGE6i&sig=Cg0ArKJSzHSBpefhSDaqEAE&cid=CAQSSwDICaaNo_mPg_J1LfY-1jY_4KOiP2c9nvWoKai74RZY1rVo9tauOEPB0e_rxXfyUoqg-MTUER0A_mK7aTH0am-bZ9lhVh1wbgWDMBgB&id=lidar2&mcvt=1000&p=0,0,280,815&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1597958676&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698464246247&rpt=848&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 03:37:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame DEDC 4 KB
2 KB 161ms
49ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://readdemonslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sat, 28 Oct 2023 03:37:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 23 Oct 2023 08:11:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 411914
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXmsG3QLrXs5qQ8HZkTNdiwYDqkY7NrfvZySrYZNB%2FvifqdTkvfl%2FqRCto%2BFNFVgk0gyy0lOzrIyoYjifiFkTJ1D%2BI2OCq8aRI%2B%2FwqlX4ywQ9PSc7cppY7%2FjIR0sRthqzT0Fz1TljgoSO30B"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 81d023f048515d7a-FRA

POST
H/1.1 204
No Content / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame DEDC 0
149 B 150ms
41ms XHR
text/plain 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: https://readdemonslayer.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK pbjs
prebid.admanmedia.com/ Frame DEDC 2 B
0 682ms
271ms XHR
application/json 80.77.87.130
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.admanmedia.com/pbjs
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 80.77.87.130 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://readdemonslayer.com
Date: Sat, 28 Oct 2023 03:37:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 204 prebid Show response
mp.4dex.io/ Frame DEDC 0
272 B 159ms
60ms XHR
text/plain 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 03:37:28 GMT
x-err: Parsing the Prebid Request. with empty page host
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://readdemonslayer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 81d023f049c46ae8-FRA
expires: 0

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ Frame DEDC 105 B
449 B 216ms
59ms XHR
application/json 54.171.39.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.39.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-39-110.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 668e4e5ae0295c1d5bde307941dccee311882e3f6aad4194cda65b388a7ea8e4

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 03:37:28 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://readdemonslayer.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame DEDC 0
279 B 171ms
61ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://readdemonslayer.com
date: Sat, 28 Oct 2023 03:37:27 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 adreq Show response
ads.servenobid.com/ Frame DEDC 327 B
567 B 289ms
155ms XHR
application/json 52.18.191.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5166
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.191.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-191-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 481e8af1350a1cb62fb63703af509cfba90d0b1eeb33f7046ca9da5b70d26d74

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 03:37:28 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://readdemonslayer.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame DEDC 15 B
367 B 140ms
40ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://readdemonslayer.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame DEDC 180 B
587 B 230ms
65ms XHR
application/json 3.248.171.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?PageUrl=&PageReferrer=

Requested by

Host: readdemonslayer.com
URL: https://readdemonslayer.com/prebid.js?v=1.1.8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-171-173.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a77951aa32f6b9a43ab0084032f8e3ddd33eede95e3ad1d0499aa2b30f5b28a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://readdemonslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 28 Oct 2023 03:37:28 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
x-kong-upstream-latency: 7
content-length: 180
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://readdemonslayer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
75ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=18393527245557&bg=!kJOlk9zNAAbo5yKYyOc7ADQBe5WfOAYr4QycddKIUpYi0_d4Ss4W3Ix5e0lg7yWRqqj86Pr9LOp5igmIjWyzLzz7G0M_AgAAAE1SAAAAA2gBB5kCzWlReg8ZlV8z-Gmjv5AOs9bJIq_MKYyChHraDyOkxlB82yaYj8_GuVwNfhpMn6iJAyKWfn4DwuZFdiAKAeA_J5N9d7eFQWMdFzyle5HaPH6ng_MaKN8OXKwWL55-yxyNOsvB2p2tPPSvputl-6SXLXx-6AK2VtYnZw5kEHnjw2e5f6oVkXrQwiaJLHHvqxxMT4864cu02YMzAIacQ9Z4w3A4FPECq5Y4bqXrU9OMpfAuTESRiyks17PZ4Wm2TS6OftkSvGljfPINbfFXJLP082B6rGt3d2qd3L6tTu73XI7m4UNOJhfjwZ8YqAflCr8txVyRFAT6SBfIg03BskXFlOnsdAmAz9tRIUefm2BAlpQgC6b7vc4RB6egUEF1TMKTqCu95YwxwasgaWvfoohoTPugJmjTkwi5dy4R0NgVZJcbG4aCsdL9__oP13KVdVqsgKKv5DvVKZ0gPli1VI-mJbhG3dMzoY7gSqmwYh4Rak1M3uzNGixfSOxgHh1JyYLDPc4XkcfLiDL9a4c1t4_1ybYxtwnFqftIoOuyleMn2vW4EshlEGtB9rhZ36U6pcpKJujv9oqjGHow29QOQIpyxH49JaRtcUml2n5Y81q21IB4xqbQqdCalh7Anrp3L6qaUrBat54nq16NB0nrzuh_tpXGYLy5tEVUJlrXVjDyhG9jzlHxCJDVmqndehE1D8Im_6DqCXoTXtN1mXhu_0mf4LZT_F-MaO71pV9ThpoZDb_gF_T9qriREtjyyVKgx0YJHEmoefBT1k6KbqlsNlCuUy5nNik_4TRO9QO1LCsEPzHgcJXDGiDxPzhe9de9gN5vGuO-_ENapVnRzManhsQ7_fJ5KK8jXrBdhah4gcYYxm_PjP_S1o6OH9wdGAbfL9R-GkAbCYFw2XMVqFMaVOXUhNoOqvu0Wb2BA9TIE_CWNL4p05gKNiVuLT_3uqnIKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww9.mangaheroacademia.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ Frame DEDC 132 KB
47 KB 159ms
49ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05bf9f66804f5b3fd3709c98ce41ebe1a4a9ce41383afb559282b5d035360960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://readdemonslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:37:28 GMT
content-encoding: gzip
last-modified: Fri, 27 Oct 2023 16:39:42 GMT
server: cloudflare
age: 0
etag: W/"df69c18a6b7ca223bebd3a6b46665609cb2af612"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 81d023f14a2f1e0c-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame DEDC 75 KB
24 KB 135ms
49ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://readdemonslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sat, 28 Oct 2023 03:37:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 411843
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 23 Oct 2023 08:11:06 GMT
Server: cloudflare
ETag: W/"42783f4dfb63346ef86cbdd3594314a1"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvvvOaDlMKUwy%2FKkl4jytdXQ%2BRRg2PH3vNjMdRYfGezf7ul6K5NH69FjKiGVvP7hNdk9wn%2F11zgWMD8G8L%2FljCFXK1gorlZl8C9tpaoBXT31fuhSTEY05SrwFz2n8S82ETeiBpu9B6iNBtUJ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 81d023f12bba037c-FRA

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 229ms
128ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://readdemonslayer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 28 Oct 2023 03:37:28 GMT
server: nginx/1.21.6
via: 1.1 google

POST 1a
i.clean.gg/ Frame DEDC 0
0

GET
H2 200 f Show response
api.purpleads.io/x/v2/ Frame 8784 1 KB
1 KB 426ms
425ms Fetch
application/json 44.196.11.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/f?pid=71bbe119171b48318e28a79448e2e744&demand=unifiedPb&ts=1698464248939
Requested by: Host: readdemonslayer.com
URL: https://readdemonslayer.com/load.js?publisherId=fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-14.compute-1.amazonaws.com
Software: /
Resource Hash: 71c7ef4faa7914c78515c5d73815899adeb37d2b9562e2485de6a5b88df484ce

Request headers

x-request-url: aHR0cHM6Ly9yZWFkZGVtb25zbGF5ZXIuY29tL2luc3VyYW5jZS5odG1s
accept-language: de-DE,de;q=0.9
Authorization: Bearer fd390357c44c040cec69da53209ffb21:ef61b1d6384c12a3fbc00a092a2d4a5619ad2c55b80b66d7e2cd1f3e149918ba86a33050577ce5865c729c33e02f0cf264a898bd750b90172b509ef4280d660e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://readdemonslayer.com/
x-purpleads-version: 2.0.1

Response headers

date: Sat, 28 Oct 2023 03:37:29 GMT
content-encoding: br
pa-user-id: 8896455c-f2df-451f-9ba9-fa65d243338b
etag: W/"573-0zNvPg1KvqfBZUAbSa3Wwb7yS0o"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://readdemonslayer.com
access-control-expose-headers: pa-user-id
access-control-allow-credentials: true

OPTIONS
H2 200 f
api.purpleads.io/x/v2/ Frame 0
0 145ms
144ms Preflight 44.196.11.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/v2/f?pid=71bbe119171b48318e28a79448e2e744&demand=unifiedPb&ts=1698464248939
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-14.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method: GET
Origin: https://readdemonslayer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin: https://readdemonslayer.com
access-control-expose-headers: pa-user-id
access-control-max-age: 86400
date: Sat, 28 Oct 2023 03:37:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JY3BQ4DPF

Domain: ww9.mangaheroacademia.online
URL: https://ww9.mangaheroacademia.online/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.4

Domain: i.clean.gg
URL: https://i.clean.gg/1a

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mangaheroacademia.online/	1970-01-21 01:23:44	Name: _ga_9JY3BQ4DPF Value: GS1.1.1698464245.1.0.1698464245.0.0.0
.mangaheroacademia.online/	1970-01-21 01:23:44	Name: _ga Value: GA1.1.800838399.1698464246
.readdemonslayer.com/	1970-01-21 00:33:20	Name: cf_clearance Value: .fCO6lUCHqAhNPhmmAsJjg8lEWvki_O7udgHBuiRLuo-1698464246-0-1-5477c67a.ab8a20ef.7b1ec9f0-0.2.1698464246
.mangaheroacademia.online/	1970-01-21 01:09:20	Name: __gads Value: ID=29f8bd57659594f1:T=1698464246:RT=1698464246:S=ALNI_MZd6aEmZKrPCEOkk0XIhn6igG9rmQ
.mangaheroacademia.online/	1970-01-21 01:09:20	Name: __gpi Value: UID=00000caa52ed2a7f:T=1698464246:RT=1698464246:S=ALNI_MZJXf7O-BZrVpC7UfOPs-aalKfpxA
.doubleclick.net/	1970-01-21 01:09:20	Name: IDE Value: AHWqTUk2cr5krsCth1TQLNAoXVCZia1F-t4I4DV6_rF50n6NPMz1DipscwUrd-VHv_w
.doubleclick.net/	1970-01-20 15:47:47	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:57:20	Name: ar_debug Value: 1
.prebid.a-mo.net/	1970-01-21 00:33:20	Name: __amc Value: 1_1698464248_1698464248
.script.ac/	1970-01-20 15:47:46	Name: __cf_bm Value: KCPkMksWxHGTgLddAbjJhLOYKF8NZ9_.6YiuNOZUV0g-1698464248-0-Ab4a0cOVsusQcTaecF2L4iiYU0MeVyQPSA6KneBXeyGYM9Yrb6euUUSPooVspN4471p3QW5dobjmx55TngZ3+Sg=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.servenobid.com
api.purpleads.io
b1h-euc1.zemanta.com
cadmus.script.ac
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
i.clean.gg
mp.4dex.io
onetag-sys.com
p4-dmldf4rqpuxqq-vcqyzcqjnzkhpymy-if-v6exp3-v4.metric.gstatic.com
p4-dp5wevfz7re6y-pdi5bpxg57cxkxr2-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid.a-mo.net
prebid.admanmedia.com
readdemonslayer.com
region1.google-analytics.com
script.4dex.io
tpc.googlesyndication.com
ww9.mangaheroacademia.online
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fonts.googleapis.com
i.clean.gg
ww9.mangaheroacademia.online
www.googletagmanager.com
142.250.184.195
142.250.185.130
145.40.97.66
172.217.23.99
2001:4860:4802:34::36
213.227.153.223
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:bee3
2606:4700:3037::ac43:bf3c
2606:4700:4400::6812:22b2
2606:4700::6812:1791
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
3.248.171.173
34.95.69.49
44.196.11.14
51.89.9.251
52.18.191.233
54.171.39.110
80.77.87.130
05bf9f66804f5b3fd3709c98ce41ebe1a4a9ce41383afb559282b5d035360960
0ce0988c87ed7e13373998ed805912c117068fe6b089c5cb4132d1219f22cb6f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f87dae9b5239e481021ae9500b1830a3aebfb6bda94454fc9e6df3bd9e792b8
21c2ce28e68f846c4821e6f5ebfa5f7aab4cd2db02736225b70425fb5a09de9a
25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b
280b8fac5bbf3bf9fba67e961cf10c6ea77974b78e5dba168140b78815dfc54f
2a19e71daeb720ebe229965c98d19c89354d5a59c1de8b6f18804ab02e637dac
2ad01b64693861214f7bcb26e2b4cb206c2a3fdaa674d9a8250ed08abf99afd3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31da0caa7aea97a7e787626c6a4ebae4c491e55fa7c4c9a0474c127bfb74bf64
31f26c5c331b14a9b5ec21d6dd08fd40a1e9642f2eaaadf4a6e8aff5939d166b
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
481e8af1350a1cb62fb63703af509cfba90d0b1eeb33f7046ca9da5b70d26d74
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
50a9d83140fe27b328466b68ee9589b849984e0ecc3df3510b60fe37ed645fc2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ed3e4aeb23e301179fd7db0783e4b96b4a456ca064386d2d2584263685b335
5a88aef0ab2cd802f65de0e4d8cef41721ec341d70f76fb2ace4865463ba584f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c9c2d7f4f43be78f8d492740fe8c4303a580b74af915900255626c4d80d6ec9
605ec05b3db071b83d036f5c4f7fc9e24f92dd5c5ce007d10891a0d3644e4c62
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668e4e5ae0295c1d5bde307941dccee311882e3f6aad4194cda65b388a7ea8e4
6e2e269a77a872510808c5dbd8e32dd624aa70096d9eb10a176f3c4ec90f6fad
71c7ef4faa7914c78515c5d73815899adeb37d2b9562e2485de6a5b88df484ce
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ef6c6e261bb9b814c60ba8ab0e890e8d23dc1db4f55c558c68608b9cdfa7d5d
811e76111eea686fab6c7cfe682017b4c319656cb9f2e02b9ab2723c8d95fea9
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8866db5f4c0449d963acfa4ce708d012e25df2b64125d667992988e9acabdefe
8d5d7d026f14366b5f54830d8b88171cdf8a09d6ffe28c4c8a8e225f63601c13
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9c128e56a21caa5afddb3c944534ead730e08a31e99a7a632681d0a425b67f46
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a77951aa32f6b9a43ab0084032f8e3ddd33eede95e3ad1d0499aa2b30f5b28a8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6e8c70ff6a41e32c71c42eef47edf0c2194f0f39b2f0178869feb2d949527d1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
dd82f6fc030a4b38eca7176b079619808ba33965e942cf6273c18dac1ddb39c9
df92a840b426bc4233439d72a71d25c186c07b499056a886a391b35e26c0737d
e066a7b7cf8f908414188c9991bce798f8d01f998b01ca3a85b1d6c2502e6061
e22b1c669782602af39ff8d71e23c0568def8f95fe9113bfd3fc37d6700a7efb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65f617b7024778edb132228194421ddc4a6cfbb0c4f58c474d05621c094b9e2
e8f56fec032768adce9c800a615c543750de3ebf6a46f5681b79c126a10f0b99
eb3a30bc486d55e2d8f1f916f8c0e7e75d1d23fc1c289c4ca898349d763fc30a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
f8f20ffef711ef888e040385517e047575abfcb007a5bfca425cfafb61662946

ww9.mangaheroacademia.online Open in urlscan Pro 2606:4700:3031::ac43:bee3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

94 %HTTPS

56 %IPv6

22 Domains

28 Subdomains

28 IPs

5 Countries

1562 kBTransfer

4745 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ww9.mangaheroacademia.online Open in urlscan Pro
2606:4700:3031::ac43:bee3 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

94 %
HTTPS

56 %
IPv6

22
Domains

28
Subdomains

28
IPs

5
Countries

1562 kB
Transfer

4745 kB
Size

10
Cookies

109 HTTP transactions
1 data transactions