readms.net Open in urlscan Pro
2606:4700:30::681c:6d5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m.mangastream.com/r/onepunch_man/069/3882/41
Effective URL:
https://readms.net/r/onepunch_man/069/3882/41
Submission: On November 30 via api (November 30th 2019, 1:27:42 pm UTC) from CZ

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 42 HTTP transactions. The main IP is 2606:4700:30::681c:6d5, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is readms.net.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 19th 2019. Valid for: 6 months.

This is the only time readms.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:30:... 2606:4700:30::681b:8f7f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2606:4700:30:... 2606:4700:30::681c:6d5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2606:4700:20:... 2606:4700:20::681a:acb	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:21f... 2600:9000:21f3:a800:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
9	185.33.223.203 185.33.223.203	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE - RhythmOne)
3	74.214.194.133 74.214.194.133	59940 (PULSEPOIN...) (PULSEPOINT-EU)
42	13

2 2606:4700:30::681b:8f7f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

m.mangastream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.mangastream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:30::681c:6d5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

readms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:acb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.223.203 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE - RhythmOne, LLC, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	adnxs.com ib.adnxs.com	8 KB
6	nitropay.com s.nitropay.com tracker.nitropay.com	126 KB
6	readms.net readms.net	192 KB
4	google.com apis.google.com accounts.google.com	104 KB
3	contextweb.com bid.contextweb.com	829 B
3	1rx.io tag.1rx.io	795 B
3	sonobi.com apex.go.sonobi.com	3 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	facebook.net connect.facebook.net	61 KB
2	mangastream.com 1 redirects m.mangastream.com img.mangastream.com	294 KB
1	facebook.com staticxx.facebook.com
1	consensu.org vendorlist.consensu.org	17 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
42	13

	Domain	Requested by
9	ib.adnxs.com	s.nitropay.com
6	readms.net	readms.net
4	tracker.nitropay.com	s.nitropay.com
3	bid.contextweb.com	s.nitropay.com
3	tag.1rx.io	s.nitropay.com
3	apex.go.sonobi.com	s.nitropay.com
3	apis.google.com	readms.net s.nitropay.com
2	fonts.gstatic.com	readms.net
2	connect.facebook.net	s.nitropay.com
2	s.nitropay.com	readms.net s.nitropay.com
1	staticxx.facebook.com	connect.facebook.net
1	vendorlist.consensu.org	s.nitropay.com
1	accounts.google.com	apis.google.com
1	img.mangastream.com	readms.net
1	cdnjs.cloudflare.com	readms.net
1	m.mangastream.com	1 redirects
42	16

This site contains no links.

Subject Issuer	Validity	Valid
sni11264.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-19` - `2020-05-27`	6 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-20` - `2020-05-28`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-08` - `2020-10-09`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://readms.net/r/onepunch_man/069/3882/41
Frame ID: 35E0228301C3DDB4D1202EC9FD4E0CF8
Requests: 40 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 6B0C3553C816C53E7B30BF6489F3D79F
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 1A2FCE2970CDD87FB6FB78FA70E2C8C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://m.mangastream.com/r/onepunch_man/069/3882/41 HTTP 302
https://readms.net/r/onepunch_man/069/3882/41 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

42
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

13
IPs

5
Countries

844 kB
Transfer

2290 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m.mangastream.com/r/onepunch_man/069/3882/41 HTTP 302
https://readms.net/r/onepunch_man/069/3882/41 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 41 Show response
readms.net/r/onepunch_man/069/3882/
Redirect Chain

https://m.mangastream.com/r/onepunch_man/069/3882/41
https://readms.net/r/onepunch_man/069/3882/41

21 KB
4 KB

166ms
129ms

Document
text/html

2606:4700:30::681c:6d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://readms.net/r/onepunch_man/069/3882/41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:6d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04a26081d71f5cd5483a5f05ca15b05c2a1e60360d81a8525c39d344fe911d13

Request headers

:method: GET
:authority: readms.net
:scheme: https
:path: /r/onepunch_man/069/3882/41
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Sat, 30 Nov 2019 13:27:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc79bd724c09e4bcf0fdc4fb97ea358ba1575120445; expires=Mon, 30-Dec-19 13:27:25 GMT; path=/; domain=.readms.net; HttpOnly
last-modified: Sat, 10 Dec 2016 20:46:34 GMT
expires: Sat, 30 Nov 2019 14:27:25 GMT
cache-control: max-age=3600
vary: Accept-Encoding, User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53dd28a2dc20cbac-VIE
content-encoding: br

Redirect headers

status: 302
date: Sat, 30 Nov 2019 13:27:25 GMT
content-type: text/html
set-cookie: __cfduid=dea019408ee08091bfeb14680ea6c25e51575120445; expires=Mon, 30-Dec-19 13:27:25 GMT; path=/; domain=.mangastream.com; HttpOnly; Secure
location: https://readms.net/r/onepunch_man/069/3882/41
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53dd28a1fb12cbcc-VIE

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
7 KB 19ms
18ms Stylesheet
text/css 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 19754374
cf-ray: 53dd28a3ba68cba4-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-9226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 19 Nov 2020 13:27:26 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.065

GET
H2 200 mangastream.css
readms.net/assets/css/ 326 KB
36 KB 21ms
20ms Stylesheet
text/css 2606:4700:30::681c:6d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://readms.net/assets/css/mangastream.css?229029
Requested by: Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:6d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6145221a47371d4ee7e73d2a3fe31d61f41b2b435d17741803558a6724ca6c5b

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Oct 2018 15:45:45 GMT
server: cloudflare
age: 780
etag: W/"5bb635a9-51770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=900
cf-ray: 53dd28a3beb9cbac-VIE
expires: Sat, 30 Nov 2019 13:29:26 GMT

GET
H2 200 ads-3.js Show response
s.nitropay.com/ 297 KB
89 KB 73ms
30ms Script
application/javascript 2606:4700:20::681a:acb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-3.js

Requested by

Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a555cf7087ac27c6e1ca8c16640278ec24d6bbbc77abd244370150d1af9fc60

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1574548938
age: 1186
x-guploader-uploadid: AEnB2UrBw1jnhxHo-M6GIiu8DzPAxymnW4Kh09JPAy7tWIgynHMFa83lfqhmjnAvWK_88Zry2ysfYs2nze-KyK6z-LQXrvxdOQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 27 Nov 2019 19:53:20 GMT
server: cloudflare
etag: W/"3a2a4a1ddecfc8b6cb8fdebb840ddabb:1574884400000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=vwTvzQ==, md5=OipKHd7PyLbLj967hA3auw==
content-type: application/javascript
x-goog-generation: 1574548945853388
cache-control: private, max-age=600
x-goog-stored-content-length: 279760
cf-ray: 53dd28a3fc62cba8-VIE
expires: Sat, 30 Nov 2019 14:07:40 GMT

GET
H2 200 041.png
img.mangastream.com/cdn/manga/125/3882/ 293 KB
294 KB 35ms
21ms Image
image/png 2606:4700:30::681b:8f7f
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.mangastream.com/cdn/manga/125/3882/041.png
Requested by: Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:8f7f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b1307ab1562b979cf0a5ef6f8f2d6c6e4735a558e969d78c7cf6cc4ae517569

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
cf-cache-status: HIT
last-modified: Sat, 10 Dec 2016 20:46:34 GMT
server: cloudflare
age: 64942
etag: "584c69aa-494ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 53dd28a3c84bcbcc-VIE
content-length: 300270
expires: Fri, 06 Dec 2019 19:25:04 GMT

GET
H2 200 build.js Show response
readms.net/assets/js/ 145 KB
45 KB 26ms
26ms Script
application/javascript 2606:4700:30::681c:6d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://readms.net/assets/js/build.js
Requested by: Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:6d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38d917e56d9599b9b288f510884198530a07089940f44c76e0e739e9ebc4e038

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2017 16:22:48 GMT
server: cloudflare
age: 793
etag: W/"59f9f4d8-2431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=900
cf-ray: 53dd28a3bec0cbac-VIE
expires: Sat, 30 Nov 2019 13:29:13 GMT

GET
H2 200 api:client.js Show response
apis.google.com/js/ 13 KB
5 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2d49a8f645e969d7e519568a80b91d91374e19fbdd2938321bf9a69a85b9c101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-cQAZYhhX8JUJMN79zHKCDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "bdf1e18cd51df33f09bbdd1504daf378"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Sat, 30 Nov 2019 13:27:26 GMT

GET
H2 200 vendor.js Show response
readms.net/assets/js/ 347 KB
95 KB 22ms
21ms Script
application/javascript 2606:4700:30::681c:6d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://readms.net/assets/js/vendor.js?229029
Requested by: Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:6d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4a3329d2d9fcbdab37fbbb6d83c515550d7652387d4eed41b2a5970fcd0a49f

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Oct 2018 15:45:45 GMT
server: cloudflare
age: 825
etag: W/"5bb635a9-56a3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=900
cf-ray: 53dd28a42ff1cbac-VIE
expires: Sat, 30 Nov 2019 13:28:41 GMT

GET
H2 200 app.js Show response
readms.net/assets/js/ 42 KB
10 KB 20ms
20ms Script
application/javascript 2606:4700:30::681c:6d5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://readms.net/assets/js/app.js?229029
Requested by: Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:6d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f84d1cb6d3d5e259f1df51fca69de8f9012875345762314a105f8d2761ee63d

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Oct 2018 19:14:15 GMT
server: cloudflare
age: 825
etag: W/"5bd0c487-a606"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=900
cf-ray: 53dd28a43809cbac-VIE
expires: Sat, 30 Nov 2019 13:28:41 GMT

GET
H2 200 cmp.bundle-5.2.js Show response
s.nitropay.com/ 162 KB
36 KB 22ms
22ms Script
text/javascript 2606:4700:20::681a:acb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/cmp.bundle-5.2.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ecf6ace76e45e7bb3726789d6713eb6cb88ea63f675e209911b0e7547e39ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 20
status: 200
x-guploader-uploadid: AEnB2UoLsRSN0w4_BFGCcWaGmq2EWiWrdjBkwd8-4ggxWupWFdXBTb5sYkIPpvNAhc7wlnRq_WlxQ0Ek_wzxWd6RIUgZalUP7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 09 Sep 2019 19:52:37 GMT
server: cloudflare
etag: W/"1a84b63b7aabd0403e6989851c900302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=NgbPBg==, md5=GoS2O3qr0EA+aYmFHJADAg==
content-type: text/javascript
x-goog-generation: 1568058757374114
cache-control: public, max-age=3600
x-goog-stored-content-length: 166278
cf-ray: 53dd28a46da3cba8-VIE
expires: Sat, 30 Nov 2019 14:27:06 GMT

GET
H2 200 analytics
tracker.nitropay.com/sites/3/ 0
0 184ms
142ms Fetch 2606:4700:20::681a:acb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/sites/3/analytics

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
status: 200
cf-ray: 53dd28a4a964cbac-VIE
alt-svc: clear
content-length: 0

GET
H2 200 logo-tiny-white.png
readms.net/assets/img/ 2 KB
2 KB 18ms
18ms Image
image/png 2606:4700:30::681c:6d5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://readms.net/assets/img/logo-tiny-white.png
Requested by: Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:6d5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7a3727e85c04676e949655f7665b7c02dcc12c863bb78cf0d57e9e86b12901

Request headers

Referer: https://readms.net/assets/css/mangastream.css?229029
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:26 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Nov 2017 16:22:48 GMT
server: cloudflare
age: 370998
etag: "59f9f4d8-742"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 53dd28a478afcbac-VIE
content-length: 1858
expires: Tue, 03 Dec 2019 06:24:08 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ 287 KB
99 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 01:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Nov 2019 22:37:32 GMT
server: sffe
age: 993926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 101118
x-xss-protection: 0
expires: Wed, 18 Nov 2020 01:22:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

82a4b587d4f3d1a2502c3e4578061a657964af4c228291c62c3f29c7d043358c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: U/qsymYBjYM2iWwr9lz7xQ==
status: 200
date: Sat, 30 Nov 2019 13:27:26 GMT
expires: Sat, 30 Nov 2019 13:44:40 GMT
alt-svc: h3-23=":443"; ma=3600
content-length: 1779
x-fb-debug: 811ZzaOaFd/sWGH/4klmHeKUomJEoU7TmCUuoDMuWzmWNERCXczH5zTVxLr3Ml7Bz1/jSf4weAcTGfB1K1LbNg==
x-fb-trip-id: 420120009
x-fb-content-md5: 87350e1e4bdd9d2d0099b19c1ce0c5d4
etag: "b3ad5a82712fb44660a86d224fda23b8"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/ 71 B
144 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_1

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 17:45:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 22:31:30 GMT
server: sffe
age: 762116
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
expires: Fri, 20 Nov 2020 17:45:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7ccc5cfa272fca877d749a412061f30e&ua=modern_es6

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

58ef4f38bc7f26201b1c267e4143094a29ecad9376c0eae8e1f124e622c90bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: S3uFD2X31fOU8AcpbQMiMQ==
status: 200
date: Sat, 30 Nov 2019 13:27:26 GMT
expires: Sun, 29 Nov 2020 11:33:11 GMT
alt-svc: h3-23=":443"; ma=3600
content-length: 59475
x-fb-debug: nE3bdKV/f3WvQG1wL67ID6xAiNhO8xbU4pvYFZ8IujKOuxVQeAF3J/NZi3R6LY5IqKVRLzqLXP4J16h0Rejq4w==
x-fb-trip-id: 420120009
x-fb-content-md5: 2315692640243515525abe16a88e3b1a
etag: "d2742289d8e4f0bf1a41de67ef4d5312"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 6B0C 0
0 57ms
44ms Document
text/html 2a00:1450:4001:81c::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2O_3XQTFIPY.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCM0JjSA0I0wvcxN0q5y4p-sc5Yxiw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OIe1W8GGlizI/JmhgX8Vdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://readms.net/r/onepunch_man/069/3882/41
accept-encoding: gzip, deflate, br
cookie: NID=192=iplajZ-EbXoWQdWmrpXaYYCnz3HNI17Le9Ij13s1rhaoSRH1fjuzfz1y_TbHTHIgeGEG1TQQi4LmlznfD5z8Lg8jaHw7HqNhJ3KNu_pvwc_qwMZZ0R04fYCH8bzEWaS8ghrU5AjGL-RNQxuQoiNFTcZ8oJe6tzLc8PGZecRK2gA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://readms.net/r/onepunch_man/069/3882/41

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Nov 2019 13:27:26 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-OIe1W8GGlizI/JmhgX8Vdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 91 KB
17 KB 26ms
11ms Fetch
application/json 2600:9000:21f3:a800:1:af78:4c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/cmp.bundle-5.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:a800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a53d4df190d658e52a1fbcea3fdda92433c812e35bb7a789876ff1c75ddb4bd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net

Response headers

date: Sat, 23 Nov 2019 17:32:36 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 590091
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 21 Nov 2019 16:00:26 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: q4qmkF37jkDkebN8AzjM.kkdN85YVWej
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
content-type: application/json; charset=utf-8
x-amz-cf-id: 3kJykWfJqUBt-NS0_dr1nOYuCiprdZPMQ6kO4We4P47hb-cdOvM_Hw==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net

Response headers

date: Wed, 20 Nov 2019 04:44:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 895380
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15872
x-xss-protection: 0
expires: Thu, 19 Nov 2020 04:44:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: readms.net
URL: https://readms.net/r/onepunch_man/069/3882/41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net

Response headers

date: Wed, 20 Nov 2019 04:53:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 894817
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15736
x-xss-protection: 0
expires: Thu, 19 Nov 2020 04:53:49 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 1A2F 0
0 6ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7ccc5cfa272fca877d749a412061f30e&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://readms.net/r/onepunch_man/069/3882/41
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://readms.net/r/onepunch_man/069/3882/41

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sun, 29 Nov 2020 02:05:02 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 1N3Flx3fA1aShFSjZfZ5oVTH6q+dpBBtuQSmGNRpB4Btt133ucY5KjpCLD3xyOby8I8MxMR3M4ZwY7xSLw6P0Q==
content-length: 12385
x-fb-trip-id: 420120009
date: Sat, 30 Nov 2019 13:27:26 GMT
alt-svc: h3-23=":443"; ma=3600

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 113ms
21ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d575f352924cdb0b4ef2dba7b30dd683beabd87f43174ba1371229d6626b804f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid: effee6af-1dcb-472c-a70f-a6cf0b1a3b52
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 137 B
825 B 104ms
13ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d127107682f8a447bc084c7f25114b745c1747fdbc81961b0b39d0edaa15bcf5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid: 5e4209bd-e901-4eb6-9107-5aeb88fe275e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 149 B
1 KB 154ms
54ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226c5911a50264c9%22%3A%22105cbd19f749fd31e5b2%7C728x90%2C970x250%2C970x90%22%7D&ref=https%3A%2F%2Freadms.net%2Fr%2Fonepunch_man%2F069%2F3882%2F41&s=09400d07-69fe-4f08-a03c-6883e5a45099&pv=551f2745-af92-407c-888d-d8bd661c5088&vp=desktop&lib_name=prebid&lib_v=2.39.0&us=5&ius=1&gdpr=false&

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3dc42231122cecce95a00813a9ff7a36c2f8242d91086c00149c17a54ec962cb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:36 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 152
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/64676/0/ 0
265 B 124ms
21ms XHR
text/plain 213.19.147.210
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/64676/0/mvo?z=1r&hbv=2.39,2.1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://readms.net
Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:36 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
373 B 113ms
14ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Nov 2019 13:27:35 GMT
server: envoy
status: 204
cwdl: 22/2528
access-control-allow-origin: https://readms.net
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cw-server: bid-deployment-5798b746fb-w8wxm
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
737 B 101ms
12ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid: e8fdf329-313c-4d48-aeb3-c6627044d28c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 150 B
1 KB 158ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22145aa01d9a8d329%22%3A%22105cbd19f749fd31e5b2%7C160x600%2C300x600%2C300x250%22%7D&ref=https%3A%2F%2Freadms.net%2Fr%2Fonepunch_man%2F069%2F3882%2F41&s=7f68b128-1011-485e-855c-568892ff8df7&pv=551f2745-af92-407c-888d-d8bd661c5088&vp=desktop&lib_name=prebid&lib_v=2.39.0&us=5&ius=1&gdpr=false&

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

aaee18931a1b5cec4dfeab5a1535fe3f353833fe1a5aec966b1832eb278aa28c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:36 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 153
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
239 B 112ms
16ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Nov 2019 13:27:35 GMT
server: envoy
status: 204
cwdl: 22/2528,22/2528,22/2528
access-control-allow-origin: https://readms.net
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cw-server: bid-deployment-5798b746fb-fvxdf
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
706 B 102ms
15ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid: 9574d77b-5a6a-47f0-aa39-c00b6b6dbb34
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 107ms
20ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a1e352bd9a0c6b3c2d61035194b7b8858fffbd929a8ff0d39eb18086620a57ab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid: af8c84ab-abe2-4574-b6fc-5858ab6e6cea
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/64676/0/ 0
265 B 134ms
20ms XHR
text/plain 213.19.147.210
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/64676/0/mvo?z=1r&hbv=2.39,2.1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://readms.net
Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:36 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
736 B 105ms
12ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid: 27a8db8a-53fe-4129-b970-5489c377090d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
217 B 14ms
14ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Nov 2019 13:27:35 GMT
server: envoy
status: 204
cwdl: 22/2528
access-control-allow-origin: https://readms.net
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cw-server: bid-deployment-5798b746fb-bmzm2
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 21ms
21ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f28b1d3ab753520613d870b9438e014a2795682691e5c25f7d155f0e8737cdbf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: 623eb83a-54c9-4f57-b2e1-33fda6af93ba
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 150 B
1 KB 53ms
28ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22328df2635398dc1%22%3A%22105cbd19f749fd31e5b2%7C728x90%22%7D&ref=https%3A%2F%2Freadms.net%2Fr%2Fonepunch_man%2F069%2F3882%2F41&s=2f09b010-4dc5-427c-83ca-b6c6579355ef&pv=551f2745-af92-407c-888d-d8bd661c5088&vp=desktop&lib_name=prebid&lib_v=2.39.0&us=5&ius=1&gdpr=false&

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c107c8b897d6f3d16415842a7bb46e65287d00ba5b2e8d79ec7854fb71ec358c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:36 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 153
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/64676/0/ 0
265 B 36ms
19ms XHR
text/plain 213.19.147.210
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/64676/0/mvo?z=1r&hbv=2.39,2.1
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://readms.net
Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:36 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
705 B 14ms
13ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 5e113320-5ff7-4461-a17c-a897f7f46b47
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
737 B 12ms
11ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
Origin: https://readms.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 13:27:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.164:80
AN-X-Request-Uuid: a02c3df4-5bc6-4a05-8f22-9eb1c2719a15
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://readms.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.png
tracker.nitropay.com/ 73 B
300 B 137ms
137ms Image
image/png 2606:4700:20::681a:acb
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.nitropay.com/pixel.png?s=3&wb=eyJhZFVuaXRDb2RlIjoibXNhLXJlYWRlci1hdGYiLCJiaWRkZXIiOiJibGFuayIsImhlaWdodCI6MCwid2lkdGgiOjAsImNwbSI6MCwiY3JlYXRpdmVJZCI6IiIsImhyZWYiOiJodHRwczovL3JlYWRtcy5uZXQvci9vbmVwdW5jaF9tYW4vMDY5LzM4ODIvNDEiLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiMjY1ZDY5NTUtMWQ1My00Yjg1LTkxOTEtNmE1OTBjMDUzOGRmIiwidGltZXN0YW1wIjoxNTc1MTIwNDU2NDIwfQ%3D%3D&f=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
status: 200
cache-control: no-cache
cf-ray: 53dd28e4ab1acba8-VIE
alt-svc: clear
content-length: 73

GET
H2 200 pixel.png
tracker.nitropay.com/ 73 B
130 B 142ms
142ms Image
image/png 2606:4700:20::681a:acb
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.nitropay.com/pixel.png?s=3&wb=eyJhZFVuaXRDb2RlIjoibXNhLWZvb3Rlci1idGYiLCJiaWRkZXIiOiJibGFuayIsImhlaWdodCI6MCwid2lkdGgiOjAsImNwbSI6MCwiY3JlYXRpdmVJZCI6IiIsImhyZWYiOiJodHRwczovL3JlYWRtcy5uZXQvci9vbmVwdW5jaF9tYW4vMDY5LzM4ODIvNDEiLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiNTk0ZjZlODEtOTdmYi00NGZkLThkZWEtYmJmZWEzMDEwODQ0IiwidGltZXN0YW1wIjoxNTc1MTIwNDU2NDI2fQ%3D%3D&f=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
status: 200
cache-control: no-cache
cf-ray: 53dd28e4bb29cba8-VIE
alt-svc: clear
content-length: 73

GET
H2 200 pixel.png
tracker.nitropay.com/ 73 B
130 B 136ms
136ms Image
image/png 2606:4700:20::681a:acb
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.nitropay.com/pixel.png?s=3&wb=eyJhZFVuaXRDb2RlIjoibXNhLXJlYWRlci1zaWRlIiwiYmlkZGVyIjoiYmxhbmsiLCJoZWlnaHQiOjAsIndpZHRoIjowLCJjcG0iOjAsImNyZWF0aXZlSWQiOiIiLCJocmVmIjoiaHR0cHM6Ly9yZWFkbXMubmV0L3Ivb25lcHVuY2hfbWFuLzA2OS8zODgyLzQxIiwiYWNjZXB0YWJsZSI6ZmFsc2UsInJlcXVlc3RJZCI6IjgxNzJkZWI1LTQ1YjItNDJjNi1hMDQwLTk3ZWQ5NjBiMDdhNiIsInRpbWVzdGFtcCI6MTU3NTEyMDQ1NjQyN30%3D&f=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://readms.net/r/onepunch_man/069/3882/41
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 13:27:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
status: 200
cache-control: no-cache
cf-ray: 53dd28e4bb2ccba8-VIE
alt-svc: clear
content-length: 73

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 09:55:31	Name: NID Value: 192=iplajZ-EbXoWQdWmrpXaYYCnz3HNI17Le9Ij13s1rhaoSRH1fjuzfz1y_TbHTHIgeGEG1TQQi4LmlznfD5z8Lg8jaHw7HqNhJ3KNu_pvwc_qwMZZ0R04fYCH8bzEWaS8ghrU5AjGL-RNQxuQoiNFTcZ8oJe6tzLc8PGZecRK2gA
.readms.net/	1970-01-19 06:15:12	Name: __cfduid Value: dc79bd724c09e4bcf0fdc4fb97ea358ba1575120445
.readms.net/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
readms.net/r/onepunch_man/069/3882	1969-12-31 23:59:59	Name: loglevel Value: INFO

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://s.nitropay.com/ads-3.js(Line 1) Message: NitroAds: Loaded. Version: 20191123-2f66678, Geo: DE, Timeout: 2000.
console-api	info	URL: https://s.nitropay.com/ads-3.js(Line 1) Message: NitroAds: Ad Unit: msa-reader-atf, display, 265d6955-1d53-4b85-9191-6a590c0538df
console-api	info	URL: https://s.nitropay.com/ads-3.js(Line 1) Message: NitroAds: Ad Unit: msa-reader-side, display, 8172deb5-45b2-42c6-a040-97ed960b07a6
console-api	info	URL: https://s.nitropay.com/ads-3.js(Line 1) Message: NitroAds: Ad Unit: msa-footer-btf, display, 594f6e81-97fb-44fd-8dea-bbfea3010844
console-api	error	URL: https://s.nitropay.com/ads-3.js(Line 1) Message: NitroAds: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.nitropay.com/ads-3.js(Line 1) Message: NitroAds: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://s.nitropay.com/ads-3.js(Line 1) Message: NitroAds: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apex.go.sonobi.com
apis.google.com
bid.contextweb.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.gstatic.com
ib.adnxs.com
img.mangastream.com
m.mangastream.com
readms.net
s.nitropay.com
staticxx.facebook.com
tag.1rx.io
tracker.nitropay.com
vendorlist.consensu.org
178.162.133.150
185.33.223.203
213.19.147.210
2600:9000:21f3:a800:1:af78:4c0:93a1
2606:4700:20::681a:acb
2606:4700:30::681b:8f7f
2606:4700:30::681c:6d5
2606:4700::6811:4004
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::200d
2a00:1450:4001:81f::2003
2a03:2880:f01c:8012:face:b00c:0:3
74.214.194.133
04a26081d71f5cd5483a5f05ca15b05c2a1e60360d81a8525c39d344fe911d13
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2d49a8f645e969d7e519568a80b91d91374e19fbdd2938321bf9a69a85b9c101
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
38d917e56d9599b9b288f510884198530a07089940f44c76e0e739e9ebc4e038
3dc42231122cecce95a00813a9ff7a36c2f8242d91086c00149c17a54ec962cb
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab
58ef4f38bc7f26201b1c267e4143094a29ecad9376c0eae8e1f124e622c90bc7
5f84d1cb6d3d5e259f1df51fca69de8f9012875345762314a105f8d2761ee63d
6145221a47371d4ee7e73d2a3fe31d61f41b2b435d17741803558a6724ca6c5b
66a0b2283ca6af83098411b1427182d52615727bc51d7feba1bceab69aa2b72d
6b1307ab1562b979cf0a5ef6f8f2d6c6e4735a558e969d78c7cf6cc4ae517569
76ecf6ace76e45e7bb3726789d6713eb6cb88ea63f675e209911b0e7547e39ea
7a53d4df190d658e52a1fbcea3fdda92433c812e35bb7a789876ff1c75ddb4bd
7a555cf7087ac27c6e1ca8c16640278ec24d6bbbc77abd244370150d1af9fc60
82a4b587d4f3d1a2502c3e4578061a657964af4c228291c62c3f29c7d043358c
a1e352bd9a0c6b3c2d61035194b7b8858fffbd929a8ff0d39eb18086620a57ab
aaee18931a1b5cec4dfeab5a1535fe3f353833fe1a5aec966b1832eb278aa28c
ae7a3727e85c04676e949655f7665b7c02dcc12c863bb78cf0d57e9e86b12901
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
c107c8b897d6f3d16415842a7bb46e65287d00ba5b2e8d79ec7854fb71ec358c
c4a3329d2d9fcbdab37fbbb6d83c515550d7652387d4eed41b2a5970fcd0a49f
d127107682f8a447bc084c7f25114b745c1747fdbc81961b0b39d0edaa15bcf5
d575f352924cdb0b4ef2dba7b30dd683beabd87f43174ba1371229d6626b804f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f28b1d3ab753520613d870b9438e014a2795682691e5c25f7d155f0e8737cdbf

readms.net Open in urlscan Pro 2606:4700:30::681c:6d5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

69 %IPv6

13 Domains

16 Subdomains

13 IPs

5 Countries

844 kBTransfer

2290 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

readms.net Open in urlscan Pro
2606:4700:30::681c:6d5 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

13
IPs

5
Countries

844 kB
Transfer

2290 kB
Size

4
Cookies

42 HTTP transactions
0 data transactions