www.manhuagui.com Open in urlscan Pro
139.162.106.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.mhgui.com/comic/35579/488749.html
Effective URL:
https://www.manhuagui.com/comic/35579/488749.html
Submission Tags: falconsandbox
Submission: On February 24 via api (February 24th 2023, 7:25:46 am UTC) from US — Scanned from DE

Summary HTTP 342 Redirects Behaviour Indicators

Summary

This website contacted 48 IPs in 12 countries across 32 domains to perform 342 HTTP transactions. The main IP is 139.162.106.29, located in Tokyo, Japan and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is www.manhuagui.com. The Cisco Umbrella rank of the primary domain is 602547.
TLS certificate: Issued by R3 on January 1st 2023. Valid for: 3 months.

This is the only time www.manhuagui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.189.8.124 107.189.8.124	53667 (PONYNET) (PONYNET)
3	139.162.106.29 139.162.106.29	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
18	104.21.81.135 104.21.81.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1 12	2606:4700:e6:... 2606:4700:e6::ac40:c81a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	65.108.141.188 65.108.141.188	24940 (HETZNER-AS) (HETZNER-AS)
20	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
51	2600:9000:225... 2600:9000:2250:8a00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
5	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
35	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
3 9	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2600:9000:221... 2600:9000:221e:2c00:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
4 10	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
10	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	172.105.236.33 172.105.236.33	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
6	54.95.227.57 54.95.227.57	16509 (AMAZON-02) (AMAZON-02)
6	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
11 22	34.96.119.68 34.96.119.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11 11	139.162.38.30 139.162.38.30	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
5 10	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
3	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
3	13.113.89.39 13.113.89.39	16509 (AMAZON-02) (AMAZON-02)
3	35.186.204.155 35.186.204.155	15169 (GOOGLE) (GOOGLE)
3	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
3	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:11a... 2a02:26f0:11a::5f65:1760	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	108.138.7.64 108.138.7.64	() ()
1	2a02:26f0:dc:... 2a02:26f0:dc::6853:40a	() ()
10	130.211.28.216 130.211.28.216	() ()
6	52.193.146.227 52.193.146.227	() ()
4	207.244.89.4 207.244.89.4	() ()
6	2a00:1450:400... 2a00:1450:4001:831::2002	() ()
2	2a00:1450:400... 2a00:1450:400d:803::2002	() ()
2	2a00:1450:400... 2a00:1450:400d:80c::2002	() ()
2	2a00:1450:400... 2a00:1450:400d:80c::2001	() ()
6	2a00:1450:400... 2a00:1450:400d:802::2002	() ()
6	2a00:1450:400... 2a00:1450:400d:803::2001	() ()
2	2a00:1450:400... 2a00:1450:400d:807::2004	() ()
342	48

1 107.189.8.124 (Luxembourg, Luxembourg) 1 redirects

ASN53667 (PONYNET, US)

www.mhgui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.162.106.29 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1590-29.members.linode.com

www.manhuagui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.21.81.135 (None, )

ASN13335 (CLOUDFLARENET, US)

cf.hamreus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:e6::ac40:c81a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.bmcdn5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bmcdn5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.bmcdn5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.108.141.188 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.141.108.65.clients.your-server.de

i.hamreus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

rd.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2600:9000:2250:8a00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.201.76.93 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:221e:2c00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.210.196.208 (Sykesville, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.105.236.33 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1890-33.members.linode.com

logs.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.95.227.57 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-227-57.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.96.119.68 (Kansas City, United States) 11 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 139.162.38.30 (Singapore) 11 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1451-30.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::c (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

www.lookit.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.113.89.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-89-39.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.204.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 155.204.186.35.bc.googleusercontent.com

ad.adondemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:11a::5f65:1760 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.64 (None, )

ASN- ()

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc::6853:40a (None, )

ASN- ()

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 130.211.28.216 (None, )

ASN- ()

img.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.193.146.227 (None, )

ASN- ()

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 207.244.89.4 (None, )

ASN- ()

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (None, )

ASN- ()

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (None, )

ASN- ()

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2001 (None, )

ASN- ()

4e3d9b4ab1ee60beeb1400325640feff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9301cb9f0109ac4965511cba9969e0b4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:803::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	holmesmind.com 3 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 146901 fcm.holmesmind.com — Cisco Umbrella Rank: 166248 c.holmesmind.com — Cisco Umbrella Rank: 112784 adcdn.holmesmind.com — Cisco Umbrella Rank: 155205 ad.holmesmind.com — Cisco Umbrella Rank: 101398 m.holmesmind.com — Cisco Umbrella Rank: 276376	288 KB
37	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 112776 rd.sitemaji.com — Cisco Umbrella Rank: 364787 ssl.sitemaji.com — Cisco Umbrella Rank: 240073 logs.sitemaji.com — Cisco Umbrella Rank: 176166	258 KB
35	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 78003 dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net	37 KB
33	appier.net 22 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 44761 gocm.c.appier.net — Cisco Umbrella Rank: 1988	5 KB
27	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 378 bidder.criteo.com — Cisco Umbrella Rank: 714 mug.criteo.com — Cisco Umbrella Rank: 2719	39 KB
20	hamreus.com cf.hamreus.com — Cisco Umbrella Rank: 427222 i.hamreus.com — Cisco Umbrella Rank: 513867	819 KB
14	googlesyndication.com 4e3d9b4ab1ee60beeb1400325640feff.safeframe.googlesyndication.com 9301cb9f0109ac4965511cba9969e0b4.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	79 KB
14	aralego.com 4 redirects agent.aralego.com — Cisco Umbrella Rank: 256913 ads.aralego.com — Cisco Umbrella Rank: 27087 sync.aralego.com	9 KB
12	bmcdn5.com 1 redirects cdn.bmcdn5.com — Cisco Umbrella Rank: 170251 static.bmcdn5.com — Cisco Umbrella Rank: 262390 media.bmcdn5.com — Cisco Umbrella Rank: 265537	359 KB
11	feebee.com.tw fsa-api.feebee.com.tw — Cisco Umbrella Rank: 257511	20 KB
10	feebee.tw img.feebee.tw	173 KB
10	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 202 securepubads.g.doubleclick.net	312 KB
10	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 12219	184 KB
9	logly.co.jp l.logly.co.jp sync.logly.co.jp	4 KB
7	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26007 audiencedata.im-apps.net	11 KB
6	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 11235 geo.yahoo.com — Cisco Umbrella Rank: 1586	2 KB
6	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19007	1 KB
6	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	239 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	23 KB
4	google.com adservice.google.com www.google.com	2 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 466	89 KB
3	adondemand.com ad.adondemand.com — Cisco Umbrella Rank: 836608	47 KB
3	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 109745	49 KB
3	lookit.tw www.lookit.tw — Cisco Umbrella Rank: 956551	2 KB
3	manhuagui.com www.manhuagui.com — Cisco Umbrella Rank: 602547	4 KB
2	google.de adservice.google.de	696 B
2	gstatic.com fonts.gstatic.com	32 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2425	310 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	77 KB
1	mhgui.com 1 redirects www.mhgui.com	195 B
342	32

	Domain	Requested by
51	cdn.holmesmind.com	ad.sitemaji.com cdn.holmesmind.com agent.aralego.com ad.holmesmind.com ad.adondemand.com
32	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
22	ad2.apx.appier.net	11 redirects www.manhuagui.com www.lookit.tw
18	cf.hamreus.com	www.manhuagui.com cf.hamreus.com
15	logs.sitemaji.com	www.manhuagui.com www.lookit.tw
13	ad.sitemaji.com	www.manhuagui.com ad.sitemaji.com agent.aralego.com ads.aralego.com
12	bidder.criteo.com	static.criteo.net
11	fsa-api.feebee.com.tw	ad.sitemaji.com www.manhuagui.com www.lookit.tw
11	gocm.c.appier.net	11 redirects
10	img.feebee.tw	ad.sitemaji.com
10	gum.criteo.com	5 redirects static.criteo.net
10	cdn.aralego.net	agent.aralego.com www.lookit.tw ads.aralego.com
9	c.holmesmind.com	3 redirects cdn.holmesmind.com
8	ads.aralego.com	2 redirects agent.aralego.com ads.aralego.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.lookit.tw
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.lookit.tw
6	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
6	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
6	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
6	prebid-asia.creativecdn.com	cdn.holmesmind.com
6	static.criteo.net	cdn.holmesmind.com
6	ad.holmesmind.com	cdn.holmesmind.com
6	adcdn.holmesmind.com	cdn.holmesmind.com
6	media.bmcdn5.com	1 redirects cdn.bmcdn5.com
5	cdnjs.cloudflare.com	ad.sitemaji.com
5	mug.criteo.com
5	ssl.sitemaji.com	ad.sitemaji.com
5	fcm.holmesmind.com	cdn.holmesmind.com
5	cdn.bmcdn5.com	www.manhuagui.com cdn.bmcdn5.com
4	sync.aralego.com	ads.aralego.com www.lookit.tw
4	cm.g.doubleclick.net	4 redirects
4	rd.sitemaji.com	ad.sitemaji.com
3	l.logly.co.jp	nt.compass-fit.jp
3	geo.yahoo.com	www.lookit.tw s.yimg.com
3	ads.yap.yahoo.com	s.yimg.com
3	s.yimg.com	ad.adondemand.com
3	ad.adondemand.com	www.lookit.tw
3	nt.compass-fit.jp	www.manhuagui.com
3	dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
3	m.holmesmind.com	cdn.holmesmind.com
3	www.lookit.tw	agent.aralego.com www.manhuagui.com
3	www.manhuagui.com	cf.hamreus.com
2	www.google.com	tpc.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	agent.aralego.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	i.hamreus.com
2	region1.google-analytics.com	www.googletagmanager.com
1	9301cb9f0109ac4965511cba9969e0b4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	4e3d9b4ab1ee60beeb1400325640feff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	s0.2mdn.net	media.bmcdn5.com
1	fonts.googleapis.com	media.bmcdn5.com
1	static.bmcdn5.com	cdn.bmcdn5.com
1	www.googletagmanager.com	cf.hamreus.com
1	www.mhgui.com	1 redirects
342	57

This site contains no links.

Subject Issuer	Validity	Valid
hamreus.com R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
feebee.com.tw R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
*.bmcdn5.com E1	`2023-01-12` - `2023-04-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
logs.sitemaji.com R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2022-04-04` - `2023-05-06`	a year	crt.sh
adondemand.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-03-08`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-03-08`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-06` - `2023-05-31`	6 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-10` - `2023-06-11`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-02-21` - `2023-08-01`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 61 frames:

Primary Page: https://www.manhuagui.com/comic/35579/488749.html
Frame ID: 2B604EB7C859852AFA3EB87C1BB5CE40
Requests: 41 HTTP requests in this frame

Frame: https://cdn.bmcdn5.com/p/624325d5128270001a18663a/?source=https%253A%252F%252Fwww.manhuagui.com%252Fcomic%252F35579%252F488749.html&sourceid=782305483447&ent=&we=0&fid=07033152fd78c530eb521ea33fb6af09&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=1f338c52-e5e1-4bee-82fd-e848c2787b75&sessionId=49b739a8-65ba-4ea2-9172-17d92b42c671&pageViewUuid=98eda91e-e6b6-4389-92b4-f8fab5dcee39&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Frame ID: 342CD11D509D6412DAECDF86F85A1B9B
Requests: 4 HTTP requests in this frame

Frame: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/
Frame ID: 8BE601A85136497798F064117FD6CD42
Requests: 10 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: FC6F698AC82E8E8E958384ED21232A68
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: FEA94915169190E7DBD61DA718CC739A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: A31AE5ED38335C7652E5CD660030ED03
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 82487A9DE284A8D8771C12A48DC7CECF
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 4C5BFA455BE27550B9602DCADE9C5B72
Requests: 15 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: E260FBEF4BCC46AC61B6AF72B158B63A
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 4C4FD2E264135F28F69EBE0423B814E5
Requests: 14 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 28833E1E7F2C62579FD56DD725008A25
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: F800543BAD91DB2E80EA307CA7BE3E6E
Requests: 15 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: EB9A5116A2F4CEBC38B61078BE68F13B
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 0AAA53F9CAC34159E0D4C5F42A38DB6C
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 8CA9848AD52275CDC918C64046D2777F
Requests: 1 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: E8E88414909F5A447BB3C35A8BA2E528
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com
Frame ID: 861149C739F4E26E45D8C8337BDC8F35
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com
Frame ID: 706ACC8D8AB19002BF3073A91787040A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com
Frame ID: CD3EA2D2BF22FC28BBD09CC5A77007AE
Requests: 2 HTTP requests in this frame

Frame: https://www.lookit.tw/native.html?s=728x90IK
Frame ID: E7A8EDCBA33E4C57EC68670C0D1B4352
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: F274909AD4C812BCD3AC8D37A63B30DC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1213EED7476E1CD7C09661861FC550A8
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 3A5D64530372D893508C286D75085897
Requests: 16 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 5EAA7B09AB75AFF7D0C4586A5D181AA5
Requests: 1 HTTP requests in this frame

Frame: https://www.lookit.tw/native.html?s=728x90IK
Frame ID: 15AD0519594026DB15FB33F0A977E1C3
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com
Frame ID: 192E34218BBBDC38D0C6BEA3B0D89302
Requests: 2 HTTP requests in this frame

Frame: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Frame ID: D880B1A52269AAA87EC98DCB9B890496
Requests: 5 HTTP requests in this frame

Frame: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Frame ID: 847CB4C506D41CB50EA2E75901913B80
Requests: 6 HTTP requests in this frame

Frame: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Frame ID: FD243D453FAE2FD5CBBC9A93B16B7EA6
Requests: 5 HTTP requests in this frame

Frame: https://www.lookit.tw/native.html?s=300x250IK
Frame ID: 41058403AB84F424805D1E65A3D913BA
Requests: 8 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 2EEA9E7E5D35DAB7456C776B5A49E423
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: C9FB345879F3DEC9485E44D909BF1214
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 44393E1B1E6BF535F9146B14A3D15B2D
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E97660729D67114F197F43198AD006FB
Requests: 17 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 46EFDD0FA5E743B8636971F6D3150666
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 894646FD58FF1606A84C17E0FFED1E92
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 6D554C7A93F7C04B97163FCB5F4101C4
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 19B6817CC219C58F78E8B757E0BCB507
Requests: 18 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 926931D035CB15590B23C151F24956AA
Requests: 1 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: DEA8B8457D2ACDE4A361D4A5804236EB
Requests: 8 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: 5F86148FCA34358DA142E22268768C5C
Requests: 7 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: CC61D8582BF37EAF2A5030B62B15CD70
Requests: 4 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 9E34E07D7F6E6D379B5836854C154B13
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: CAC671C2A3E660941DA0E967FADCFFDE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: FCFB06021738E9522232678231C30D86
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 57616247E6FCD1B007F85FC6C3674A20
Requests: 5 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: F0D5A704A2AF926F47E16FCE5FA551DA
Requests: 5 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 32B6C68531B804C2A7E1F9F1955E544D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C3944F0680DD5DE70D2A90E2153606D5
Requests: 8 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: 49703EE039CD8E5E7D0234696EC1F645
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E5D6A318C8FC9BD23E2A41FCA6FC3BC1
Requests: 8 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: 29ECC7BCCA5D5EE903A9912DF5FE21E3
Requests: 7 HTTP requests in this frame

Frame: https://4e3d9b4ab1ee60beeb1400325640feff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 01815F5F82E8991E187EF779DB1444DF
Requests: 1 HTTP requests in this frame

Frame: https://9301cb9f0109ac4965511cba9969e0b4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: C289B891253BD07EEA2B8F46F26F7E3C
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 3B25CD4B170AC6987A407298D87E57EB
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com
Frame ID: 1DF227A5B6FAAF14DE636AAD25C23C70
Requests: 2 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: ADAA5D2C5D854143E3A721F961B612E9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E63E114176152098618AC78E27352734
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CB6669B8C28EAB22611D7B2D0208862
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF8398ECCEB468B0F85E3E57C7D5887B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC91EDF04F61B05BB197B148EF4AC100
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

反派女主的时间沙漏第03话_反派女主的时间沙漏漫画 - 看漫画

Page URL History Show full URLs

https://www.mhgui.com/comic/35579/488749.html HTTP 301
https://www.manhuagui.com/comic/35579/488749.html Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

342
Requests

92 %
HTTPS

50 %
IPv6

32
Domains

57
Subdomains

48
IPs

12
Countries

3204 kB
Transfer

6389 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.mhgui.com/comic/35579/488749.html HTTP 301
https://www.manhuagui.com/comic/35579/488749.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b HTTP 301
https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/

Request Chain 53

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 54

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 57

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 67

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 90

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=iYAUbWKPCE-iDMkLdGb4Yw

Request Chain 92

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=1c_yJTgNDHKsH88xdGb4Yw

Request Chain 93

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=r_wehWcyDFyXrIG2dGb4Yw

Request Chain 95

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 100

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=0&topUrl=www.manhuagui.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=OY4r_nxkc3JPT2lUN0tuUExsSm9KendYK2dDZ204U2UxVzlDVWF3ZGZxdFpsSjEvQWI5VURKSEJCRCtUeGl0VHVPL0FDVVoraFdvVEdraXdFVVVmdmE0c2J1VnBzaXI3TStEM1pCQmowdEZyQ2pvU0xmRHVRMzJWVmJDdGRUV2VpRE1DR2NPQTltSW1BYlhGMFJYUzJydDA3amtJV2s3Z3RVVUJzUS9QN00xTnVCeFViTzBxYXFnVWN2SnV0c3V6NktjcFRVWldkV1R0cDRWNExkdXJxbmlrVjREQkxZdVQycEhTN3lRNWFVOG1iaVhJNGxHOGhMcldNaDlsSjBkZ2R5ZnFSODQ3VjRpY3hFdUwyTXcxaUFOYVduQT09fA&cppv=2

Request Chain 109

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=3&topUrl=www.manhuagui.com&bundle=VUvIY19SNFhLb1FET0VOdm85V0lvMk9uVlJlRldEMjhsbkpKaHlWMkNMVGJ3WmdsY253NzB5eDh0akYzUlh5U3JDbk0zOFhMdW11SWZDN1pDZVlUV1pVNWdGNjBJVkVZMlEwcCUyRjd3SWJ1REdxN0xnMW44Y3hwM0htSG4xUkNuWGtXdmtmS1RtUlB0eHIzNkVvNiUyQiUyQnhsYnU3QUElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=9-lOeHxQZGNlcHJSOEJ5bzhFK0R4azF5ZTZCWFZRc0NEZWRWMURaREJHb2pxQVBhdDJGYkJxamNsT2FCWjVTWmJQWmwydk53cWNOSDU5WnJCV0pUY3phZzl5R2o5ZEpZTkhwZ1Y2TkIrcWVvQnZaSDBTTStZVVlEMUZDa3VqeFZ5ZEFTMmtwUkdRdmd4NlhnRjhQMlhmMk1qY0lOcERpMEZkL1E3d3BDS2pkeDQvQytLZndtbCtuQXpIWldPbHVHRWx4NjFVOS9UcXFnUGZjT0lveWlBVGltc2QrcFgzZW95YUNSNzg2QnpFam1BeEQvUWRhQ2hUS2swMUdDV2xEekFEaVY2eCs4cXpHNzhvay9TY1dkSVRoQ2FUWkVkUG1xTzBabnJGSkJIUEVPZGd3UT18&cppv=2

Request Chain 110

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=3&topUrl=www.manhuagui.com&bundle=VUvIY19SNFhLb1FET0VOdm85V0lvMk9uVlJlRldEMjhsbkpKaHlWMkNMVGJ3WmdsY253NzB5eDh0akYzUlh5U3JDbk0zOFhMdW11SWZDN1pDZVlUV1pVNWdGNjBJVkVZMlEwcCUyRjd3SWJ1REdxN0xnMW44Y3hwM0htSG4xUkNuWGtXdmtmS1RtUlB0eHIzNkVvNiUyQiUyQnhsYnU3QUElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=2doY73xuNTZ2TGpzdHp6WG9IOWxEaWV6V2F0OHloQVkyWUowbEFuTnBWMTFyQ2xUZkZSejhXQjh6aHpITVVwZm5DaXV2amNNNnlQSUpNMFE4QlY5RGJzVXk1S0RyOWZCMnFDUmtwSEE4eHJkUFgrWklrK0RWb1NvVzY1NDFvbWV0NTZpNE5PODBYRkZ4encvWFlMWU50ZjNOQStEZWtxVWFuZHVnakU4My9rM3hKWlVhVEJOeE5rbWdHaUE4S0N6NEsvR2VyZW55WlA4TkJyVldYeENPdU1RUit3cFVSaEc3ejl3dzhuSlBWTk80UkRlUERnT1BSM2Npc2hwendUQ0pwRjlQWkl5V01BaE9tVHlmdzc1UmRPaGtZUmUvWkNjK0xzT1Jsemd1ekxqT2RNMD18&cppv=2

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1

Request Chain 141

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 142

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 147

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=3&topUrl=www.manhuagui.com&bundle=GMkS319SNFhLb1FET0VOdm85V0lvMk9uVlJXSEMybmNDVDN2SU5aUEtTcGR2VlAzZTdDeCUyQkMlMkJlMFhBUTBaOWpmcUlpaGx5YSUyRiUyQkhpdUJZRlVEaiUyQnpab0JkWDZjSEkwOW90JTJGdHNxQ1dROXRtZHlob2VteHhiWmRkOTVxZEc1T1hPRnJLbFBBM1V4V21QQ3VEdm9oJTJCN01pWDF5USUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wZUqJHxMM2RxRDNDRkcyYnh3dWJXMzhLQjJZRjE3ZjJxRWkvRXVPVVJxL0s2RWM2Y1ZqZ3RzQTlRbDVCM3R2eXVVaTl2SVBKV1F2ZDBEV0c4RGEybFA1dzJrSHJheFBJb3VmYktkTU56bGhhWUhwQ3hDK1U4VTRFS2crSE5Fd2NjT3dEL1UwUzZOL3RvSXpNck45c2I3blJyeVBUQ21nanlvMklVVDRVM0M2TTdTWUE1aVIva1grbUJSUmRKTGxBUktsc3RWNHpIbjhLWStHRzFsNlprc0dtMGJTTmRjbWNtRUdnWTlXSndIVTlrQm5WTkNnUkJDMTdISUhZMWtWMkpwR2xPVkNjeVkzUXU4ekdKejROd0JGb2hiSHVhSVA1Y1ZSOHFwdUJZRlNsV0xZaz18&cppv=2

Request Chain 180

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1

Request Chain 211

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 212

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 219

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 221

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 222

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

Request Chain 269

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 270

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 326

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.lookit.tw&sn=ChromeSyncframe&so=0&topUrl=www.manhuagui.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Yok-x3x5d0hkTlhBc1YxQm43RGdRVVJUTW02VUZ1S2ZKTU52RDRYbzl4WHl2YkJuM1pJYkdzbG1EdlFGVndpMGV5aytQR0tIek90dndFOGh0M1F5a3lXV3BoQUJIYXBZakwvcHlHT3FKUTNIUDgrdGx4UWQ4aUxzT090OFpFUktaOVlwL1pBTndIWjNNblRYMGZrQ2FzN2ZwZk1DeEJNckY2dklaSllPVVFSbzlSblFHYkdvUG03Rm1IQzBWOWwrQ0JRL0pKSDFxUzdzREw4R2RVRFBqcE9SUEpOWFljcVpWNW5SSEx1UmYwdTlxUHZSR2VnU1BSSEtXWkZ5K1ZuSGhuVkZFWVZvczhlS1gwSmhrNVZVR2pXZk5IN1lRdnhRazdudUdEMUorYUJSRm0wbz18&cppv=2

342 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 488749.html Show response
www.manhuagui.com/comic/35579/
Redirect Chain

https://www.mhgui.com/comic/35579/488749.html
https://www.manhuagui.com/comic/35579/488749.html

7 KB
4 KB

964ms
416ms

Document
text/html

139.162.106.29
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.162.106.29 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1590-29.members.linode.com

Software

nginx/1.18.0 / SEEMH.COM

Resource Hash

195ee4fa3d490ac0a2ca8f2ff7e250f81c382d307cdf2d81ba0debd428fd6a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 Feb 2023 07:25:36 GMT
expires: Fri, 24 Feb 2023 08:25:36 GMT
server: nginx/1.18.0
strict-transport-security: max-age=31536000; includeSubDomains;preload
x-cache: EXPIRED
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: SEEMH.COM

Redirect headers

content-length: 169
content-type: text/html
date: Fri, 24 Feb 2023 07:25:36 GMT
location: https://www.manhuagui.com/comic/35579/488749.html
server: nginx/1.18.0
strict-transport-security: max-age=31536000; includeSubDomains;preload
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
cf.hamreus.com/css/ 26 KB
7 KB 76ms
14ms Stylesheet
text/css 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

2c1874a430d05d260c5378da7f9df2b4fe347f7e31f7a65072168980a0dd873b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9325553
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Sep 2020 00:54:20 GMT
server: cloudflare
etag: W/"c92eafe77a90d61:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVBDKbXeLOYwoPbkUaCFjDijGAbezZhk7qLe%2FhlHyDtLusvOyPl24UCDH%2FlMsDzBw4PQA1lJLtqrCIDME27cnBBmAP0mhu1XlTvLaudnKee6hJUWPvP%2FTetONFpNhV3saw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 79e677e2db71696f-FRA
expires: Wed, 08 Nov 2023 08:59:44 GMT

GET
H2 200 config_5F5A8A8B46A7B711EC3579AFD755010FA8E85725.js Show response
cf.hamreus.com/scripts/ 107 KB
39 KB 77ms
16ms Script
application/javascript 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.hamreus.com/scripts/config_5F5A8A8B46A7B711EC3579AFD755010FA8E85725.js

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

30dea500a4657accba196909831f0e21a6ad970c8595cc1a87e1c7e16bfe9c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280190
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Sep 2020 00:54:20 GMT
server: cloudflare
etag: W/"62dcee77a90d61:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RICmjWZmnycevLBimHX4i5h1FfQoWUE4teL3FNUwlMLGZrKrC%2Fm0HKpCZFaRkofK6yCaNIFgKyarG2ylH8B7BLY2hRLpChnbatTSfBrgffN7b4TkG9azhJv9L4OOzGpCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 79e677e2db72696f-FRA
expires: Wed, 08 Nov 2023 21:35:47 GMT

GET
H2 200 core_2C5AD3BA009F5A0F5CCE4B6875F17FF70D5663A9.js Show response
cf.hamreus.com/scripts/ 91 KB
32 KB 83ms
22ms Script
application/javascript 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.hamreus.com/scripts/core_2C5AD3BA009F5A0F5CCE4B6875F17FF70D5663A9.js

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

46e9f38fdbd437a0e7c446af860ba0521d12adb0037b8eed1d0d0252b08705cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280190
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Jul 2022 03:44:59 GMT
server: cloudflare
etag: W/"1fc6cf6a7d9dd81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRX%2Bizh6YFvQoK%2Ff%2FadmzKydtALCkyopeiCg4DzGiNJUlNMx%2BqIN15E6MEcXmfpYBeR1ewZBibgoH0qbKR2PFfwQSBf50%2FOBx5iZwlNdcsIUSQaduc8gaJNbTySVjzFrqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 79e677e2db74696f-FRA
expires: Wed, 08 Nov 2023 21:35:47 GMT

GET
H2 200 ysm_ikanman.js Show response
ad.sitemaji.com/ 204 KB
91 KB 72ms
20ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_ikanman.js
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: dd71a955bcd2d39f8d0ce170b828831a5398b4d38a06f4b0eeeb5f51a767fcd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:29:57 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 14 Feb 2023 03:47:43 GMT
server: nginx/1.12.1 (Ubuntu)
age: 82540
etag: W/"63eb045f-32f09"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92515
expires: Fri, 24 Feb 2023 08:29:57 GMT

GET
H2 200 footer_85567689D82807C3764BA4B9FCF0B9485834D8CB.js Show response
cf.hamreus.com/scripts/ 1005 B
1 KB 73ms
14ms Script
application/javascript 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.hamreus.com/scripts/footer_85567689D82807C3764BA4B9FCF0B9485834D8CB.js

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

87a107b8f235a7ae5d4b5f670e6d915df3b3089628c7d833f5ef1c4e585f5f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9279950
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Oct 2022 08:18:51 GMT
server: cloudflare
etag: W/"ea927f9413e9d81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhPclb8lxuqG8F9OyvrteAWMQpeP%2BQo1KnZvvOMAgbub1dZE3To3zfzlgwu0VcVsFbAQU1mKb0p2v2mZibd9mutDyu74Be1la3QJslLRKZfA26Y7T50dmEtvlHesZY6tdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 79e677e2db73696f-FRA
expires: Wed, 08 Nov 2023 21:39:47 GMT

GET
H2 200 624325d5128270001a18663a.js Show response
cdn.bmcdn5.com/js/ 8 KB
4 KB 157ms
108ms Script
application/javascript 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/js/624325d5128270001a18663a.js?v=1677223537141
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127d77a32b34260d6c0fec0e002caa0d6ae13fb3176018520d7cc9e297a0d774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbsSSMbjxg3WzQVYIjd1jijKcQzfb%2BK4Gvwj0jeAUvPlTg7%2B5p37vbhCsKc4mJ%2FTglHbXcz0tsvD%2Fv7aNvoLI1o4d0ap85xA0SsjZnI%2FVKyRbfi5i0%2Ft6jDlpwQ1J5XV3YMdXpQzrsv66FyCJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 79e677e37a39bbd4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Fri, 24 Feb 2023 07:55:37 GMT

GET
H2 200 submit_ajax.ashx Show response
www.manhuagui.com/tools/ 70 B
401 B 634ms
634ms XHR
text/html 139.162.106.29
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.manhuagui.com/tools/submit_ajax.ashx?action=user_check_login

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/scripts/config_5F5A8A8B46A7B711EC3579AFD755010FA8E85725.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.162.106.29 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1590-29.members.linode.com

Software

nginx/1.18.0 / SEEMH.COM

Resource Hash

5b36fc790be1246f322aeca41ad3c545ef46302b0c0f937b853a9f4509e15e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.manhuagui.com/comic/35579/488749.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains;preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: SEEMH.COM
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Fri, 24 Feb 2023 07:25:36 GMT

GET
H2 200 sprites.gif
cf.hamreus.com/images/show/ 946 B
1 KB 15ms
13ms Image
image/gif 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/sprites.gif

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

3ec348f7008b2fccd6cc39398578f397c833c06380fe90463191116d27027036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 946
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "73d31c7b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heh58C%2BNp%2BcdhKZzzGYqYSikDYS0oNKif0DmNZaWbzuu%2F3KH6fWTGWjSn7iSnJ%2FN6aDQwyPi4B%2FhKoKmUmkJgd7GXOrPY7z6XVct66%2B9cbjrF2DTkffs7AoioKI0CdIKFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e33be1696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 logo_mini.gif
cf.hamreus.com/images/show/ 3 KB
3 KB 15ms
14ms Image
image/gif 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/logo_mini.gif

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

aa57468383b53d9b60458647e700cac69a75326752b41c9a6db4fdbab461a58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3244
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "c66877b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsPQ63KQLKK0ZHtEAXeow5F19aDPy2TJuOGxTB6aMPVCE2qaWHH3hJtoYG8w4OufwXgobVjt5MsJ5qp7Kx40Rs4Wm1jC0MKbc9pS2FTa2fwH9svosC5Kcxi1CSI1GKwm4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e33be4696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 hot.gif
cf.hamreus.com/images/show/ 231 B
591 B 18ms
17ms Image
image/gif 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/hot.gif

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

753386321de142ccbfc747b2f5a0d21d32e5d1e79fcb878c608f1a49a11b3362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 231
last-modified: Wed, 09 May 2018 04:30:39 GMT
server: cloudflare
etag: "ead5b97b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaGeuuQ2dfPxdi9wukukMIeLXz89Vjf6b59TDKfqWeoWHTJR45R0ZyX8IX%2FrFzcks5sTc%2Bt8mr5yA5jVNIGoMpxnhZtsnG973IyMhcHw5t%2BMelhSPV9ufGP47UUtguCy3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e33be5696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 icons.png
cf.hamreus.com/images/show/ 3 KB
3 KB 20ms
19ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/icons.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

119675abf3b276d4d21f7e21d6f4014726bc5c599d5e6bff6f227d7706b351e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2710
last-modified: Wed, 09 May 2018 04:30:39 GMT
server: cloudflare
etag: "bc6ba17b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rI%2FeL6Lri5qv7Kso8vLjTF8MgxjClRZH6UEHyVlOkxDAhkbjrm1P2qrThSY4SHHOe0BNPQD4AQHKZ7XgMKb8DdnMZSglRWbq0lk18iXda6xAAyDAxSE9AsrA%2FpEi549GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e33be6696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 nav_bg.png
cf.hamreus.com/images/show/ 45 KB
45 KB 16ms
15ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/nav_bg.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

ac50e3f1b80e462d8bb974452d8d26d191a9614946b2b310a4f8def011abf5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762786
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45572
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "15d6787b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FwD6U%2FwQUm5u0DqXLFKf37cH%2BhFCJolygvJUAeuCtv5hSvoizWNsG8ZTfFHEdztV2Elsw21BMYO5Ft7lCA1yrw4NF9zTzg5qEnRxJbaZTOi5lRxzkG4uBEdCY%2FXBEMGlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e33be7696f-FRA
expires: Sat, 03 Feb 2024 21:45:51 GMT

GET
H2 200 qr.png
cf.hamreus.com/images/show/ 1 KB
2 KB 20ms
19ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/qr.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

fbfdfbb16fdf69da4dc68583466d74abe9f91b2716e79754c447e2d429ba9024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1269
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "4d5467b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu9tlZ%2BdLReo0kAwL1lX3RymXeN24%2BoX3%2FJ%2FEm%2F4UxA4Ouc71fK42wLhux36jGIfXMNzuVMEossiw8P4sUZX%2FOWhrnDX1mY1E0wcEU%2FBf87h3BY%2FLO18e29TtlTKD9jy8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e34bf1696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 speed.png
cf.hamreus.com/images/show/ 531 B
832 B 15ms
13ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/speed.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

5a74841588b691df29fbb7da5975b01a1e2510159ea413a8b43a8fd6c9fd3d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 531
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "3cdc2a7b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxHcencWU9ZO2gELwiUMFydBm3DBCY89M%2BMda9wJA7H5ywAsmTD%2FuB8ZX6yLer6TDPh%2FGQc9kFTQOYVH8UPbfC%2BVz9l3RQd3LP4WFP%2BiVmixK4Wbyzh1vs3GKLpGAc9SqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e34bf4696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 zoom_in.png
cf.hamreus.com/images/show/ 858 B
1 KB 18ms
17ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/zoom_in.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

ea8d0aac0845198f8c36e8219e851e8518e587056a38b9339d92c13cf62e0ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 858
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "1c141a7b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cERVxSmVrxGGVb3SJzwchsD79uTb6%2FvA5R0sUck6P%2F6FqU54ch%2Bj4lDblqRfVm%2BEWihl3CSDt1PTdQ3etoF2HDT7eWVp1bNq9dWVHHVMKzm3AegdZP0zoRfaxl3PwmKzSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e34bf5696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 rotate.png
cf.hamreus.com/images/show/ 1 KB
1 KB 15ms
14ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/rotate.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

4992ee1b6908be6313e5657dc00c9494188fad9097089c4116d4fb7d58a5fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1116
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "813c357b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI315C5vHCf9lmFqxZOfBqY2iGr%2FFuPaznReK7R4UkiC%2F%2BczHhUJatN98fFCe0caPOiMhmniaYy%2FuB%2BKE%2F1dhYHam0ARtmKJ1mtIPyAAZ7bMYCvWC1ReoaoSwT7DWfzfxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e34bf6696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 crop.png
cf.hamreus.com/images/show/ 552 B
875 B 17ms
16ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/crop.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

623d93bd8398f1f481c4987347f04f7b3b41baaa59d0492ba07aec8b9ba26d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 552
last-modified: Wed, 09 May 2018 04:30:39 GMT
server: cloudflare
etag: "2f7c87b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YE34bUAUIgou1UCAD%2FJVcKPJuRmDJZUqaQtpYDWbTrqUKzc6z6BTUGsS1dp%2Bs7cAz4fyrJHuq53GuHoLq5LWF90lgzpDZfwMpHiUdupa1WWa0PdYtksL2kP4fzc84Caazw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e34bf7696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 gray.png
cf.hamreus.com/images/show/ 617 B
983 B 18ms
17ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/gray.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

1f105f94097f21d363113f45f66d3aff8d274009658dbab3b45f4a984d4288f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 617
last-modified: Wed, 09 May 2018 04:30:39 GMT
server: cloudflare
etag: "e2afc27b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRoGWMJStuAOAe2dZgyhTyn%2FI3J3cqlIK9KgLrKLLQU9FufOR%2BBkfenXuU29cm6ReLHE2H6YcWpd5KOUTsEql4mRjvGv75NXPx%2BJ%2FFP6W8ri7cZKe%2BCP9xSlOyA5mj8KPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e34bf8696f-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H2 200 img_loading.gif
cf.hamreus.com/images/ 2 KB
2 KB 16ms
15ms Image
image/gif 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/img_loading.gif

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

0f37e41cfd6ef708a4545e4187dfc56501a577c44e64f521ad18d736a8ee0a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9398091
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1935
last-modified: Wed, 09 May 2018 04:30:27 GMT
server: cloudflare
etag: "996ae4744ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afojw5OslB%2F9oL3nPUfWZsdCZCara2UJiMrmx2Bb5evdX83fys0NZcy%2B%2FYD5bsBLhohkq2yjPBUVQu8mjGLRBsZDnpBz5hh1qKlvHA3ydBy%2B0bOzMJdeVg9Q4v2j0wflRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e34bf9696f-FRA
expires: Tue, 07 Nov 2023 12:50:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 141ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5F270PE29

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/scripts/footer_85567689D82807C3764BA4B9FCF0B9485834D8CB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

426a1677bc6156171f49adb932f58b34c428dfebcac1b69e51a64e6e711cf634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 07:25:37 GMT

GET
H2 200 count.ashx Show response
www.manhuagui.com/tools/ 0
209 B 432ms
431ms XHR
text/plain 139.162.106.29
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.manhuagui.com/tools/count.ashx?bookId=35579&chapterId=488749

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/scripts/config_5F5A8A8B46A7B711EC3579AFD755010FA8E85725.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.162.106.29 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1590-29.members.linode.com

Software

nginx/1.18.0 / SEEMH.COM

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://www.manhuagui.com/comic/35579/488749.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains;preload
x-content-type-options: nosniff
server: nginx/1.18.0
x-powered-by: SEEMH.COM
x-frame-options: DENY
cache-control: no-cache
content-length: 0
expires: Fri, 24 Feb 2023 07:25:36 GMT

GET
H2 200 782305483447.js Show response
cdn.bmcdn5.com/js/source/ 60 KB
20 KB 109ms
108ms Script
application/javascript 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/js/source/782305483447.js?v=1.0.11
Requested by: Host: cdn.bmcdn5.com
URL: https://cdn.bmcdn5.com/js/624325d5128270001a18663a.js?v=1677223537141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569c0623741d6ed8fb4b9befae4f805c87735ee3a304312114a299f468136a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZRjaOsTQaRZsOMqk2QJBRpQqnIWHdy67HjKvRg1kig5rCZen8gm8ZyKVIYRV3FdKRgwQNkKW%2Bw3ts0rP51ykMxHB5BFzDAZ3R%2F2MV5vnjBmRP2uxCH7uspNaBkv8Uj7S1Z6dZj2ADOVFBOQSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 79e677e42b74bbd4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Fri, 24 Feb 2023 07:55:37 GMT

GET
H2 200 /
cdn.bmcdn5.com/trl/624325d5128270001a18663a/ 0
274 B 111ms
110ms Image
text/plain 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn5.com/trl/624325d5128270001a18663a/?sourceRef=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&displayHost=https%3A%2F%2Fcdn.bmcdn5.com%2F&loadTime=2000&badCode=PGlucyBjbGFzcz0iYWRzYnlleG9jbGljayIgZGF0YS16b25laWQ9IjMxMTg0NjYiPjwvaW5zPg%3D%3D&badType=replacedWithJs&version=1677223537303
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahEldMItyntqwxYvzMksmxHjanJKuIgpdFX8woG3UNYQ95Kb%2F0G4ZgHF8uflqzvnaOyFcD4GPy6eL%2B%2ByO37UtupMUKlrvEgO4a4f8zrBhWpz5AOvw1j0jN32%2B%2Fj2NtT4vii10v2kdK5S8BPkDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1800, public
cf-ray: 79e677e42b76bbd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Feb 2023 07:55:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 61ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5F270PE29&gtm=45je32m0&_p=776193650&cid=1450408375.1677223537&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677223537&sct=1&seg=0&dl=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&dt=%E5%8F%8D%E6%B4%BE%E5%A5%B3%E4%B8%BB%E7%9A%84%E6%97%B6%E9%97%B4%E6%B2%99%E6%BC%8F%E7%AC%AC03%E8%AF%9D_%E5%8F%8D%E6%B4%BE%E5%A5%B3%E4%B8%BB%E7%9A%84%E6%97%B6%E9%97%B4%E6%B2%99%E6%BC%8F%E6%BC%AB%E7%94%BB%20-%20%E7%9C%8B%E6%BC%AB%E7%94%BB&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5F270PE29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.manhuagui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
cdn.bmcdn5.com/p/624325d5128270001a18663a/ Frame 342C 2 KB
1 KB 132ms
131ms Document
text/html 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn5.com/p/624325d5128270001a18663a/?source=https%253A%252F%252Fwww.manhuagui.com%252Fcomic%252F35579%252F488749.html&sourceid=782305483447&ent=&we=0&fid=07033152fd78c530eb521ea33fb6af09&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=1f338c52-e5e1-4bee-82fd-e848c2787b75&sessionId=49b739a8-65ba-4ea2-9172-17d92b42c671&pageViewUuid=98eda91e-e6b6-4389-92b4-f8fab5dcee39&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Requested by: Host: cdn.bmcdn5.com
URL: https://cdn.bmcdn5.com/js/source/782305483447.js?v=1.0.11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d9bfaf6a51a1bba2b2ac2a1dad54b4ceaecfd2b29f5df7441e5c0507f45c339

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-encoding: gzip
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79e677e66ec76921-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 07:25:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcXnVh%2FqU9iQgsCureSBKO1J9bfvw8UBvKLCgYh0juiRbsylGtH6f%2Bs89nah7hYYTxTpyWE2N8Iz%2BNVYMd43TH5N13Wr7kTEGNkNvJIykfSSkSwtjwBU1HW9pB798qbBVR%2FBjVRCaVCMIviB%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 /
cdn.bmcdn5.com/pv/61d6f7dd4366a20021a2d63f/ 35 B
501 B 114ms
114ms Image
image/gif 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bmcdn5.com/pv/61d6f7dd4366a20021a2d63f/?source=https%253A%252F%252Fwww.manhuagui.com%252Fcomic%252F35579%252F488749.html&sourceid=782305483447&ent=&we=0&fid=07033152fd78c530eb521ea33fb6af09&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36&sig=0x00000&blocksubid=0&pageViewUuid=98eda91e-e6b6-4389-92b4-f8fab5dcee39&version=1677223537652
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvCOwCU9SfMwEsvnKBtW%2FWR7YxvpLokWzC54hiYdHsK19DhRbjtJIoApR55IwB1KnRH%2Bafrclxdq3qMv0tHzvmu5wDThl4gjCfn9KKJJhTvYSZ8jMjiT2eYn4wUi5oq5630P9nR7ZBc0zvmF6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 79e677e66ec36921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 keyboard.png
cf.hamreus.com/images/show/ 2 KB
3 KB 16ms
15ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/show/keyboard.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

b060d5753b585b57b36e4eda6a1a6b6aec1113c1e6cf76b246ef7d58ca915a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280189
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1995
last-modified: Wed, 09 May 2018 04:30:38 GMT
server: cloudflare
etag: "926a867b4ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FHLYXl5EIjNZzHWG06Wqdlo40iC9n9lQ6XGcndikfB7JZWFYuOAN%2FY0MSAx%2BNhrBhpZ6N2RDGZ9cE8tyFYfOCOsdF1sP2W5Yv7jjCaTQteo81IXUoIXeFhHcttwjCKg%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e75fa9994a-FRA
expires: Wed, 08 Nov 2023 21:35:48 GMT

GET
H3 200 bg_main.png
cf.hamreus.com/images/ 19 KB
20 KB 23ms
22ms Image
image/png 104.21.81.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.hamreus.com/images/bg_main.png

Requested by

Host: cf.hamreus.com
URL: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.81.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

0e81967508632534241cb30237bd29c37f3b460f70f8b6a7c68203c5bf689342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.hamreus.com/css/detail_5E8654D42C21FE55DBE8006AAFFB8EF4CFAFBBE4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9280195
x-powered-by: SEEMH.COM
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19880
last-modified: Wed, 09 May 2018 04:30:30 GMT
server: cloudflare
etag: "e6de6c764ee7d31:0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkUOtYqLS0a2HaKabJS0MWVyTMydoOFtRS54A%2BYdrBUJin6Cvjstv%2F%2FvBFAS86bo2LeyAmOzhWL7h0erE8uxRLYj7gP6nEmuY7v8KIRWsyhjKJxbi%2Bv005yOpqyYxUnRXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79e677e76fba994a-FRA
expires: Wed, 08 Nov 2023 21:35:42 GMT

GET
H2 200 03.jpg.webp
i.hamreus.com/ps2/f/fpnzdsj_shal/%E7%AC%AC03%E8%AF%9D/ 241 KB
241 KB 140ms
39ms Image
image/webp 65.108.141.188
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.hamreus.com/ps2/f/fpnzdsj_shal/%E7%AC%AC03%E8%AF%9D/03.jpg.webp?e=1677938689&m=dZbgRKYRN0hHSFWDmnbVQQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.108.141.188 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.188.141.108.65.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

181c9768942a73cf58299504dac634ca88d0d2232d32327c35985198edcc1190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
x-content-type-options: nosniff
layer-cache: Miss;ENV=LOCAL
server: nginx/1.18.0
x-frame-options: DENY
x-cache: HIT
content-type: image/webp;charset=UTF-8
cache-control: max-age=315360000
expires: Tue, 09 Mar 2032 03:27:25 GMT

GET
H2 200 img.css
static.bmcdn5.com/css/ Frame 342C 27 KB
15 KB 38ms
21ms Stylesheet
text/css 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn5.com/css/img.css?v=v1.25.18
Requested by: Host: cdn.bmcdn5.com
URL: https://cdn.bmcdn5.com/p/624325d5128270001a18663a/?source=https%253A%252F%252Fwww.manhuagui.com%252Fcomic%252F35579%252F488749.html&sourceid=782305483447&ent=&we=0&fid=07033152fd78c530eb521ea33fb6af09&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=1f338c52-e5e1-4bee-82fd-e848c2787b75&sessionId=49b739a8-65ba-4ea2-9172-17d92b42c671&pageViewUuid=98eda91e-e6b6-4389-92b4-f8fab5dcee39&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.bmcdn5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 11:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4375
etag: W/"6399ae7d-6a64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaRg%2BwDJLgQQ6Rwpy80gl3%2BjzYwg96Bj84eulBLj%2FqXOo1SmQGOsGgxwsG%2B2zJmjbkwrxiYzetphAUGZlc0r8c%2BYW6br6BtJNPFk9kaamofsdXBVqgWmSGZDGeGvNgsoi8qR0myZkuA2EPx8q8stfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79e677e7a8a8bbd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

/ Show response
media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/ Frame 8BE6
Redirect Chain

https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b
https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/

84 KB
23 KB

449ms
448ms

Document
text/html

2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/
Requested by: Host: cdn.bmcdn5.com
URL: https://cdn.bmcdn5.com/p/624325d5128270001a18663a/?source=https%253A%252F%252Fwww.manhuagui.com%252Fcomic%252F35579%252F488749.html&sourceid=782305483447&ent=&we=0&fid=07033152fd78c530eb521ea33fb6af09&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=1f338c52-e5e1-4bee-82fd-e848c2787b75&sessionId=49b739a8-65ba-4ea2-9172-17d92b42c671&pageViewUuid=98eda91e-e6b6-4389-92b4-f8fab5dcee39&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F110.0.5481.177%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4c8b1528ff42fe56b43dfb6480dda2986035895d64ddadd618b3f5159e52764

Request headers

Referer: https://cdn.bmcdn5.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79e677ea3b446921-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
last-modified: Fri, 17 Feb 2023 05:25:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0vaDKUC2EotyJdh5UxHgYGJygF9rLbcwACvNAsdrxsaYuvQMSmUiSeAXEAe37thErEJL5RiMAJlMbp5beYIs5l7n7UIKdUVMBUVbB8xupg63mEnYbP9bKRDQRwbCetBydvc%2FDYpNBIg7GGRpljm"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79e677e7f8fabbd4-FRA
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
location: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTtb4TB49bucEySWQ8cpBC2bvybqAWV8%2FeP0lYFKXid2EOwGy1n8HNnIe7XuH3%2BY2s7wdUhQ4fgYQBfqEw1KKx%2BhjLh6WWZRZsGuQJEuekQiYdtn7AmU3EUj75gqx7WPppSU7GjgWCgvJiBUtOpf"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ Frame 342C 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 342C 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 04.jpg.webp
i.hamreus.com/ps2/f/fpnzdsj_shal/%E7%AC%AC03%E8%AF%9D/ 413 KB
414 KB 38ms
37ms Image
image/webp 65.108.141.188
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.hamreus.com/ps2/f/fpnzdsj_shal/%E7%AC%AC03%E8%AF%9D/04.jpg.webp?e=1677938689&m=dZbgRKYRN0hHSFWDmnbVQQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.108.141.188 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.188.141.108.65.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

46047315c67456ba61f5c8c39ae0605921ffceb47c03ce69df26be0740e8e12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:38 GMT
x-content-type-options: nosniff
layer-cache: Miss;ENV=LOCAL
server: nginx/1.18.0
x-frame-options: DENY
x-cache: HIT
content-type: image/webp;charset=UTF-8
cache-control: max-age=315360000
expires: Tue, 09 Mar 2032 03:27:26 GMT

GET
H/1.1 200
OK ask.php Show response
rd.sitemaji.com/ 56 B
362 B 895ms
294ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.sitemaji.com/ask.php?size=2x1,&hosthash=9cd53f683f7d&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ff06a7037f2bbe722bef67146ec4fd4e7b83a9b7d396694849cc5e34594acb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:38 GMT
Content-Encoding: br
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H/1.1 200
OK ask.php Show response
rd.sitemaji.com/ 56 B
362 B 1952ms
1351ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.sitemaji.com/ask.php?size=2x1,&hosthash=9cd53f683f7d&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ff06a7037f2bbe722bef67146ec4fd4e7b83a9b7d396694849cc5e34594acb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:40 GMT
Content-Encoding: br
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H/1.1 200
OK ask.php Show response
rd.sitemaji.com/ 56 B
362 B 908ms
300ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.sitemaji.com/ask.php?size=2x1,&hosthash=9cd53f683f7d&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ff06a7037f2bbe722bef67146ec4fd4e7b83a9b7d396694849cc5e34594acb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:38 GMT
Content-Encoding: br
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H/1.1 200
OK ask.php Show response
rd.sitemaji.com/ 58 B
361 B 909ms
299ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://rd.sitemaji.com/ask.php?size=1x1,&hosthash=9cd53f683f7d&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 5bc239944d31c4d37485c831907fbf1e13711462d27912f906a09e7a72982f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:38 GMT
Content-Encoding: br
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive

GET
H2 200 close_circle.png
ad.sitemaji.com/static/ 3 KB
3 KB 20ms
18ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/close_circle.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: f45251ca5f051c72ad1fb169af736cc21c8a16f798f4b7583f8717c3ff0773d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:56:20 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 8958
etag: "5d0b49e9-bd0"
content-type: image/png
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3024
expires: Sat, 25 Feb 2023 04:56:20 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame FC6F 6 KB
7 KB 107ms
21ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 24 Feb 2023 07:25:26 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 13
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: JJSEk2m2jS0bn7mayfwLbOPl-o40gnP8XWyb3OSAMUEmuRGjpI8wyg==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame FEA9 6 KB
7 KB 92ms
21ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 24 Feb 2023 07:25:26 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 13
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: hKrlRnoXiOgkgaLP09D_x88yUBSE7XevBbaidpNXhlgTNc-9XkYkoA==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame A31A 6 KB
7 KB 82ms
23ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 24 Feb 2023 07:25:26 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 13
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: zCzBDksFNocNPZDx7IKKFvF-IX-BEmWFt8qQkIyqNHkFlyqyARlqbA==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 8248 5 KB
5 KB 9ms
8ms Document
text/html 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37
content-length: 4730
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id: rlr6u0FCuYzTvkS3CTt6n5BGjIB8eKSjQ-rWy2lQxgehB8H0CbwXhQ==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame FC6F 662 B
1012 B 972ms
971ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:40 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 8FLgYkIVz833EXwtZic5BNxGL8xewRzTNbQFsOtbdg2aATUuJGhKRA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 4C5B 10 KB
10 KB 19ms
12ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42a448690be6fb8430ed2bcd08d2416aff5f8ea37b42596876720a3e897f834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Uyf2KYMzk1YWRVX6kbmCIKxL9eKypOGT
date: Fri, 24 Feb 2023 07:25:14 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Mon, 20 Feb 2023 17:18:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "2afe2e770b3f11a426c81cf18a204c03"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9728
x-amz-cf-id: DZ_TTOBcImQHThQTu3ChVGnR3rJdHH6klqFENCQRvIlx36k8CkyUHw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame E260 5 KB
5 KB 10ms
9ms Document
text/html 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37
content-length: 4730
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id: EwMuuh4PiOIuIQGP4Ch_MbZzhksLM0aprWY7NuRqt8_dYqSl_nnzjg==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame FEA9 662 B
1007 B 962ms
958ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:40 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: vp9-fNTv-EFNeHWDTuIDS_4b_ALnSxuVOtGJWfjfdzYh5RDOQLEcrw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 4C4F 10 KB
10 KB 8ms
7ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42a448690be6fb8430ed2bcd08d2416aff5f8ea37b42596876720a3e897f834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Uyf2KYMzk1YWRVX6kbmCIKxL9eKypOGT
date: Fri, 24 Feb 2023 07:25:14 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Mon, 20 Feb 2023 17:18:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "2afe2e770b3f11a426c81cf18a204c03"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9728
x-amz-cf-id: 8ELN_QTS_0pqdsyru_YOxV3BNC_ehawM_QXBMmubm7kO1rwUwrHGUw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 2883 5 KB
5 KB 9ms
7ms Document
text/html 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37
content-length: 4730
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id: 3lF_jXcoHMw9AWXy8-yt7fIXtbmI3EVlT9VGtpwoBrYFwSufqCbcyQ==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame A31A 662 B
1007 B 947ms
944ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:39 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: cAUaRRq3IquN1OUSGhHMwwvh32LT9ALU_ZX8s3J5G2LCYxroIFBPGg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame F800 10 KB
10 KB 9ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42a448690be6fb8430ed2bcd08d2416aff5f8ea37b42596876720a3e897f834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Uyf2KYMzk1YWRVX6kbmCIKxL9eKypOGT
date: Fri, 24 Feb 2023 07:25:14 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Mon, 20 Feb 2023 17:18:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "2afe2e770b3f11a426c81cf18a204c03"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9728
x-amz-cf-id: 0YVN87iOWNN12fDqpeGkFoUGuyaDbLzfemGQ3o3hSRPZvwDFc34umA==

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame EB9A 39 B
97 B 3174ms
3116ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 07:25:41 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 8248 5 KB
3 KB 947ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:39 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 8248
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
504 B

118ms
117ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 24 Feb 2023 07:25:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame E260
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
504 B

117ms
117ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 24 Feb 2023 07:25:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 0AAA 39 B
191 B 163ms
110ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 07:25:38 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame E260 5 KB
3 KB 943ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:39 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 2883
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
505 B

119ms
118ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 24 Feb 2023 07:25:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 8CA9 39 B
97 B 3162ms
3117ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 07:25:41 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2883 5 KB
3 KB 935ms
200ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:39 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 4C5B 668 B
669 B 877ms
263ms Script
text/html 2600:9000:221e:2c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13904
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221e:2c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:20:04 GMT
content-encoding: gzip
via: 1.1 05c379f9f2e24444b729aa2b8e4ab6d2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: KIX50-P2
age: 335
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tw.manhuagui.com
access-control-allow-credentials: true
x-amz-cf-id: nodGxPqWUfNvHVYN86F6F6cXonIb7kBIls2jYZwIe3FNuGaKc6OXnA==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 4C4F 668 B
667 B 886ms
273ms Script
text/html 2600:9000:221e:2c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13904
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221e:2c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:20:04 GMT
content-encoding: gzip
via: 1.1 05c379f9f2e24444b729aa2b8e4ab6d2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: KIX50-P2
age: 335
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tw.manhuagui.com
access-control-allow-credentials: true
x-amz-cf-id: JPC-Je3pCLpwab5NH-fZv9UfW_ZTp_4J5fVxsi-ZwVl1Ly3aGNc_SQ==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame F800 668 B
668 B 888ms
276ms Script
text/html 2600:9000:221e:2c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13904
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221e:2c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:20:04 GMT
content-encoding: gzip
via: 1.1 05c379f9f2e24444b729aa2b8e4ab6d2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: KIX50-P2
age: 335
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tw.manhuagui.com
access-control-allow-credentials: true
x-amz-cf-id: Xwuvhmz9eeN9CzGEBYqwiG89otSqmGULCw2QXQMPupSwTUeHRIihow==

GET
H2 200 css
fonts.googleapis.com/ Frame 8BE6 4 KB
1 KB 199ms
70ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,500

Requested by

Host: media.bmcdn5.com
URL: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.bmcdn5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 07:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:50:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 07:25:38 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 8BE6 136 KB
46 KB 177ms
47ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: media.bmcdn5.com
URL: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.bmcdn5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Feb 2023 07:36:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8BE6 15 KB
16 KB 176ms
47ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://media.bmcdn5.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 65503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:13:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8BE6 16 KB
16 KB 188ms
59ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://media.bmcdn5.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:57:30 GMT
x-content-type-options: nosniff
age: 138489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 16:57:30 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

44 KB
45 KB

45ms
13ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3919
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45472
last-modified: Wed, 21 Dec 2022 06:26:38 GMT
server: cloudflare
etag: "63a2a71e-b1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajxl70aJVAOv%2BEQo0m4rhyeutmr3M30Kf9leeowAaZblrwf147Iq5WWCRY1HfalH3bRoBtDmzcsOWBnvaMl5xSLE9SdeZUD31CsPEVlrU%2BawgbT9samDU68BFMtxBMGEac3fL1zs61l%2Bfd9Usg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79e677f299e03688-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame E8E8 101 KB
11 KB 15ms
15ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e20995babc972edbbaa72a67791b07096ddbc140ff2334860cff0c45f2fd942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:37:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 08 Feb 2023 04:45:49 GMT
server: nginx/1.12.1 (Ubuntu)
age: 82068
etag: W/"63e328fd-19402"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11687
expires: Fri, 24 Feb 2023 08:37:51 GMT

GET
H/1.1 200
OK / Show response
ssl.sitemaji.com/geo/ Frame E8E8 17 B
266 B 943ms
309ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/plain; charset=utf-8
Date: Fri, 24 Feb 2023 07:25:39 GMT
Cache-Control: max-age=86400, public
Server: nginx
Connection: keep-alive
Content-Length: 17
Expires: Sat, 25 Feb 2023 07:25:39 GMT

GET
H2 200 /
logs.sitemaji.com/ Frame E8E8 35 B
237 B 1335ms
262ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v1__ikanman_s1_FSA___728x90__728x90_request&pv=1&rnd=3535

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 4C5B 2 KB
1 KB 946ms
293ms Script
text/html 54.95.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13904&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=293&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.227.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-227-57.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f5b812d6655b437dae9589d0a40726647c5d8901576739502a3356e9ec68ae30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 4C5B 3 KB
3 KB 11ms
7ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 2RpBJqoRsfBREhmQIqhJ6cVtpYh-coXhbpK90DwFaRzLcQTKBZ0C-A==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 4C5B 121 KB
40 KB 108ms
60ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-1e297"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 07:25:39 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 4C5B 2 KB
3 KB 15ms
7ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: Jb_VzacJS3I2_SEz42dTI08sqQPZSjEcN1tSErZHdQlRVEAxnsZdgg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 4C5B 3 KB
3 KB 14ms
7ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: P-g3tyzUwH53Dbu1w_cbghdve6OtuRlT-BTPd3nsNgl4ogTYkJoIEQ==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 4C4F 2 KB
1 KB 931ms
281ms Script
text/html 54.95.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13904&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=16&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.227.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-227-57.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a12cbeab57f2de6528ada64cceea100360cf7e4ff7a295371bb72cee948489eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 4C4F 3 KB
3 KB 14ms
7ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: gLi91DB3jGjW6k16qqNZx-NRRehRWGGRuy_-jf7fJ5-HF_tVyWUilg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 4C4F 121 KB
40 KB 117ms
72ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-1e297"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 07:25:39 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 4C4F 2 KB
3 KB 14ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: em9eOpU-0_VWP-j73Xb8JVnpxFVp0enpCrTfEvns2cnGcTe2W1IZcQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 4C4F 3 KB
3 KB 15ms
9ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: d3PO-pFxEZal8wzwoNALWQUMQWQhPwz8YByWcC5vuxusSSG7-r9skA==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame F800 2 KB
1 KB 929ms
283ms Script
text/html 54.95.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13904&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=670&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.227.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-227-57.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8edfa1e8ae21af70195c3137f3df48216cca5b608855bc033473b3be51ad3073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame F800 3 KB
3 KB 13ms
10ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: JnTg8pNyKV3ejWWQegFQ7bRvqHFFdrdS1ezWK3jtf7ndPCrwMY2y6w==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame F800 121 KB
40 KB 82ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-1e297"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 07:25:39 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame F800 2 KB
3 KB 19ms
17ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: lS7xyPe2JV5m88D4V1L4rOCcHciyg7UQHKgpKfXz4Vw0dXBa2D85Tw==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame F800 3 KB
3 KB 20ms
17ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: PtJavPZv59St18rgadJNZgYTV4GY7ji0XiyPWaGyOTdOdWtZSO0EGw==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 8248 37 B
408 B 203ms
202ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0e78778d5d1f4f049728c4e5e2866876562c18eb40a63876c018a99fd4ba8851

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame E260 37 B
409 B 201ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

2072e010e953ad7f9e45c9c5a90f2524cd55d9197a8593768d7dba7baefec10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 2883 37 B
409 B 218ms
203ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

c0b6a6dc6b6531516480c3ea81e352c643ac97a7ccca99a5f2732bade5938354

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4C5B 0
179 B 513ms
159ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 4C5B
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=iYAUbWKPCE-iDMkLdGb4Yw

2 B
20 B

274ms
273ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=iYAUbWKPCE-iDMkLdGb4Yw
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:40 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=iYAUbWKPCE-iDMkLdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4C4F 0
179 B 497ms
159ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F800
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=1c_yJTgNDHKsH88xdGb4Yw

2 B
20 B

283ms
282ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=1c_yJTgNDHKsH88xdGb4Yw
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:40 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=1c_yJTgNDHKsH88xdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F800
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=r_wehWcyDFyXrIG2dGb4Yw

2 B
20 B

277ms
276ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=r_wehWcyDFyXrIG2dGb4Yw
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:40 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=r_wehWcyDFyXrIG2dGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame F800 0
180 B 487ms
158ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:39 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 4C4F
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

271ms
270ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:40 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8611 15 KB
6 KB 50ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 366678
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F800 177 B
434 B 603ms
16ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=12842953970

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d6c45ce2632e6c386adea71c0d746f54bd458d9cfcc374bc832562aaf5a0d8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 162

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 4C5B 177 B
434 B 591ms
17ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=69538623924

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

683dd22ae63369605f71e2622a7112358f0773e0c0cda97e1178923db1ca03de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 4C4F 177 B
433 B 587ms
17ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=7658762628

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

750e58da77bd4d04018b30ce67d3b42801887fcae2d7b8f54cad58fca3401c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 162

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8611
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=0&topUrl=www.manhuagui.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=OY4r_nxkc3JPT2lUN0tuUExsSm9KendYK2dDZ204U2UxVzlDVWF3ZGZxdFpsSjEvQWI5VURKSEJCRCtUeGl0VHVPL0FDVVoraFdvVEdraXdFVVVmdmE0c2J1VnBzaXI3TStEM1pCQmowdEZyQ2pvU0xmRHVRMzJWVmJDdG...

422 B
652 B

88ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OY4r_nxkc3JPT2lUN0tuUExsSm9KendYK2dDZ204U2UxVzlDVWF3ZGZxdFpsSjEvQWI5VURKSEJCRCtUeGl0VHVPL0FDVVoraFdvVEdraXdFVVVmdmE0c2J1VnBzaXI3TStEM1pCQmowdEZyQ2pvU0xmRHVRMzJWVmJDdGRUV2VpRE1DR2NPQTltSW1BYlhGMFJYUzJydDA3amtJV2s3Z3RVVUJzUS9QN00xTnVCeFViTzBxYXFnVWN2SnV0c3V6NktjcFRVWldkV1R0cDRWNExkdXJxbmlrVjREQkxZdVQycEhTN3lRNWFVOG1iaVhJNGxHOGhMcldNaDlsSjBkZ2R5ZnFSODQ3VjRpY3hFdUwyTXcxaUFOYVduQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

18efdf012dece794bbf103d636188d8cc0e11e672259b41ce42d72ff82a347a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3377661
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=OY4r_nxkc3JPT2lUN0tuUExsSm9KendYK2dDZ204U2UxVzlDVWF3ZGZxdFpsSjEvQWI5VURKSEJCRCtUeGl0VHVPL0FDVVoraFdvVEdraXdFVVVmdmE0c2J1VnBzaXI3TStEM1pCQmowdEZyQ2pvU0xmRHVRMzJWVmJDdGRUV2VpRE1DR2NPQTltSW1BYlhGMFJYUzJydDA3amtJV2s3Z3RVVUJzUS9QN00xTnVCeFViTzBxYXFnVWN2SnV0c3V6NktjcFRVWldkV1R0cDRWNExkdXJxbmlrVjREQkxZdVQycEhTN3lRNWFVOG1iaVhJNGxHOGhMcldNaDlsSjBkZ2R5ZnFSODQ3VjRpY3hFdUwyTXcxaUFOYVduQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 550876
content-length: 0
expires: 0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4C5B 5 KB
3 KB 199ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:39 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4C4F 5 KB
3 KB 199ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:39 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame F800 5 KB
3 KB 199ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:39 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 706A 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 1045501
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CD3E 15 KB
6 KB 19ms
19ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 2377454
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
635 B 13ms
12ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4941
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kDE%2F3CcttxcZAYdRDIJx6p%2F3vg6EnY1IZZ1GtU9gXyTUxxzdyNo%2B3Xm9MPmtCAysMMQ7%2BGzB4QWDR2jl7C%2BfNuDYeimORuP08zc%2FFTm3ryrYTcUliSNfLJgG8bOkwX98icioNimoLL6%2BqG5Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79e677f2ca223688-FRA

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 378 B
1014 B 433ms
121ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.manhuagui.com&u=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&adid=ad-D2332A2E477B9D721D3AD3B2EAA44B7E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6761113205441613&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Sykesville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 391d878b38b9e37726f0cadbdfbc3e0a6c4b58437668a81af3ba8797c68c70d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
x-width: 728
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.manhuagui.com
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 378

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 412 B
1 KB 439ms
121ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.manhuagui.com&u=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&adid=ad-47BB7E7D67EAA8380E87A7A33ADDB286&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.0204423837833545&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Sykesville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 301778cadbb06eebdb2cdee06b83730a861a73fd659f6d61142bfecc2472966a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
x-width: 300
x-height: 250
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.manhuagui.com
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 412

GET
H2

200

sid Show response
mug.criteo.com/ Frame 706A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=3&topUrl=www.manhuagui.com&bundle=VUvIY19SNFhLb1FET0VOdm85V0lvMk9uVlJlRldEMjhsbkpKaHlWMkNMVGJ3WmdsY253...
https://mug.criteo.com/sid?cpp=9-lOeHxQZGNlcHJSOEJ5bzhFK0R4azF5ZTZCWFZRc0NEZWRWMURaREJHb2pxQVBhdDJGYkJxamNsT2FCWjVTWmJQWmwydk53cWNOSDU5WnJCV0pUY3phZzl5R2o5ZEpZTkhwZ1Y2TkIrcWVvQnZaSDBTTStZVVlEMUZDa3...

427 B
647 B

18ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9-lOeHxQZGNlcHJSOEJ5bzhFK0R4azF5ZTZCWFZRc0NEZWRWMURaREJHb2pxQVBhdDJGYkJxamNsT2FCWjVTWmJQWmwydk53cWNOSDU5WnJCV0pUY3phZzl5R2o5ZEpZTkhwZ1Y2TkIrcWVvQnZaSDBTTStZVVlEMUZDa3VqeFZ5ZEFTMmtwUkdRdmd4NlhnRjhQMlhmMk1qY0lOcERpMEZkL1E3d3BDS2pkeDQvQytLZndtbCtuQXpIWldPbHVHRWx4NjFVOS9UcXFnUGZjT0lveWlBVGltc2QrcFgzZW95YUNSNzg2QnpFam1BeEQvUWRhQ2hUS2swMUdDV2xEekFEaVY2eCs4cXpHNzhvay9TY1dkSVRoQ2FUWkVkUG1xTzBabnJGSkJIUEVPZGd3UT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fc96fdc422e2b8a3fb5391083711f24541fdc36248fb5f6404093092259d225f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1830791
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=9-lOeHxQZGNlcHJSOEJ5bzhFK0R4azF5ZTZCWFZRc0NEZWRWMURaREJHb2pxQVBhdDJGYkJxamNsT2FCWjVTWmJQWmwydk53cWNOSDU5WnJCV0pUY3phZzl5R2o5ZEpZTkhwZ1Y2TkIrcWVvQnZaSDBTTStZVVlEMUZDa3VqeFZ5ZEFTMmtwUkdRdmd4NlhnRjhQMlhmMk1qY0lOcERpMEZkL1E3d3BDS2pkeDQvQytLZndtbCtuQXpIWldPbHVHRWx4NjFVOS9UcXFnUGZjT0lveWlBVGltc2QrcFgzZW95YUNSNzg2QnpFam1BeEQvUWRhQ2hUS2swMUdDV2xEekFEaVY2eCs4cXpHNzhvay9TY1dkSVRoQ2FUWkVkUG1xTzBabnJGSkJIUEVPZGd3UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 353053
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame CD3E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=3&topUrl=www.manhuagui.com&bundle=VUvIY19SNFhLb1FET0VOdm85V0lvMk9uVlJlRldEMjhsbkpKaHlWMkNMVGJ3WmdsY253...
https://mug.criteo.com/sid?cpp=2doY73xuNTZ2TGpzdHp6WG9IOWxEaWV6V2F0OHloQVkyWUowbEFuTnBWMTFyQ2xUZkZSejhXQjh6aHpITVVwZm5DaXV2amNNNnlQSUpNMFE4QlY5RGJzVXk1S0RyOWZCMnFDUmtwSEE4eHJkUFgrWklrK0RWb1NvVzY1ND...

436 B
672 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2doY73xuNTZ2TGpzdHp6WG9IOWxEaWV6V2F0OHloQVkyWUowbEFuTnBWMTFyQ2xUZkZSejhXQjh6aHpITVVwZm5DaXV2amNNNnlQSUpNMFE4QlY5RGJzVXk1S0RyOWZCMnFDUmtwSEE4eHJkUFgrWklrK0RWb1NvVzY1NDFvbWV0NTZpNE5PODBYRkZ4encvWFlMWU50ZjNOQStEZWtxVWFuZHVnakU4My9rM3hKWlVhVEJOeE5rbWdHaUE4S0N6NEsvR2VyZW55WlA4TkJyVldYeENPdU1RUit3cFVSaEc3ejl3dzhuSlBWTk80UkRlUERnT1BSM2Npc2hwendUQ0pwRjlQWkl5V01BaE9tVHlmdzc1UmRPaGtZUmUvWkNjK0xzT1Jsemd1ekxqT2RNMD18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7ff0e4d9612eafcc42290e47e1d647839327c813747502ba22d11ae192d673c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 943229
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=2doY73xuNTZ2TGpzdHp6WG9IOWxEaWV6V2F0OHloQVkyWUowbEFuTnBWMTFyQ2xUZkZSejhXQjh6aHpITVVwZm5DaXV2amNNNnlQSUpNMFE4QlY5RGJzVXk1S0RyOWZCMnFDUmtwSEE4eHJkUFgrWklrK0RWb1NvVzY1NDFvbWV0NTZpNE5PODBYRkZ4encvWFlMWU50ZjNOQStEZWtxVWFuZHVnakU4My9rM3hKWlVhVEJOeE5rbWdHaUE4S0N6NEsvR2VyZW55WlA4TkJyVldYeENPdU1RUit3cFVSaEc3ejl3dzhuSlBWTk80UkRlUERnT1BSM2Npc2hwendUQ0pwRjlQWkl5V01BaE9tVHlmdzc1UmRPaGtZUmUvWkNjK0xzT1Jsemd1ekxqT2RNMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 398078
content-length: 0
expires: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4C5B 36 B
408 B 202ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4C4F 36 B
408 B 203ms
202ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame F800 36 B
408 B 201ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 4C5B 30 B
278 B 219ms
217ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ Frame F800 0
218 B 14ms
14ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 4C5B 0
218 B 15ms
15ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 4C4F 0
218 B 15ms
15ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame E8E8 1 KB
2 KB 1751ms
298ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=ikanman_s1&device=pc&n=3&position=promo2&fhash=aWthbm1hbl9zMQ%3D%3D&size=728x90&slot=728x90&cate=&q=&host=www.manhuagui.com&is_tw=0&country=de
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 92e3a7cda19a1b46b911991074f44b875f4f08d108a291a536866cdb5957dc43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:41 GMT
content-encoding: gzip
Server: nginx
Transfer-Encoding: chunked
access-control-allow-methods: *
Content-Type: application/json
access-control-allow-origin: https://www.manhuagui.com
vary: Accept-Encoding
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 native.html Show response
www.lookit.tw/ Frame E7A8 441 B
517 B 1219ms
478ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lookit.tw/native.html?s=728x90IK
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79e677fa5ede9950-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 07:25:41 GMT
last-modified: Fri, 25 Nov 2022 05:28:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJqa%2BY1En1IfIR0w9eaSNtmTSjtZcHd9pwXS1ZDJYcx1BOvqE9rt85ZT5KXS5%2Bh0pJ1ABgg8G5rek6DcOu6hzzLL1GQ9q1THfYkFIFVcQ6VMSINF8KL2byZs%2F3tMwrfMkNsGXVn3mGmfkNES"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame F274 6 KB
7 KB 9ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 24 Feb 2023 07:25:26 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 15
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: Tkuy1vG6MDH8LD7wmRm8k98m7PI7Nw1GuhDzF61IeaOsU0oRH_42kw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 1213 5 KB
5 KB 13ms
12ms Document
text/html 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39
content-length: 4730
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id: W0E0mLAWUQ6H_S0jD4QR2Rz2g0HWKqqBZC573LsTHCu_ioSQ-qIPlw==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame F274 662 B
1003 B 12ms
11ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:39 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: nxq4m9TkFk2qKGXUsndHPn2ceXlV1_oJj35igAaCu6GhwS6QmMnPlg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 3A5D 10 KB
10 KB 11ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42a448690be6fb8430ed2bcd08d2416aff5f8ea37b42596876720a3e897f834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Uyf2KYMzk1YWRVX6kbmCIKxL9eKypOGT
date: Fri, 24 Feb 2023 07:25:14 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Mon, 20 Feb 2023 17:18:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 27
x-amz-server-side-encryption: AES256
etag: "2afe2e770b3f11a426c81cf18a204c03"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9728
x-amz-cf-id: eVlOytk6OZye70puuPspxuZyoF_GcLVs1gyeQHjnHquVxC_hwdvv6w==

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 5EAA 332 B
417 B 6113ms
6110ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 07:25:46 GMT
referrer-policy: no-referrer

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1213 5 KB
3 KB 201ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:40 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame 1213 0
15 B 615ms
612ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 1213
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1

0
480 B

994ms
931ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
x-guploader-uploadid: ADPycdsAEv6axTGr5Jk8N7iGuLswPQuRdk2693Rk9oRQhyysHw6641nMBXvqdb2JvprjpfOz_hlp2qGdGbsmyNdOqSVC9RPNLdkH
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Fri, 24 Feb 2023 08:25:41 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 378 B
1 KB 290ms
106ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.manhuagui.com&u=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&adid=ad-D2332A2E477B9D721D3AD3B2EAA44B7E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.11824813076135232&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Sykesville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 391d878b38b9e37726f0cadbdfbc3e0a6c4b58437668a81af3ba8797c68c70d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
x-width: 728
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.manhuagui.com
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-sspid: b8790e1e-04b3-313c-babc-bd522c37979c
x-adtype: html
connection: close
content-length: 378

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 3A5D 1 KB
775 B 262ms
262ms Script
text/html 2600:9000:221e:2c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12673
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221e:2c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 76000ec0c9d4551dc0917e8667950f2937e208febe114c7f1c0f7c2c7b72718b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:18:44 GMT
content-encoding: gzip
via: 1.1 05c379f9f2e24444b729aa2b8e4ab6d2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: KIX50-P2
age: 416
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.manhuagui.com
access-control-allow-credentials: true
x-amz-cf-id: 6hsbl1DchOjs3frlpwf0zpVH-5WQkkU56AkbXvK-v5XB5ugLwkwUeg==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 4C4F 10 KB
10 KB 11ms
11ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13904&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=16&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:03 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: YuwNsnWSDBpaRFpJdHKvH3b4vAGKssm7bERNB-zWB3gpxsvy5RqPXQ==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame F800 10 KB
10 KB 13ms
13ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13904&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=670&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:03 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: YXcgVKhrrjwms_hMecu4rsEH4AnLjAAuFnlseEXBThdHRhyWE_ok7A==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 4C5B 10 KB
10 KB 10ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13904&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=293&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:03 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: OCLbwPgnCLVdyVt9MAaeW-hvvsW6Pj7lMeKILENaPEPcZ44KrfF1cA==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1213 36 B
408 B 201ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 3A5D 2 KB
1018 B 299ms
298ms Script
text/html 54.95.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12673&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=776&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.227.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-227-57.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c8bbe71674bbe9a8540da5d814f3dab83f3a53752b1df4cc0f7f65d0e231c3ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 3A5D 3 KB
3 KB 9ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 49
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: hCjLHFnvAPKE-HfESOBPhDprYGbOzH-XfZHDXdIdrJPNH0Wrwl6nHA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 3A5D 121 KB
40 KB 23ms
22ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-1e297"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 07:25:40 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 3A5D 2 KB
3 KB 10ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 49
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: K9UISMjQZ5NCgxk47ed4xx1xDx9yTwH3mVvJ_T-EnHo89VKQ8NYnag==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 3A5D 3 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 49
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: B4skWYIIIttHFbZR4AEUk4WD4AJ8bpVHLVM5-R82gE0WPdK4Wg3KaQ==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 3A5D 6 KB
7 KB 12ms
11ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: o3X55aG5OwZCz1F3QGjbzdMpMvL838lG
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 06:01:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 49
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: uhqn3FYOPXg-odmfP7n5H6dZ4pRdayydnB07y3VENbedJOntURlYgw==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3A5D 0
179 B 159ms
159ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.manhuagui.com
date: Fri, 24 Feb 2023 07:25:40 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 3A5D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

271ms
270ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:40 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 3A5D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

285ms
284ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:40 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 native.html Show response
www.lookit.tw/ Frame 15AD 441 B
732 B 850ms
476ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lookit.tw/native.html?s=728x90IK
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79e677fa5ee19950-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 07:25:41 GMT
last-modified: Fri, 25 Nov 2022 05:28:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5nkKkpGmonNGMJB2HfRwj0XdnUv23T6SXJSbHbTU6JSvRCyIaQpTMmo5w%2FWhiXThOG2KGF1UrKAULwRcW2f3eHRIBZbMUq6OdCbPFxNhrIGf9M3hdXwC4c9BtZxaSChjQtFHcDRS37kDowX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 192E 15 KB
6 KB 20ms
19ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 1786140
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3A5D 177 B
434 B 18ms
17ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&bundle=GMkS319SNFhLb1FET0VOdm85V0lvMk9uVlJXSEMybmNDVDN2SU5aUEtTcGR2VlAzZTdDeCUyQkMlMkJlMFhBUTBaOWpmcUlpaGx5YSUyRiUyQkhpdUJZRlVEaiUyQnpab0JkWDZjSEkwOW90JTJGdHNxQ1dROXRtZHlob2VteHhiWmRkOTVxZEc1T1hPRnJLbFBBM1V4V21QQ3VEdm9oJTJCN01pWDF5USUzRCUzRA&cb=62636358641

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0e80702d4f20af4ff614e5900743194e27da08c242ae42196791c8c8ac8ab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

POST
H2 204 events
bidder.criteo.com/csm/ Frame 3A5D 0
218 B 15ms
15ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.manhuagui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.manhuagui.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2

200

sid Show response
mug.criteo.com/ Frame 192E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=manhuagui.com&sn=ChromeSyncframe&so=3&topUrl=www.manhuagui.com&bundle=GMkS319SNFhLb1FET0VOdm85V0lvMk9uVlJXSEMybmNDVDN2SU5aUEtTcGR2VlAzZTdD...
https://mug.criteo.com/sid?cpp=wZUqJHxMM2RxRDNDRkcyYnh3dWJXMzhLQjJZRjE3ZjJxRWkvRXVPVVJxL0s2RWM2Y1ZqZ3RzQTlRbDVCM3R2eXVVaTl2SVBKV1F2ZDBEV0c4RGEybFA1dzJrSHJheFBJb3VmYktkTU56bGhhWUhwQ3hDK1U4VTRFS2crSE...

415 B
644 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wZUqJHxMM2RxRDNDRkcyYnh3dWJXMzhLQjJZRjE3ZjJxRWkvRXVPVVJxL0s2RWM2Y1ZqZ3RzQTlRbDVCM3R2eXVVaTl2SVBKV1F2ZDBEV0c4RGEybFA1dzJrSHJheFBJb3VmYktkTU56bGhhWUhwQ3hDK1U4VTRFS2crSE5Fd2NjT3dEL1UwUzZOL3RvSXpNck45c2I3blJyeVBUQ21nanlvMklVVDRVM0M2TTdTWUE1aVIva1grbUJSUmRKTGxBUktsc3RWNHpIbjhLWStHRzFsNlprc0dtMGJTTmRjbWNtRUdnWTlXSndIVTlrQm5WTkNnUkJDMTdISUhZMWtWMkpwR2xPVkNjeVkzUXU4ekdKejROd0JGb2hiSHVhSVA1Y1ZSOHFwdUJZRlNsV0xZaz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a09e2a1f24beb22144faf2198a5aff52cb1cf42fc52b606a395162126a7020d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1468845
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wZUqJHxMM2RxRDNDRkcyYnh3dWJXMzhLQjJZRjE3ZjJxRWkvRXVPVVJxL0s2RWM2Y1ZqZ3RzQTlRbDVCM3R2eXVVaTl2SVBKV1F2ZDBEV0c4RGEybFA1dzJrSHJheFBJb3VmYktkTU56bGhhWUhwQ3hDK1U4VTRFS2crSE5Fd2NjT3dEL1UwUzZOL3RvSXpNck45c2I3blJyeVBUQ21nanlvMklVVDRVM0M2TTdTWUE1aVIva1grbUJSUmRKTGxBUktsc3RWNHpIbjhLWStHRzFsNlprc0dtMGJTTmRjbWNtRUdnWTlXSndIVTlrQm5WTkNnUkJDMTdISUhZMWtWMkpwR2xPVkNjeVkzUXU4ekdKejROd0JGb2hiSHVhSVA1Y1ZSOHFwdUJZRlNsV0xZaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 323015
content-length: 0
expires: 0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 1213 30 B
278 B 201ms
201ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 3A5D 5 KB
3 KB 200ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:40 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 3A5D 10 KB
10 KB 9ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12673&rf=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&n=776&o=1&d=1&b=2&ts=1&ii=2&FPCK=4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel&initver=230221P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:03 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 48
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: HZOJbPXrUvFAox2ubhoDM9aHV73sst2UC_uC6FKNJWAzebFCnNyYQA==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 3A5D 36 B
408 B 202ms
202ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.manhuagui.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 1213 0
194 B 205ms
204ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&mp=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:40 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net/ Frame 1213 0
79 B 694ms
205ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net/pixel?bd=dfd0798d-c8a9-4915-8056-b110df132dc6&t=cf&referrer=https%3A%2F%2Fmanhuagui.com

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ Frame D880 78 KB
16 KB 1970ms
263ms Script
text/javascript 13.113.89.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.89.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-89-39.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 23f0b5c088a9b70ea13dffacf91f505915c1742ebd6b93364ee220bca14de313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ Frame 847C 76 KB
16 KB 2213ms
523ms Script
text/javascript 13.113.89.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.89.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-89-39.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7b4feca9662c11539e45ab3cc082f0e12c7111f105b54758b91f56f9202718e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ Frame FD24 76 KB
16 KB 2459ms
777ms Script
text/javascript 13.113.89.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.89.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-89-39.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a63d03ced4a1478e3e5c09f2011aaeaab82ee2f0faa68f08379bf37632cc8ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 lookit_passback_aod.js Show response
ad.adondemand.com/native/ Frame 15AD 48 KB
16 KB 272ms
25ms Script
application/javascript 35.186.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.204.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.204.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: cd874e2a62ceb9c887d06cf839f7f194c306cb4b59bf23f311102adbdde42ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:49:43 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 16 Jan 2023 06:07:50 GMT
server: nginx/1.12.1 (Ubuntu)
age: 59758
etag: W/"63c4e9b6-c1ac"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15911
expires: Fri, 24 Feb 2023 14:49:43 GMT

GET
H2 200 lookit_passback_aod.js Show response
ad.adondemand.com/native/ Frame E7A8 48 KB
16 KB 261ms
26ms Script
application/javascript 35.186.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.204.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.204.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: cd874e2a62ceb9c887d06cf839f7f194c306cb4b59bf23f311102adbdde42ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:49:43 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 16 Jan 2023 06:07:50 GMT
server: nginx/1.12.1 (Ubuntu)
age: 59758
etag: W/"63c4e9b6-c1ac"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15911
expires: Fri, 24 Feb 2023 14:49:43 GMT

GET
H2 200 native.html Show response
www.lookit.tw/ Frame 4105 441 B
517 B 248ms
247ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lookit.tw/native.html?s=300x250IK
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79e677fe9c359950-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 07:25:41 GMT
last-modified: Fri, 25 Nov 2022 05:28:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KURbj8gTopS%2BV2Y75nygN6KgC6K8euvD6u4rfmLqvXtJsrkJ1Zmpf5auWp%2BpUDIsSB6esXR55D4vUONOu4KsLgygotvO3%2FOX%2B1nZH0hA3ts54i1BjuFCB9Q42P2QaIRgU5miprAM9KYgYZPr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H3 200 logo-image_1.png
media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/ Frame 8BE6 2 KB
2 KB 20ms
20ms Image
image/png 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/logo-image_1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bfee844c201bc7cc02e4041b7c78840817491179f2ba5ba988350eae6b1f922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 04:55:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2355
etag: "63ef08ca-73d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKd0HtS%2FUjYMGfPyUrs5JxKCCO3ZTPcOmCkjgbgf1hGYI9PB8ws9%2ByIf4b77UKEWjamOGYRY7hdPcnGuVnYyiLKPrkHXVQ9Zg3cVWAThiN0QCL9jQEycBTuJFh9raPnJkJcpgbnVX0D0Hu5wFB8J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79e677fe4c6f6921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1853

GET
H3 200 product-image_2.png
media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/ Frame 8BE6 144 KB
145 KB 22ms
21ms Image
image/png 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/product-image_2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90793c1baf99401b1035128354e80db56006f9140d9a20c53fdce8eb47f6e493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 05:19:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2355
etag: "63ef0e74-240f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23i2cktb1l0vWdAHRoEnp1q%2BgC0bWC0I7qJygMFfqZB1vw5sygxp0zOfjZFwWUwlxDqCSmWxuuj5CFvM9M5Dp3UukyD9UwEx4FEL2ilEsOOIyKAXEMrnXYNtKCBv4HHsy8nNyswRsytjGU7c07jw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79e677fe4c706921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147698

GET
DATA 200
OK truncated
/ Frame 8BE6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 logo-image_1.png
media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/ Frame 8BE6 2 KB
2 KB 32ms
31ms Image
image/png 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/logo-image_1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bfee844c201bc7cc02e4041b7c78840817491179f2ba5ba988350eae6b1f922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 04:55:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2355
etag: "63ef08ca-73d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNTP8DZMgv%2FEhM2%2Fjqn0Bf%2BlyB10BBj6bvMFAoCiQ7cKVd67zcn9C8%2BZrBNt9g1H5JpnsdCyrRF1VBQpXtF2Mv4yaaAoCd0VD0GiXRMLjRUoOl3ep4KKxnLGF5suntK%2Bt0KKM0s%2FUVXktIn4qUW5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79e677fe7caa6921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1853

GET
H3 200 product-image_2.png
media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/ Frame 8BE6 144 KB
145 KB 22ms
22ms Image
image/png 2606:4700:e6::ac40:c81a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/product-image_2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c81a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90793c1baf99401b1035128354e80db56006f9140d9a20c53fdce8eb47f6e493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.bmcdn5.com/html5/a5724dd0-aec7-11ed-8147-4d47d780614cd4909213-0c2c-4fcf-afbd-27cae3bf942063ea4b741c3540e818e3bc7b/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 05:19:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2355
etag: "63ef0e74-240f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ6QwuwircvwmTjunpVCvogPRis2PZIu6JmGxq1hIFa%2BhjI2MQFL5Z1PMUUXA9wVpUBxoILq%2FCBLe2l9Co8%2F0hzF1sgcYHAyZjRVLKP0C5vfINzPeQ2UbVGDASWBy99TTda9xcCNAdMP6z%2FhdXYS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79e677febcfb6921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147698

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 15AD 80 KB
30 KB 130ms
33ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9QR91C5M5P0BJESQ
age: 325
x-amz-server-side-encryption: AES256
x-amz-id-2: rSTfuNaTm8vBg5BfGz7YF25TFGMZuHeI2sMsuDv/tAakA5v/pTgTKLYS2IPbT9AlOYXpI34iqXs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame E7A8 80 KB
30 KB 176ms
90ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9QR91C5M5P0BJESQ
age: 325
x-amz-server-side-encryption: AES256
x-amz-id-2: rSTfuNaTm8vBg5BfGz7YF25TFGMZuHeI2sMsuDv/tAakA5v/pTgTKLYS2IPbT9AlOYXpI34iqXs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 lookit_passback_aod.js Show response
ad.adondemand.com/native/ Frame 4105 48 KB
16 KB 16ms
15ms Script
application/javascript 35.186.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=300x250IK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.204.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.204.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: cd874e2a62ceb9c887d06cf839f7f194c306cb4b59bf23f311102adbdde42ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:49:43 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 16 Jan 2023 06:07:50 GMT
server: nginx/1.12.1 (Ubuntu)
age: 59758
etag: W/"63c4e9b6-c1ac"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15911
expires: Fri, 24 Feb 2023 14:49:43 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 15AD 286 B
352 B 273ms
52ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=fcc3db94-3c77-4be4-9f3e-4f4a26cf0b9c&apiKey=29FX8D8X7XBJRGJT8Q42&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fgo.360.com%2Fnews%2Fpalmatetest.html&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

00e403e6066333be598299c21ca80f7723b70f47571dcc8a867db59a3082b902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 24 Feb 2023 07:25:41 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: cf8a1ed5-3c37-451b-aedf-791fc1b41241

GET
H2 200 b
geo.yahoo.com/ Frame 15AD 43 B
97 B 216ms
45ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 4105 80 KB
30 KB 33ms
32ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9QR91C5M5P0BJESQ
age: 325
x-amz-server-side-encryption: AES256
x-amz-id-2: rSTfuNaTm8vBg5BfGz7YF25TFGMZuHeI2sMsuDv/tAakA5v/pTgTKLYS2IPbT9AlOYXpI34iqXs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 b
geo.yahoo.com/ Frame E7A8 43 B
73 B 198ms
43ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame E7A8 286 B
361 B 309ms
104ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

00e403e6066333be598299c21ca80f7723b70f47571dcc8a867db59a3082b902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 24 Feb 2023 07:25:41 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: dfae2ca0-560a-4905-a745-52f423f002bf

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 2EEA 70 KB
5 KB 66ms
21ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2452790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jBbv5l%2BGsrpr0hS4hJd3ITNL2KmTYvwSFcVsAm1uZHpwJqUKY7vY9nDMyw%2BVp7qZHwvm87bUj2vqOtqKf7GCcAy22uQt43iRG3cttOJujUB8WCgdxrZITmRcyyhN7V2180w%2FjitQkQbqzFxA85pw%2Bj8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79e67800ecf891dd-FRA
expires: Wed, 14 Feb 2024 07:25:41 GMT

GET
H3 200 ysm_ikanman.js Show response
ad.sitemaji.com/ Frame 2EEA 204 KB
90 KB 16ms
15ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_ikanman.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: dd71a955bcd2d39f8d0ce170b828831a5398b4d38a06f4b0eeeb5f51a767fcd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:55:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 14 Feb 2023 03:47:43 GMT
server: nginx/1.12.1 (Ubuntu)
age: 30632
etag: W/"63eb045f-32f09"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92515
expires: Fri, 24 Feb 2023 22:55:09 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame 2EEA 6 KB
2 KB 18ms
17ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9edd15a2f73a751203b9ebc3c8f6eba5495d81394a764370b04786678876916b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 07:29:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 10 Nov 2022 06:42:40 GMT
server: nginx/1.12.1 (Ubuntu)
age: 86184
etag: W/"636c9d60-16f0"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
expires: Fri, 24 Feb 2023 07:29:17 GMT

GET
H/1.1 200
OK 1k7CR4FD9_0YObxwqSuNkn2vxPsy_P1RgFe9XbcmWJKN7BNDmiSEMqOFZSB3_566zcihUhaXFX3TuFOkwMaccakItve9fCHpP6xRJqN3xH64AQDZYlr04CTJwyKOkPwM1dC1a4wBQJNKvnmAVRUW3Rl1uS-t2IMt3eW-AvVINaySPqJEMig6i9PaWzY2cYpcRa31N...
fsa-api.feebee.com.tw/maji/v2/view/ Frame E8E8 842 B
1006 B 292ms
290ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.com.tw/maji/v2/view/1k7CR4FD9_0YObxwqSuNkn2vxPsy_P1RgFe9XbcmWJKN7BNDmiSEMqOFZSB3_566zcihUhaXFX3TuFOkwMaccakItve9fCHpP6xRJqN3xH64AQDZYlr04CTJwyKOkPwM1dC1a4wBQJNKvnmAVRUW3Rl1uS-t2IMt3eW-AvVINaySPqJEMig6i9PaWzY2cYpcRa31N9dQ3kvshLK28KTvORqBzznmI9Jr2RXCkvrcfCoeDKza9RoAQvvy70nEzG5s8gK8BQAKQ9mKPBoEJP3ktVqu9Vn3qiWioDWPs0GKGB-orY.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:42 GMT
Server: nginx
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 842
Content-Type: image/gif

GET
H2 200 /
logs.sitemaji.com/ Frame E8E8 35 B
237 B 267ms
265ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__none_from_ikanman_s1_FSA___728x90__728x90_kwtype-undefined_status-nofill&pv=1&rnd=3716

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H2 200 b
geo.yahoo.com/ Frame 4105 43 B
446 B 169ms
42ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 4105 290 B
624 B 228ms
51ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=30ad86ae-d487-411d-bac2-01640fd0b706&apiKey=29FX8D8X7XBJRGJT8Q42&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fgo.360.com%2Fnews%2Fpalmatetest.html&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

5f8d384bdf63ca942acd96a1decb58e9166acde56d9b878e415826444ecff3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 24 Feb 2023 07:25:42 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 2ebe55e9-16f0-49c3-ba5d-56a2dd70420a

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 4105
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

44 KB
45 KB

12ms
12ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=300x250IK
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12736
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45472
last-modified: Wed, 21 Dec 2022 06:26:38 GMT
server: cloudflare
etag: "63a2a71e-b1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wh10c5KVoAAiyFriCJHZIJltIvX56pfZRvGzsnlVO5Y%2BGS6ttNg7lRIbtPTF83BwYZlAxErooBjj3epFcyxTiNeyazpafkDAIsQIoV7I95dnCbjLpHT4S2Cxl%2FCTspFF1vLsaqmALWZwD6aprQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79e67803ffcc377b-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame C9FB 6 KB
7 KB 8ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 24 Feb 2023 07:25:26 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 17
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: LVfDP9W66kpXhtzrBtwTrtQNLJmuQWpzYXD3Ve8ZgYK2Ou17T0_6gA==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 4439 5 KB
5 KB 11ms
10ms Document
text/html 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://www.lookit.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41
content-length: 4730
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id: OJtwt6vmWq2jWJBVPtHa0cQBabiHMJiag90fLb45TT8IOXki4hxw2w==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame C9FB 662 B
1004 B 9ms
7ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:39 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: EgVXL781TkwiBCOwGU6oxXL_DTR8YQHOai98bxLiUYDeKtcTCuZ8QQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame E976 10 KB
10 KB 9ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42a448690be6fb8430ed2bcd08d2416aff5f8ea37b42596876720a3e897f834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Uyf2KYMzk1YWRVX6kbmCIKxL9eKypOGT
date: Fri, 24 Feb 2023 07:25:14 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Mon, 20 Feb 2023 17:18:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 29
x-amz-server-side-encryption: AES256
etag: "2afe2e770b3f11a426c81cf18a204c03"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9728
x-amz-cf-id: SnwN-C_WABqadZDWCviPI4wclqdAH63O7p99yEhnZvEqVq3R7tDZBA==

GET
H3 200 cm.php Show response
fcm.holmesmind.com/ Frame 46EF 95 B
103 B 3114ms
3110ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 07:25:45 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4439 5 KB
3 KB 202ms
198ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:42 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame 4439 0
13 B 127ms
123ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 4439
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1

0
55 B

15ms
15ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
age: 1
x-guploader-uploadid: ADPycdsAEv6axTGr5Jk8N7iGuLswPQuRdk2693Rk9oRQhyysHw6641nMBXvqdb2JvprjpfOz_hlp2qGdGbsmyNdOqSVC9RPNLdkH
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Fri, 24 Feb 2023 08:25:41 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame E976 545 B
651 B 271ms
270ms Script
text/html 2600:9000:221e:2c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12676
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221e:2c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c3cd6bf39b83b23baa7352ebe70739dfff1f3687deb5e83f940dfabb49db32e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:22:53 GMT
content-encoding: gzip
via: 1.1 05c379f9f2e24444b729aa2b8e4ab6d2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: KIX50-P2
age: 169
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
x-amz-cf-id: 3Z_qxdLQkw9GTcAjxSwyop1fO5vuUAo0vRErh5PEYUoWpDfqqvJvQQ==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 8946 6 KB
7 KB 8ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date: Fri, 24 Feb 2023 07:25:26 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 17
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: oNpZw3ER52lFXg8SDRUJL86h0XgW8J1Crf5Z-zZgIRioWGzBFvk4pw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 6D55 5 KB
5 KB 9ms
9ms Document
text/html 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://www.lookit.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41
content-length: 4730
content-type: text/html
date: Fri, 24 Feb 2023 07:25:38 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id: jHYjXHVi0yxF2gJM-fgYLNDoQ9fMRZjURmEgRRiGeo98qqzvE_vPNA==
x-amz-cf-pop: FRA60-P2
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 8946 662 B
1003 B 8ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:39 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: ijvVpsvj5UY470lMtT0t1M_qZDlQLiSVX5TtQz30aad5YFwZ-_k-Pw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 19B6 10 KB
10 KB 9ms
9ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42a448690be6fb8430ed2bcd08d2416aff5f8ea37b42596876720a3e897f834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Uyf2KYMzk1YWRVX6kbmCIKxL9eKypOGT
date: Fri, 24 Feb 2023 07:25:14 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Mon, 20 Feb 2023 17:18:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 29
x-amz-server-side-encryption: AES256
etag: "2afe2e770b3f11a426c81cf18a204c03"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9728
x-amz-cf-id: Y_QWVctcQvjJM-2zhs6EgZeP3BixCTD5Z2uEC4ashPeXfqDnr__t0w==

GET
H3 200 cm
c.holmesmind.com/ Frame 6D55 0
13 B 118ms
118ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET cm.php
fcm.holmesmind.com/ Frame 9269 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 6D55 5 KB
3 KB 200ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:42 GMT

GET
H3

200

google
m.holmesmind.com/ml/ Frame 6D55
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1

0
24 B

16ms
16ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
age: 1
x-guploader-uploadid: ADPycdsAEv6axTGr5Jk8N7iGuLswPQuRdk2693Rk9oRQhyysHw6641nMBXvqdb2JvprjpfOz_hlp2qGdGbsmyNdOqSVC9RPNLdkH
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Fri, 24 Feb 2023 08:25:41 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&uu_m=undefined&google_gid=CAESEGa-jdjnW2NoZvy9__at7kE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 19B6 545 B
650 B 261ms
261ms Script
text/html 2600:9000:221e:2c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12676
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221e:2c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c3cd6bf39b83b23baa7352ebe70739dfff1f3687deb5e83f940dfabb49db32e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:22:53 GMT
content-encoding: gzip
via: 1.1 05c379f9f2e24444b729aa2b8e4ab6d2.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: KIX50-P2
age: 169
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
x-amz-cf-id: Kg7XomPovkqnc_ZCHua899erRQ4udjg9-6uDVIAaAfXAzNO65veKqA==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4439 36 B
408 B 201ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 4105 975 B
784 B 13ms
12ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12675
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=him7C88BGma%2FQWXyBAlsdG8zkOO3Q56GNTo0P0Q5o3bOLV8ssYeTtuGDNWbsbIcrvb%2B4Su9VFIBgl2AwfRtIYJMWEMAs50seObzrN6W%2Fi8%2FOYPCtTE%2BcOtLDPueCu4BZcK1%2Fsh%2BDuTCW8Wqf2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79e678042817377b-FRA

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 4105 513 B
1 KB 315ms
121ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=www.lookit.tw&u=https%3A%2F%2Fwww.manhuagui.com%2F&adid=ad-BE78E9E34E67E6780AEBB8894B6429A&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.3615489658299911&ao=https%3A%2F%2Fwww.manhuagui.com&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Sykesville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b1547761793a9a6a826497d3b241d08ec43d4359a177e26948f8823c206dccbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
x-width: 300
x-height: 250
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-sspid: b8790e1e-04b3-313c-babc-bd522c37979c
x-adtype: html
connection: close
content-length: 513

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 6D55 36 B
408 B 201ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame E976 2 KB
1 KB 291ms
290ms Script
text/html 54.95.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12676&rf=https%3A%2F%2Fwww.lookit.tw%2Fnative.html%3Fs%3D728x90IK&n=288&o=1&d=1&b=2&ts=1&ii=2&FPCK=1376-c0hFXES0DXOLTiOAbnizNvyLrRu08JEj&initver=230221P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.227.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-227-57.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 383ae10121336424dc871b1717459ae84f6d8d172c21805982722b83ee386453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.lookit.tw
date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame E976 3 KB
3 KB 9ms
7ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 0UwMpfn-kVDsWS4v7qZ7dy3DdjL5hIVqxuGoB--t-viz1gHsjRgLMQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame E976 121 KB
40 KB 31ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-1e297"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 07:25:42 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame E976 2 KB
3 KB 10ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: lg7cXPypaLM445sUg9n7FimiFC0q7i_k6wVlXC-J9jv1gmN7hzzbzg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame E976 3 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: FxcHc_UGzLmIzW2bQJBWgw8UUDJ0nXIbaLEooXUelIS3WLsXbCCYHg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame E976 6 KB
7 KB 12ms
11ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: o3X55aG5OwZCz1F3QGjbzdMpMvL838lG
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 06:01:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: XvK8eRUnET5qfKRrzdSbzJjDUa6TNs2pdp9u5cqyMaQcxu8p_fba6w==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5F270PE29&gtm=45je32m0&_p=776193650&cid=1450408375.1677223537&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1677223537&sct=1&seg=0&dl=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&dt=%E5%8F%8D%E6%B4%BE%E5%A5%B3%E4%B8%BB%E7%9A%84%E6%97%B6%E9%97%B4%E6%B2%99%E6%BC%8F%E7%AC%AC03%E8%AF%9D_%E5%8F%8D%E6%B4%BE%E5%A5%B3%E4%B8%BB%E7%9A%84%E6%97%B6%E9%97%B4%E6%B2%99%E6%BC%8F%E6%BC%AB%E7%94%BB%20-%20%E7%9C%8B%E6%BC%AB%E7%94%BB&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5F270PE29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.manhuagui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame E976 0
175 B 158ms
158ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lookit.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.lookit.tw
date: Fri, 24 Feb 2023 07:25:42 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E976
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

271ms
271ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:42 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E976
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

280ms
280ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:42 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 19B6 2 KB
1 KB 292ms
291ms Script
text/html 54.95.227.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12676&rf=https%3A%2F%2Fwww.lookit.tw%2Fnative.html%3Fs%3D728x90IK&n=291&o=1&d=1&b=2&ts=1&ii=2&FPCK=7431-q00ZbJ6vtnhIjuzRkpq2H9egiMOyBoQp&initver=230221P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.227.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-227-57.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 936b091c61ff5a77a40c9bec531f22e2ce232a497727d7b1022eaedfb5140259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.lookit.tw
date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 19B6 3 KB
3 KB 10ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: un0X4l4VU1NS01tJTS7_3CSZ-a11hChGOgxq7K2S3WqpxcS7T-Ie6Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 19B6 121 KB
40 KB 18ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-1e297"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Feb 2023 07:25:42 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 19B6 2 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: mlYkk8OJEspslKQ5JstxzIY5W42eUxTZsMIF8WMYCQrICFOO4djfAA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 19B6 3 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: BahXt1HJ5YYK03TVJT70MRUKv-hwFIq8UBo30SZWA6R1rrTIM8r8WA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 19B6 6 KB
7 KB 11ms
10ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: o3X55aG5OwZCz1F3QGjbzdMpMvL838lG
date: Fri, 24 Feb 2023 07:25:01 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 06:01:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 51
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: mM4reR5lfO396SsV7NxLqbsV4Ufs0uRba1k0B_Df6UBEoqeey_3kdg==

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 19B6
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

282ms
282ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:42 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 19B6 0
175 B 159ms
158ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lookit.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.lookit.tw
date: Fri, 24 Feb 2023 07:25:42 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 19B6
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

276ms
275ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:42 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 19B6
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw

2 B
20 B

269ms
269ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 24 Feb 2023 07:25:42 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=390HK9tlAJOMEK0GdGb4Yw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame E976 177 B
430 B 19ms
18ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=49852075735

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

23fea8e3dd92fc7af7e4b0346cbf5b864d6da50717f8dc7ee6aae26a5fecac5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.lookit.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 163

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 19B6 177 B
429 B 17ms
17ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=65440806703

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

29e829276fcb7756a3614cf336327db1f7e028e9a9a043ffe31304a8dc98621b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.lookit.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Feb 2023 07:25:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 162

POST
H2 204 events
bidder.criteo.com/csm/ Frame E976 0
214 B 15ms
14ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.lookit.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 19B6 0
214 B 15ms
15ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.lookit.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 4439 30 B
278 B 201ms
201ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame E976 5 KB
3 KB 199ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:42 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 19B6 5 KB
3 KB 199ms
199ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 24 Feb 2023 07:35:42 GMT

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame DEA8 101 KB
11 KB 15ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e20995babc972edbbaa72a67791b07096ddbc140ff2334860cff0c45f2fd942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:37:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 08 Feb 2023 04:45:49 GMT
server: nginx/1.12.1 (Ubuntu)
age: 82071
etag: W/"63e328fd-19402"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11687
expires: Fri, 24 Feb 2023 08:37:51 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame E976 10 KB
10 KB 8ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12676&rf=https%3A%2F%2Fwww.lookit.tw%2Fnative.html%3Fs%3D728x90IK&n=288&o=1&d=1&b=2&ts=1&ii=2&FPCK=1376-c0hFXES0DXOLTiOAbnizNvyLrRu08JEj&initver=230221P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:03 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 50
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: AJ_SqG-E0UQPGs-0WPB6DvcxAxE0CNRZ-wY5T79H0hwhvRwtdNbq4A==

GET
H/1.1 200
OK / Show response
ssl.sitemaji.com/geo/ Frame DEA8 17 B
266 B 314ms
313ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/plain; charset=utf-8
Date: Fri, 24 Feb 2023 07:25:42 GMT
Cache-Control: max-age=86400, public
Server: nginx
Connection: keep-alive
Content-Length: 17
Expires: Sat, 25 Feb 2023 07:25:42 GMT

GET
H2 200 /
logs.sitemaji.com/ Frame DEA8 35 B
237 B 259ms
259ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v1__passback_FSA___300x250__300x250_request&pv=1&rnd=8392

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=300x250IK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 19B6 10 KB
10 KB 9ms
8ms Script
application/javascript 2600:9000:2250:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12676&rf=https%3A%2F%2Fwww.lookit.tw%2Fnative.html%3Fs%3D728x90IK&n=291&o=1&d=1&b=2&ts=1&ii=2&FPCK=7431-q00ZbJ6vtnhIjuzRkpq2H9egiMOyBoQp&initver=230221P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 07:25:03 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 50
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 9WihjvrhFmwa38i7hcAA1mjq4CIwcv2HSbwGBk0tkM5uhrjg3LitOw==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 4439 0
194 B 202ms
202ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&mp=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net/ Frame 4439 0
79 B 199ms
199ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net/pixel?bd=dfd0798d-c8a9-4915-8056-b110df132dc6&t=cf&referrer=https%3A%2F%2Fwww.lookit.tw

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame E976 36 B
405 B 202ms
202ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.lookit.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 19B6 36 B
405 B 201ms
201ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.lookit.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 5F86 101 KB
11 KB 16ms
15ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e20995babc972edbbaa72a67791b07096ddbc140ff2334860cff0c45f2fd942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:37:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 08 Feb 2023 04:45:49 GMT
server: nginx/1.12.1 (Ubuntu)
age: 82071
etag: W/"63e328fd-19402"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11687
expires: Fri, 24 Feb 2023 08:37:51 GMT

GET
H2 200 pixel
dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net/ Frame 6D55 0
79 B 199ms
198ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net/pixel?bd=dfd0798d-c8a9-4915-8056-b110df132dc6&t=cf&referrer=https%3A%2F%2Fwww.lookit.tw

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 6D55 0
194 B 202ms
201ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9&mp=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame D880 633 B
700 B 108ms
19ms Script
text/javascript 2a02:26f0:11a::5f65:1760
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1760 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ Frame D880 0
603 B 521ms
231ms Script
text/plain 108.138.7.64

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4299839&widget_id=40015&auc_id=&callback=_lgy_lift_callback_4299839&url=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&ref=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 07:25:43 GMT
Via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: 5fCnm_1mWxFhaiewYny7liJm-FrkTXU7q-qaYoIWYoGjb5UYxa-Fcg==

GET
DATA 200
OK truncated
/ Frame D880 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame E976 30 B
275 B 201ms
201ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.lookit.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 19B6 30 B
275 B 201ms
201ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dfd0798d-c8a9-4915-8056-b110df132dc6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.lookit.tw
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H/1.1 200
OK campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame DEA8 2 KB
2 KB 299ms
298ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=1&position=promo2&fhash=cGFzc2JhY2s%3D&size=300x250&slot=300x250&cate=&q=&host=www.lookit.tw&is_tw=0&country=de
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: daa08f05292f73773845fd62950085a23f4a250edd0ad14aafc9c8526e2276d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:43 GMT
content-encoding: gzip
Server: nginx
Transfer-Encoding: chunked
access-control-allow-methods: *
Content-Type: application/json
access-control-allow-origin: https://www.lookit.tw
vary: Accept-Encoding
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
DATA 200
OK truncated
/ Frame 847C 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame 847C 633 B
700 B 83ms
18ms Script
text/javascript 2a02:26f0:11a::5f65:1760
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1760 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ Frame 847C 0
603 B 512ms
232ms Script
text/plain 108.138.7.64

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4299839&widget_id=65714&auc_id=&callback=_lgy_lift_callback_4299839&url=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&ref=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 07:25:43 GMT
Via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: AqbWZVuqEW2ABxbxitr1GmpmJ-mLtl1ge96Pm8l-tSHsVRMyyl6jjQ==

GET
H/1.1 200
OK / Show response
ssl.sitemaji.com/geo/ Frame 5F86 17 B
266 B 310ms
310ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/plain; charset=utf-8
Date: Fri, 24 Feb 2023 07:25:43 GMT
Cache-Control: max-age=86400, public
Server: nginx
Connection: keep-alive
Content-Length: 17
Expires: Sat, 25 Feb 2023 07:25:43 GMT

GET
H2 200 /
logs.sitemaji.com/ Frame 5F86 35 B
237 B 262ms
262ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v1__passback_FSA___728x90__728x90_request&pv=1&rnd=3565

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 847C 6 KB
3 KB 18ms
18ms Script
application/javascript 2a02:26f0:11a::5f65:1760
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1760 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding: gzip
Date: Fri, 24 Feb 2023 07:25:43 GMT
Last-Modified: Tue, 13 Sep 2022 05:29:25 GMT
ETag: "484902e01849ef7afab23dd06d623c25"
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2442

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ Frame D880 6 KB
3 KB 18ms
18ms Script
application/javascript 2a02:26f0:11a::5f65:1760
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1760 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding: gzip
Date: Fri, 24 Feb 2023 07:25:43 GMT
Last-Modified: Tue, 13 Sep 2022 05:29:25 GMT
ETag: "484902e01849ef7afab23dd06d623c25"
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2442

GET
H/1.1 200
OK get Show response
audiencedata.im-apps.net/imuid/ Frame 847C 10 B
238 B 505ms
281ms XHR
application/json 2a02:26f0:dc::6853:40a

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01GT150GJ8X0KPKMP97HMPHVNW
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:40a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.manhuagui.com
Date: Fri, 24 Feb 2023 07:25:43 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 10
Content-Type: application/json

GET
DATA 200
OK truncated
/ Frame FD24 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame FD24 633 B
700 B 52ms
52ms Script
text/javascript 2a02:26f0:11a::5f65:1760
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1760 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ Frame FD24 0
603 B 276ms
233ms Script
text/plain 108.138.7.64

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4299839&widget_id=65714&auc_id=&callback=_lgy_lift_callback_4299839&url=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html&ref=https%3A%2F%2Fwww.manhuagui.com%2Fcomic%2F35579%2F488749.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 07:25:43 GMT
Via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: TSk4SLMGOzCk1kxF_mkozIGPkmQZCSUpj2yVSUPWQZzE8sKKOTNysw==

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ Frame FD24 6 KB
3 KB 28ms
28ms Script
application/javascript 2a02:26f0:11a::5f65:1760
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1760 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding: gzip
Date: Fri, 24 Feb 2023 07:25:43 GMT
Last-Modified: Tue, 13 Sep 2022 05:29:25 GMT
ETag: "484902e01849ef7afab23dd06d623c25"
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2442

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame CC61 70 KB
4 KB 20ms
18ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2452792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdE51Xc309sDyoI3EezupCcqiD%2BhA3L5JbXqwVKWc5G7Q8CLNEi9obucpeo%2B4%2Bkajv8rmf%2Fj4qin8w78vjQMFxsW6GdsAGnQc7z5Xur0cqWC%2Bwbm%2FgqP82coiaYLvL4OXd7XIWp%2B7jvCYeeDqjMoFf5T"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79e6780b5d9091dd-FRA
expires: Wed, 14 Feb 2024 07:25:43 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame CC61 6 KB
2 KB 16ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9edd15a2f73a751203b9ebc3c8f6eba5495d81394a764370b04786678876916b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 07:29:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 10 Nov 2022 06:42:40 GMT
server: nginx/1.12.1 (Ubuntu)
age: 86186
etag: W/"636c9d60-16f0"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
expires: Fri, 24 Feb 2023 07:29:17 GMT

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9jMGMzN2E2YWU3OTAyMjRlZTZmOTU1MjYwNzM4ODg0NA.jpg
img.feebee.tw/i/GyENT81MYVI-YNnPtMKK3Eaz6X9OjgYdvxikUubraE8/372/ Frame CC61 15 KB
15 KB 571ms
30ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/GyENT81MYVI-YNnPtMKK3Eaz6X9OjgYdvxikUubraE8/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9jMGMzN2E2YWU3OTAyMjRlZTZmOTU1MjYwNzM4ODg0NA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: 8cd54b3672ee0ba1d6914648c4d623e770bcd1c7e52cf2cd4d32368100eb240a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 17:52:25 GMT
via: 1.1 google
server: imgproxy
age: 48799
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="c0c37a6ae790224ee6f9552607388844.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15052
x-request-id: 7fn_2aln0v5Cv0HfcVapB

GET
H2 200 /
logs.sitemaji.com/ Frame DEA8 35 B
237 B 260ms
259ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_from_passback_FSA___300x250__300x250_impression&pv=1&rnd=1144

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H2 200 /
logs.sitemaji.com/ Frame DEA8 35 B
237 B 261ms
260ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_from_passback_FSA___300x250__300x250_kwtype-undefined_status-ok&pv=1&rnd=9315

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK 1k7nUJ0uaJ4HWGp_llLmUuHaNNkbpyP-OC_aNX6dZLEBP6j9X2Z2C24RuKN_otdqGod1BuwlG0PH1p_Q0Hxln-mWeQoqpx8xNNbWYrwkKGUYbogDbwmK0LcPvL0VPRHKOjimWlEuZeEMSJzi4fTlCo5b8eVuWcTedh1jeKn0wiZC2K9m1q6_Sm31JkK_YSRXiyEYf...
fsa-api.feebee.com.tw/maji/v2/view/ Frame DEA8 842 B
1006 B 302ms
302ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.com.tw/maji/v2/view/1k7nUJ0uaJ4HWGp_llLmUuHaNNkbpyP-OC_aNX6dZLEBP6j9X2Z2C24RuKN_otdqGod1BuwlG0PH1p_Q0Hxln-mWeQoqpx8xNNbWYrwkKGUYbogDbwmK0LcPvL0VPRHKOjimWlEuZeEMSJzi4fTlCo5b8eVuWcTedh1jeKn0wiZC2K9m1q6_Sm31JkK_YSRXiyEYf2HLO7MyEMGlDx9Fl61-UqaasU4lzxYU8gwN-AgJv5KNp6aKFka94rVu_GxUdHgxEjRnZLBZU0a0bL5Sn-tHdJ8_MEgem5GJvXvNvUUe3M.gif
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:43 GMT
Server: nginx
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 842
Content-Type: image/gif

GET
H/1.1 200
OK campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 5F86 6 KB
4 KB 304ms
304ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=www.manhuagui.com&is_tw=0&country=de
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 5eaf3876d583ff50dfc9e2b1bdd23ef1a56311b63c0577451a2d15a0a9deebd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:43 GMT
content-encoding: gzip
Server: nginx
Transfer-Encoding: chunked
access-control-allow-methods: *
Content-Type: application/json
access-control-allow-origin: https://www.manhuagui.com
vary: Accept-Encoding
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 9E34 495 B
664 B 917ms
259ms Document
text/html 52.193.146.227

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.146.227 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 24 Feb 2023 07:25:44 GMT
etag: "63f84615-1ef"
last-modified: Fri, 24 Feb 2023 05:07:33 GMT
server: nginx

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame CAC6 495 B
665 B 908ms
258ms Document
text/html 52.193.146.227

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.146.227 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 24 Feb 2023 07:25:44 GMT
etag: "63f845eb-1ef"
last-modified: Fri, 24 Feb 2023 05:06:51 GMT
server: nginx

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame FCFB
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

44 KB
45 KB

14ms
14ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45472
last-modified: Wed, 21 Dec 2022 06:26:38 GMT
server: cloudflare
etag: "63a2a71e-b1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSRKUk9FXwK2YP8QIc%2F6fkKmZXx9j2MQiIcoLXmH8sdqR9Wlqnr3FKiWllKcB0zBwMtcEpUE1tKp4cpKqyhQ3d88qE4m44O4n4CFN%2F8TFzlfZfT5T8BxIHBuMVudbogCHjjcwIjhJQ%2FQJahvcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79e6780f1849377b-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 5761
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

44 KB
45 KB

14ms
14ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45472
last-modified: Wed, 21 Dec 2022 06:26:38 GMT
server: cloudflare
etag: "63a2a71e-b1a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzheTzYb0ftOWpOjE1TmmmMNOZ6g1b6nUGKQGwbnYnz3faQ%2BXjnYiVxeOHiLxilcEexK%2FPVpOa5IoN0NvKL3p9IVQhDc5%2BfR3egktbGqESsxMuIkxsRGqhY01Nv6eI%2B0f%2BaKk3AjX0R4tA7N1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79e6780f186c377b-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame F0D5 70 KB
5 KB 21ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2452792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUqx1LQNtydBzJHLqHm4p2o%2Fk5g%2BYLgINJ3CdSsoiRx6tiQzxBrZBRevbL98yg41UJMxFiKKuSS1VCqRbFti%2FvdgnUQN%2BzHBCi7MgEwM%2Fgm4inJR6OAYvlo8kfUv6tx338GY%2BtxYs7UDK45gU7dtp%2FYF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79e6780d693c91d2-FRA
expires: Wed, 14 Feb 2024 07:25:43 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame F0D5 6 KB
2 KB 14ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9edd15a2f73a751203b9ebc3c8f6eba5495d81394a764370b04786678876916b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 07:29:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 10 Nov 2022 06:42:40 GMT
server: nginx/1.12.1 (Ubuntu)
age: 86186
etag: W/"636c9d60-16f0"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
expires: Fri, 24 Feb 2023 07:29:17 GMT

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS90dy0xMTEzNDIwNy0yMzAyMC0xeXVpZnc2bG1ybnYyYQ.jpg
img.feebee.tw/i/Ydd8km5GSBH_4SLGbPnZ-HGT3Dl13x5dCi8WOP64VWo/372/ Frame F0D5 27 KB
28 KB 227ms
16ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/Ydd8km5GSBH_4SLGbPnZ-HGT3Dl13x5dCi8WOP64VWo/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS90dy0xMTEzNDIwNy0yMzAyMC0xeXVpZnc2bG1ybnYyYQ.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: fe1ee57d32480ff10f2f8c215c1d81f05c67bc17024094ad5e6664fc64f7e387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:14:50 GMT
via: 1.1 google
server: imgproxy
age: 18654
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="tw-11134207-23020-1yuifw6lmrnv2a.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27977
x-request-id: r5abcmZ2FLHm6_ZKMp9y0

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9hYjNjMzQ3YmMwMDdjZTY0NmY4YTM0ODFlNTUyZTliZA.jpg
img.feebee.tw/i/U6Cey2hhQbHhU54FF8_xCOGunKdpKjENjAUUihLvNwY/372/ Frame F0D5 16 KB
16 KB 245ms
34ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/U6Cey2hhQbHhU54FF8_xCOGunKdpKjENjAUUihLvNwY/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9hYjNjMzQ3YmMwMDdjZTY0NmY4YTM0ODFlNTUyZTliZA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: 990c597fb7fc7314f88fd52a119ad991342638c6268366c0e60d89790d13dc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:01:10 GMT
via: 1.1 google
server: imgproxy
age: 12274
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="ab3c347bc007ce646f8a3481e552e9bd.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16384
x-request-id: 8A9_msJrIeffVS-5fxOg-

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMzAxMC03MzhtYTdyYm13bHZhYw.jpg
img.feebee.tw/i/iPvbQVqCacytKeGkx_a0fFX5EEvyOcVuubjvVrJmQPs/372/ Frame F0D5 11 KB
11 KB 249ms
39ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/iPvbQVqCacytKeGkx_a0fFX5EEvyOcVuubjvVrJmQPs/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMzAxMC03MzhtYTdyYm13bHZhYw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: 625e4b1e8423b4ea6f4fc0df9fc95098cb96da8e5ed2b254b8cbb665e87e207b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:14:48 GMT
via: 1.1 google
server: imgproxy
age: 15056
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="sg-11134201-23010-738ma7rbmwlvac.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11347
x-request-id: PGFwEehJfvZ4CN9cnB3nP

GET
H2 200 /
logs.sitemaji.com/ Frame 5F86 35 B
237 B 260ms
259ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_spstore_spstore_from_passback_FSA___728x90__728x90_impression&pv=1&rnd=4543

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H2 200 /
logs.sitemaji.com/ Frame 5F86 35 B
237 B 260ms
260ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_spstore_spstore_from_passback_FSA___728x90__728x90_kwtype-undefined_status-ok&pv=1&rnd=4451

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK 1k7LF1bw16URVUIbClc_C0GzRnrsZnbS_6qR73fuvG0tQqx9QD-rRDET89Xgkg1T4Nd7eoJ4gaPNUxHGCGun3-twCMlSZHt5C9R7URyMCA9g-MxbVkVTZO7UL73hd95v6JC1mx8GQ-tYvF7y4qoIVOb5urEG43WpvnKahvzPGnFtQbu8zEYfMYsDHUGOp9uKsLjnP...
fsa-api.feebee.com.tw/maji/v2/view/ Frame 5F86 842 B
1006 B 286ms
286ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.com.tw/maji/v2/view/1k7LF1bw16URVUIbClc_C0GzRnrsZnbS_6qR73fuvG0tQqx9QD-rRDET89Xgkg1T4Nd7eoJ4gaPNUxHGCGun3-twCMlSZHt5C9R7URyMCA9g-MxbVkVTZO7UL73hd95v6JC1mx8GQ-tYvF7y4qoIVOb5urEG43WpvnKahvzPGnFtQbu8zEYfMYsDHUGOp9uKsLjnP30Zd1okIAwFpUyPVKjZRuABrG4H96ut0ACxZotCG8FVp1Hm6EiJAxKf7VQsx43VZYt4iHWRFptKtpD5tqvqP6Yp_VUf_5zJcxpjDZvLco.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.manhuagui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:44 GMT
Server: nginx
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 842
Content-Type: image/gif

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 32B6 495 B
663 B 639ms
260ms Document
text/html 52.193.146.227

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4299839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.146.227 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.manhuagui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 24 Feb 2023 07:25:44 GMT
etag: "63f848c0-1ef"
last-modified: Fri, 24 Feb 2023 05:18:56 GMT
server: nginx

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame FCFB 975 B
787 B 17ms
17ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12677
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2aMncM6qSIGPe79iNVlTdHjEkppVI1a3G6ddO031fNaj0VWgQuOkcqT1mhZx%2FJsu6ycQJ%2F%2FXXPdsr%2F8NNiU%2BCRZ1abQWgylpa%2BnkWBZ2%2B%2FFadmuylI3uX%2BVR573hxhCTIx6i8DULAZt5aeocw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79e6780f388c377b-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame FCFB 46 B
491 B 318ms
94ms XHR
text/html 207.244.89.4

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.89.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1e1b749d57de7a2e9ad0416ff1b6fbf5d0b79931eece134128ccf1ce33a6d25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame FCFB 512 B
1 KB 315ms
121ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=www.lookit.tw&u=https%3A%2F%2Fwww.manhuagui.com%2F&adid=ad-BE7ED378992D473917D64BE23A3BBDBA&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.29217095417052064&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Fwww.manhuagui.com&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Sykesville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
x-width: 728
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-sspid: b8790e1e-04b3-313c-babc-bd522c37979c
x-adtype: html
connection: close
content-length: 512

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 5761 975 B
779 B 14ms
13ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12677
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awAXNAeM64g6c3T3EegvezwStTs8xP%2F%2FFq6kwQjtLiVaPY6C%2FxrnoslPuvYl0fFacyqcUPzdg1%2B7EYtB4maIWKPH6BS0418a0pJPHqol94uNCk7t7RCptEM00MB0mxtCmFlJljJK1ZSvEll4ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 79e6780f58c6377b-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 5761 46 B
491 B 314ms
104ms XHR
text/html 207.244.89.4

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.89.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1e1b749d57de7a2e9ad0416ff1b6fbf5d0b79931eece134128ccf1ce33a6d25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 5761 512 B
1 KB 302ms
108ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=www.lookit.tw&u=https%3A%2F%2Fwww.manhuagui.com%2F&adid=ad-BE7ED378992D473917D64BE23A3BBDBA&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.0012829014316488863&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Fwww.manhuagui.com&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Sykesville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
x-width: 728
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.lookit.tw
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-sspid: b8790e1e-04b3-313c-babc-bd522c37979c
x-adtype: html
connection: close
content-length: 512

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame C394 714 B
774 B 17ms
17ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.lookit.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 13554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 79e678113bd2377b-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 07:25:44 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1NJQTYofCb5Vl6y%2F38DVnYVenGH3wPYWexgDAjN2ZE3jUOWap9HIXoxCWfP9GH7GP7RlcFAmixtjcPBY11xRbGAdKfJGg6VJmcisRHUNF547p3weDoHDp5z%2FsSvr6nFOuxf%2FuOa50aEaMbQvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame FCFB 35 B
384 B 308ms
106ms Image
image/gif 207.244.89.4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.89.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 4970 101 KB
11 KB 15ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e20995babc972edbbaa72a67791b07096ddbc140ff2334860cff0c45f2fd942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:37:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 08 Feb 2023 04:45:49 GMT
server: nginx/1.12.1 (Ubuntu)
age: 82073
etag: W/"63e328fd-19402"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11687
expires: Fri, 24 Feb 2023 08:37:51 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame E5D6 714 B
773 B 14ms
13ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.lookit.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 13554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 79e678116c17377b-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 07:25:44 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFSzLxNPvJS%2BtVkQoZoJolMouS4OiEQ8PptoUl2grEmjCE0V%2FOY5X1u4kAd1E9bZO78aCEhAOAOrpUuDAwHqQtTa%2FtutvcQNqudNNAb2lijMGHSDpXOAJWE3fYXSleu3gWomr3RBDae2AhYqeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 5761 35 B
384 B 307ms
105ms Image
image/gif 207.244.89.4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.89.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 29EC 101 KB
11 KB 15ms
15ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e20995babc972edbbaa72a67791b07096ddbc140ff2334860cff0c45f2fd942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:37:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 08 Feb 2023 04:45:49 GMT
server: nginx/1.12.1 (Ubuntu)
age: 82073
etag: W/"63e328fd-19402"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11687
expires: Fri, 24 Feb 2023 08:37:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C394 76 KB
26 KB 134ms
50ms Script
text/javascript 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626a1a3a966835661fd675614389c65711f85dd9c8f7a760e79081801b78ed88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26508
x-xss-protection: 0
server: sffe
etag: "1492 / 885 of 1000 / last-modified: 1677193766"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 07:25:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E5D6 76 KB
26 KB 162ms
88ms Script
text/javascript 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eeb0671a5f44561a1f6a027ed7b5c466379a746a8a294c3f82bd88a0822763a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26509
x-xss-protection: 0
server: sffe
etag: "1492 / 286 of 1000 / last-modified: 1677193840"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 07:25:44 GMT

GET
H2 200 /
logs.sitemaji.com/ Frame DEA8 35 B
237 B 262ms
262ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_from_passback_FSA___300x250__300x250_activeview_undefined&pv=1&rnd=618

Requested by

Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK / Show response
ssl.sitemaji.com/geo/ Frame 4970 17 B
266 B 315ms
315ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/plain; charset=utf-8
Date: Fri, 24 Feb 2023 07:25:44 GMT
Cache-Control: max-age=86400, public
Server: nginx
Connection: keep-alive
Content-Length: 17
Expires: Sat, 25 Feb 2023 07:25:44 GMT

GET
H2 200 /
logs.sitemaji.com/ Frame 4970 35 B
237 B 261ms
261ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v1__passback_FSA___728x90__728x90_request&pv=1&rnd=2769

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK / Show response
ssl.sitemaji.com/geo/ Frame 29EC 17 B
266 B 316ms
315ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/plain; charset=utf-8
Date: Fri, 24 Feb 2023 07:25:44 GMT
Cache-Control: max-age=86400, public
Server: nginx
Connection: keep-alive
Content-Length: 17
Expires: Sat, 25 Feb 2023 07:25:44 GMT

GET
H2 200 /
logs.sitemaji.com/ Frame 29EC 35 B
237 B 260ms
260ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v1__passback_FSA___728x90__728x90_request&pv=1&rnd=2382

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK 1k7MxJe_RJZWD029212LZvMuKyKMLMaO0co00pdw43wWKrc9H4Tuz4Zqre5QerCk6041m8VEkj9iaWJUd12wuuXofx0sEQrK1rk7nVf_8t12x5P6o-JNZwPNgWbCINzqJ9f55lx7S_nL6i-1PbnGRFLzlL_EHXiFIqU8RsOku6fmFufRgKi7TrCMOMIgSeuam_HYs...
fsa-api.feebee.com.tw/maji/v2/beacon/ Frame CC61 0
0 300ms
300ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.com.tw/maji/v2/beacon/1k7MxJe_RJZWD029212LZvMuKyKMLMaO0co00pdw43wWKrc9H4Tuz4Zqre5QerCk6041m8VEkj9iaWJUd12wuuXofx0sEQrK1rk7nVf_8t12x5P6o-JNZwPNgWbCINzqJ9f55lx7S_nL6i-1PbnGRFLzlL_EHXiFIqU8RsOku6fmFufRgKi7TrCMOMIgSeuam_HYs7ZhMpluOioUKjTIAHNojkuQCMId-GcBR0vgX9QG0z944ENOg-rNRvFJYsGQjdRQ12O-UUVU7rTMaLtqQJ2p8ZRu_mI0bOiglmou1pQADO3chfByrSwE8VlQSKAz8er8PBX4H7ojXe8ZbwSIoK_wQ.gif
Requested by: Host: www.manhuagui.com
URL: https://www.manhuagui.com/comic/35579/488749.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame CAC6 0
268 B 260ms
260ms Script
text/plain 52.193.146.227

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.146.227 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 24 Feb 2023 07:25:44 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 9E34 0
268 B 260ms
260ms Script
text/plain 52.193.146.227

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.146.227 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 24 Feb 2023 07:25:44 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 32B6 0
268 B 259ms
259ms Script
text/plain 52.193.146.227

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.146.227 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 24 Feb 2023 07:25:44 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C394 382 KB
129 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 10:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 10:41:31 GMT

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E5D6 382 KB
129 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 06:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 06:51:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C394 107 B
531 B 214ms
69ms Script
application/javascript 2a00:1450:400d:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C394 107 B
456 B 199ms
69ms Script
application/javascript 2a00:1450:400d:80c::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C394 498 B
273 B 85ms
80ms XHR
text/plain 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3626511727818703&correlator=381539244375037&eid=31072020%2C31072029&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1677223544896&lmt=1644386353&dlt=1677223544562&idt=306&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=zbvm9f4xd20o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.lookit.tw%2F&top=https%3A%2F%2Fwww.lookit.tw%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=541801556.1677223545&ga_sid=1677223545&ga_hid=874551529&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e5d8ae18c8e4e8f9322eab897e4fa64b5ec02eaa0531b9a534d4c3c011770c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4e3d9b4ab1ee60beeb1400325640feff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0181 6 KB
3 KB 475ms
82ms Document
text/html 2a00:1450:400d:80c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://4e3d9b4ab1ee60beeb1400325640feff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:45 GMT
expires: Sat, 24 Feb 2024 07:25:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 4970 6 KB
4 KB 300ms
299ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=www.lookit.tw&is_tw=0&country=de
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: d356a7a44605bddbb47597e0fcbd373b6b7c16345625a6ebd24030a525e93dad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
Server: nginx
Transfer-Encoding: chunked
access-control-allow-methods: *
Content-Type: application/json
access-control-allow-origin: https://www.lookit.tw
vary: Accept-Encoding
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H/1.1 200
OK campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 29EC 6 KB
4 KB 596ms
298ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=www.lookit.tw&is_tw=0&country=de
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 95639944299e18eb59244b862f4862ef8280ef72d141c18aaaf2fa50c70e8d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
Server: nginx
Transfer-Encoding: chunked
access-control-allow-methods: *
Content-Type: application/json
access-control-allow-origin: https://www.lookit.tw
vary: Accept-Encoding
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E5D6 107 B
165 B 162ms
91ms Script
application/javascript 2a00:1450:400d:803::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E5D6 107 B
165 B 152ms
96ms Script
application/javascript 2a00:1450:400d:80c::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E5D6 498 B
273 B 78ms
78ms XHR
text/plain 2a00:1450:4001:831::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=314083934865885&correlator=4045466861023039&eid=31072600&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1677223544969&lmt=1644386353&dlt=1677223544573&idt=368&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hqrnjc7jusb6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.lookit.tw%2F&top=https%3A%2F%2Fwww.lookit.tw%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=141457808.1677223545&ga_sid=1677223545&ga_hid=701992087&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a500bf0142beb5c84a52df3e3d1c1dcaf3b565c3f171d06812fa8a7a810aaa3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9301cb9f0109ac4965511cba9969e0b4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C289 6 KB
3 KB 366ms
80ms Document
text/html 2a00:1450:400d:80c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://9301cb9f0109ac4965511cba9969e0b4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:45 GMT
expires: Sat, 24 Feb 2024 07:25:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 3B25 70 KB
5 KB 22ms
21ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2452794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iZXTMQ5XSVNiKRJS510nDY%2FUJvSQPlQP9U43yAPd6AplphMt0eFyqi8tIQtqfNOTmmim1JtU4Gxc4vlTq2m4MHRuGTGzkydcQUL2nMnC2UJ8qNVVORr%2B7qnRHAARmgEDYiU7FYjANc1YC8FMHWi8fVv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79e67815ba7091d2-FRA
expires: Wed, 14 Feb 2024 07:25:45 GMT

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9jMGMzN2E2YWU3OTAyMjRlZTZmOTU1MjYwNzM4ODg0NA.jpg
img.feebee.tw/i/GyENT81MYVI-YNnPtMKK3Eaz6X9OjgYdvxikUubraE8/372/ Frame 3B25 15 KB
15 KB 18ms
15ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/GyENT81MYVI-YNnPtMKK3Eaz6X9OjgYdvxikUubraE8/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9jMGMzN2E2YWU3OTAyMjRlZTZmOTU1MjYwNzM4ODg0NA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: 8cd54b3672ee0ba1d6914648c4d623e770bcd1c7e52cf2cd4d32368100eb240a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 17:52:25 GMT
via: 1.1 google
server: imgproxy
age: 48800
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="c0c37a6ae790224ee6f9552607388844.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15052
x-request-id: 7fn_2aln0v5Cv0HfcVapB

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame 3B25 6 KB
2 KB 17ms
15ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9edd15a2f73a751203b9ebc3c8f6eba5495d81394a764370b04786678876916b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 07:29:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 10 Nov 2022 06:42:40 GMT
server: nginx/1.12.1 (Ubuntu)
age: 86188
etag: W/"636c9d60-16f0"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
expires: Fri, 24 Feb 2023 07:29:17 GMT

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjEwMC1kcTd0aHZ1bHRzaXYwYw.jpg
img.feebee.tw/i/0yQrjKPd_o0RN0lFdLlZL8DMc7EovnxmhkEC4CRL4rY/372/ Frame 3B25 23 KB
23 KB 19ms
17ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/0yQrjKPd_o0RN0lFdLlZL8DMc7EovnxmhkEC4CRL4rY/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjEwMC1kcTd0aHZ1bHRzaXYwYw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: 9dcf6c5158343aabb957c8ed1fc92d56cc687f938dedd289b2696ea2a7d50b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:55:53 GMT
via: 1.1 google
server: imgproxy
age: 12592
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="sg-11134201-22100-dq7thvultsiv0c.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23728
x-request-id: 2_w0wC7BCjr1omLyl1pIC

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjExMC1lZTI2aHJzYTlha3ZjZA.jpg
img.feebee.tw/i/QVPwlpsbyKcw_YT8il53Cv37s3bQtgPKDh02oJoDB2o/372/ Frame 3B25 10 KB
10 KB 565ms
563ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/QVPwlpsbyKcw_YT8il53Cv37s3bQtgPKDh02oJoDB2o/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjExMC1lZTI2aHJzYTlha3ZjZA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: eae81fe066ccd7fdff5a7aaecd8be83c54f505db795f668e646077939d0f7c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="sg-11134201-22110-ee26hrsa9akvcd.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10486
x-request-id: rfznHsGy3GD76c3HDQN6I

GET
H2 200 /
logs.sitemaji.com/ Frame 4970 35 B
237 B 262ms
260ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_spstore_spstore_from_passback_FSA___728x90__728x90_impression&pv=1&rnd=5627

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H2 200 /
logs.sitemaji.com/ Frame 4970 35 B
237 B 262ms
261ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_spstore_spstore_from_passback_FSA___728x90__728x90_kwtype-undefined_status-ok&pv=1&rnd=8882

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK 1k7-2aZLSNc0l1E6D0stjki1367qCRDjsq6UDIntiVDXaFcl4tOl4SwF6A0QvFAVOZj6Wrvx6Zi1T_MoU6j9eQ0f2Eva8z79J8iclG6H6hiQMPwWNoGtoXFSenA3KgAoXO-xWe9eMur12Qk9YoRLgr9cjuNhP1R22kciKfXIo3jl4MpPf48r4FqIZKBWvQFJFRumv...
fsa-api.feebee.com.tw/maji/v2/view/ Frame 4970 842 B
1006 B 559ms
295ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.com.tw/maji/v2/view/1k7-2aZLSNc0l1E6D0stjki1367qCRDjsq6UDIntiVDXaFcl4tOl4SwF6A0QvFAVOZj6Wrvx6Zi1T_MoU6j9eQ0f2Eva8z79J8iclG6H6hiQMPwWNoGtoXFSenA3KgAoXO-xWe9eMur12Qk9YoRLgr9cjuNhP1R22kciKfXIo3jl4MpPf48r4FqIZKBWvQFJFRumvYSi4BnmVzjqjzcfDaXcybpJ557wZD_td3-o12fEnmipWRRGeixV7CuRUrWiPqA9KM4aDN7LzAM9p4BWotAEcvaYD-0Vum0L6oHQ5clqUpjQA5sHvcQ7eO2E6wehZ7i.gif
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:45 GMT
Server: nginx
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 842
Content-Type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E5D6 14 KB
11 KB 231ms
99ms XHR
application/json 2a00:1450:400d:802::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

485c80e3fd631c92ab1a8ec00b4083e66123f14c80fdbcd71da9a01ce707067d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11172
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C394 15 KB
11 KB 188ms
92ms XHR
application/json 2a00:1450:400d:802::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

dbbeaf476c8a7e3d3040afb7d60a768996f2b8ea1801264f1689fc7611c74334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11276
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1DF2 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.manhuagui.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.lookit.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 1461488
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1DF2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.lookit.tw&sn=ChromeSyncframe&so=0&topUrl=www.manhuagui.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Yok-x3x5d0hkTlhBc1YxQm43RGdRVVJUTW02VUZ1S2ZKTU52RDRYbzl4WHl2YkJuM1pJYkdzbG1EdlFGVndpMGV5aytQR0tIek90dndFOGh0M1F5a3lXV3BoQUJIYXBZakwvcHlHT3FKUTNIUDgrdGx4UWQ4aUxzT090OF...

425 B
653 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Yok-x3x5d0hkTlhBc1YxQm43RGdRVVJUTW02VUZ1S2ZKTU52RDRYbzl4WHl2YkJuM1pJYkdzbG1EdlFGVndpMGV5aytQR0tIek90dndFOGh0M1F5a3lXV3BoQUJIYXBZakwvcHlHT3FKUTNIUDgrdGx4UWQ4aUxzT090OFpFUktaOVlwL1pBTndIWjNNblRYMGZrQ2FzN2ZwZk1DeEJNckY2dklaSllPVVFSbzlSblFHYkdvUG03Rm1IQzBWOWwrQ0JRL0pKSDFxUzdzREw4R2RVRFBqcE9SUEpOWFljcVpWNW5SSEx1UmYwdTlxUHZSR2VnU1BSSEtXWkZ5K1ZuSGhuVkZFWVZvczhlS1gwSmhrNVZVR2pXZk5IN1lRdnhRazdudUdEMUorYUJSRm0wbz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

961088884ac29c3a34f45a1be1935d44ed818f05510fb53e3c6b166d4db315a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1587986
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 07:25:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Yok-x3x5d0hkTlhBc1YxQm43RGdRVVJUTW02VUZ1S2ZKTU52RDRYbzl4WHl2YkJuM1pJYkdzbG1EdlFGVndpMGV5aytQR0tIek90dndFOGh0M1F5a3lXV3BoQUJIYXBZakwvcHlHT3FKUTNIUDgrdGx4UWQ4aUxzT090OFpFUktaOVlwL1pBTndIWjNNblRYMGZrQ2FzN2ZwZk1DeEJNckY2dklaSllPVVFSbzlSblFHYkdvUG03Rm1IQzBWOWwrQ0JRL0pKSDFxUzdzREw4R2RVRFBqcE9SUEpOWFljcVpWNW5SSEx1UmYwdTlxUHZSR2VnU1BSSEtXWkZ5K1ZuSGhuVkZFWVZvczhlS1gwSmhrNVZVR2pXZk5IN1lRdnhRazdudUdEMUorYUJSRm0wbz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 319780
content-length: 0
expires: 0

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame ADAA 70 KB
5 KB 20ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2452794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WRFbzkVeHrWS%2Fhih9Uum7od%2BZWjf70%2BgR4GccRv0JT6spA2A6DtFTFoXi3f1%2FRF%2FVqbgZIFznffU4y%2BKWe5EcS5HT0uh72eyG4aJuUuCppMXAzXFnnocjinOz2iLGLyQrvgMcTKKgfu89exklFLTZsC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79e678178c0891d2-FRA
expires: Wed, 14 Feb 2024 07:25:45 GMT

GET
H3 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS90dy0xMTEzNDIwNy0yMzAyMC0xeXVpZnc2bG1ybnYyYQ.jpg
img.feebee.tw/i/Ydd8km5GSBH_4SLGbPnZ-HGT3Dl13x5dCi8WOP64VWo/372/ Frame ADAA 27 KB
27 KB 19ms
17ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/Ydd8km5GSBH_4SLGbPnZ-HGT3Dl13x5dCi8WOP64VWo/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS90dy0xMTEzNDIwNy0yMzAyMC0xeXVpZnc2bG1ybnYyYQ.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: fe1ee57d32480ff10f2f8c215c1d81f05c67bc17024094ad5e6664fc64f7e387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:14:50 GMT
via: 1.1 google
server: imgproxy
age: 18655
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="tw-11134207-23020-1yuifw6lmrnv2a.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27977
x-request-id: r5abcmZ2FLHm6_ZKMp9y0

GET
H3 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9hYjNjMzQ3YmMwMDdjZTY0NmY4YTM0ODFlNTUyZTliZA.jpg
img.feebee.tw/i/U6Cey2hhQbHhU54FF8_xCOGunKdpKjENjAUUihLvNwY/372/ Frame ADAA 16 KB
16 KB 24ms
23ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/U6Cey2hhQbHhU54FF8_xCOGunKdpKjENjAUUihLvNwY/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9hYjNjMzQ3YmMwMDdjZTY0NmY4YTM0ODFlNTUyZTliZA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: 990c597fb7fc7314f88fd52a119ad991342638c6268366c0e60d89790d13dc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 04:01:10 GMT
via: 1.1 google
server: imgproxy
age: 12275
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="ab3c347bc007ce646f8a3481e552e9bd.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16384
x-request-id: 8A9_msJrIeffVS-5fxOg-

GET
H3 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMzAxMC03MzhtYTdyYm13bHZhYw.jpg
img.feebee.tw/i/iPvbQVqCacytKeGkx_a0fFX5EEvyOcVuubjvVrJmQPs/372/ Frame ADAA 11 KB
11 KB 22ms
21ms Image
image/jpeg 130.211.28.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/iPvbQVqCacytKeGkx_a0fFX5EEvyOcVuubjvVrJmQPs/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMzAxMC03MzhtYTdyYm13bHZhYw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.28.216 -, , ASN (),
Reverse DNS
Software: imgproxy /
Resource Hash: 625e4b1e8423b4ea6f4fc0df9fc95098cb96da8e5ed2b254b8cbb665e87e207b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:14:48 GMT
via: 1.1 google
server: imgproxy
age: 15057
vary: Accept
content-type: image/jpeg
cache-control: max-age=7200,must-revalidate,public
content-disposition: inline; filename="sg-11134201-23010-738ma7rbmwlvac.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11347
x-request-id: PGFwEehJfvZ4CN9cnB3nP

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame ADAA 6 KB
2 KB 16ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9edd15a2f73a751203b9ebc3c8f6eba5495d81394a764370b04786678876916b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 07:29:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 10 Nov 2022 06:42:40 GMT
server: nginx/1.12.1 (Ubuntu)
age: 86188
etag: W/"636c9d60-16f0"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
expires: Fri, 24 Feb 2023 07:29:17 GMT

GET
H2 200 /
logs.sitemaji.com/ Frame 29EC 35 B
237 B 261ms
260ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_spstore_spstore_from_passback_FSA___728x90__728x90_impression&pv=1&rnd=1965

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H2 200 /
logs.sitemaji.com/ Frame 29EC 35 B
237 B 263ms
262ms Image
image/gif 172.105.236.33
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.sitemaji.com/?t=FSA-v2__spstore_spstore_spstore_from_passback_FSA___728x90__728x90_kwtype-undefined_status-ok&pv=1&rnd=8652

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.105.236.33 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

li1890-33.members.linode.com

Software

nginx/1.10.3 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx/1.10.3
etag: "355e52b0-23"
x-frame-options: DENY
content-type: image/gif
content-length: 35

GET
H/1.1 200
OK 1k7bfPi9ShasUxa5YA6Y_Hxm92DlzS4_L2kK9jXtZkkMvCqtVqP4lnv9sE5fLZrRmZAF7I0VD78pzQoHdFyo4x6zZuDiL6T7OWGPdMBb_dO6AGfOOEsa6FJu47J5qKU57Dm856dAkplQqURctQAfaNtCkvQwR5NLg6x4Y8Avrn5G3_oAQ9zcafLF5mJDZOudAG46M...
fsa-api.feebee.com.tw/maji/v2/view/ Frame 29EC 842 B
1006 B 294ms
294ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.com.tw/maji/v2/view/1k7bfPi9ShasUxa5YA6Y_Hxm92DlzS4_L2kK9jXtZkkMvCqtVqP4lnv9sE5fLZrRmZAF7I0VD78pzQoHdFyo4x6zZuDiL6T7OWGPdMBb_dO6AGfOOEsa6FJu47J5qKU57Dm856dAkplQqURctQAfaNtCkvQwR5NLg6x4Y8Avrn5G3_oAQ9zcafLF5mJDZOudAG46MkfSh0mZxyH3q0IaKYG9yEA1aT1R8zkjkbouEHv307Q_PEcmSiLhFzpBvTnlTUIyeL5wmL8lcdV3TDHP5sPV5q7tmD9fijhMtOaUxGbftI.gif
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 07:25:45 GMT
Server: nginx
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 842
Content-Type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C394 17 KB
7 KB 215ms
86ms Script
text/javascript 2a00:1450:400d:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 07:25:45 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E5D6 17 KB
6 KB 266ms
149ms Script
text/javascript 2a00:1450:400d:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 07:25:45 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E63E 13 KB
5 KB 54ms
48ms Document
text/html 2a00:1450:400d:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:28:54 GMT
expires: Fri, 23 Feb 2024 19:28:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6CB6 783 B
1 KB 192ms
71ms Document
text/html 2a00:1450:400d:807::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

6a31731f77417debae5aab04e781d03985ab8e3e3ce541a6207e95e29c296058

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6K56WZJT3a-WRwpegInDZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-6K56WZJT3a-WRwpegInDZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:45 GMT
expires: Fri, 24 Feb 2023 07:25:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF83 13 KB
5 KB 56ms
47ms Document
text/html 2a00:1450:400d:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:28:54 GMT
expires: Fri, 23 Feb 2024 19:28:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EC91 783 B
741 B 137ms
73ms Document
text/html 2a00:1450:400d:807::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

875d07e11023026cab2454571668f68d2397426c4cec5e9872b7b84e5d2e900f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tGQx_eFP81FximR0lV4gjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-tGQx_eFP81FximR0lV4gjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 07:25:45 GMT
expires: Fri, 24 Feb 2023 07:25:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame E63E 36 KB
14 KB 146ms
47ms Script
text/javascript 2a00:1450:400d:802::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame AF83 36 KB
14 KB 98ms
49ms Script
text/javascript 2a00:1450:400d:802::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6CB6 0
0 79ms
78ms Image
text/html 2a00:1450:400d:802::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=3626511727818703&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EC91 0
0 79ms
78ms Image
text/html 2a00:1450:400d:802::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=314083934865885&rc=
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AF83 0
10 B 47ms
47ms Image
text/plain 2a00:1450:400d:803::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zpvAAw
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90IK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E63E 0
10 B 47ms
47ms Image
text/plain 2a00:1450:400d:803::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Sikkfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:25:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.manhuagui.com/	1970-01-20 19:29:43	Name: _ga Value: GA1.1.1450408375.1677223537
.manhuagui.com/	1970-01-20 19:29:43	Name: _ga_H5F270PE29 Value: GS1.1.1677223537.1.0.1677223537.0.0.0
www.manhuagui.com/	1970-01-20 19:29:43	Name: bitmedia_fid Value: eyJmaWQiOiIwNzAzMzE1MmZkNzhjNTMwZWI1MjFlYTMzZmI2YWYwOSIsImZpZG5vdWEiOiJhMzU3OGNhODI5OTMwZGQwY2I4ZGU4MjE4ZTRiZmY5ZiJ9
.manhuagui.com/	1970-01-20 10:36:55	Name: country Value: DE
.holmesmind.com/	1970-01-20 10:14:50	Name: Vision Value: 20230224-23:59,20230224-18,20230224-18,20230224-23:59
.holmesmind.com/	1970-01-20 10:14:50	Name: C Value: null
.holmesmind.com/	1970-01-20 12:18:41	Name: RK Value: null
.holmesmind.com/	1970-01-20 19:29:43	Name: P Value: 286779-HvIU2TTxM9zEPF2oU9WLNxBLDr4KsHe9
www.manhuagui.com/	1970-01-20 10:36:55	Name: CFFPCKUUID Value: 3847-PG7Kzk88zAcApOqa1CZ9KS3J1PMZBycl
.manhuagui.com/	1970-01-20 10:36:55	Name: CFFPCKUUIDMAIN Value: 4740-S3LeIB17Bp6lOfeKEdaa0QnNwV7S7Nel
.criteo.com/	1970-01-20 19:15:19	Name: uid Value: 7807dc4b-e7bb-4d97-9cfc-0cba2ec4f8ae
.hinet.net/	1970-01-20 19:29:43	Name: uuid Value: dfd0798d-c8a9-4915-8056-b110df132dc6
.manhuagui.com/	1970-01-20 18:39:19	Name: __htid Value: dfd0798d-c8a9-4915-8056-b110df132dc6
.manhuagui.com/	1970-01-20 09:53:47	Name: _ht_em Value: 1
.aralego.com/	1970-01-20 18:39:19	Name: sspid Value: b8790e1e-04b3-313c-babc-bd522c37979c
.doubleclick.net/	1970-01-20 19:15:19	Name: IDE Value: AHWqTUnjmqT1bfViYwIrw8agQTwbRWrC9jvgUgHC50FZMKBRqygb2uqDW7T6KDuVY8A
.manhuagui.com/	1970-01-20 19:15:19	Name: cto_bundle Value: NgR9vl9SNFhLb1FET0VOdm85V0lvMk9uVlJlZVFHc2o0a1ZXS2dxZ3pRMkJuYlk4M1dDVmN4RlFrMTdzVFFEZTJZazdKT2Z0eTRnUGNrYVpEVUZwSnRueW1vRG9VWHRyZXA1ZldsQUdmY1VvdHdSeXg4eDQ2ZzZVdWczNVJKcCUyRlIxWUtjVERucnQzb0xyaEZobTJEY1BHWUdnQSUzRCUzRA
.c.appier.net/	1970-01-20 18:39:19	Name: _auid Value: 390HK9tlAJOMEK0GdGb4Yw
.holmesmind.com/	1970-01-20 10:14:50	Name: R Value: null
.holmesmind.com/	1970-01-20 12:18:41	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 19:29:43	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.manhuagui.com/	1970-01-20 09:55:09	Name: _ht_hi Value: 1
.www.manhuagui.com/	1970-01-20 10:36:55	Name: _im_vid Value: 01GT150GJ8X0KPKMP97HMPHVNW

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4e3d9b4ab1ee60beeb1400325640feff.safeframe.googlesyndication.com
9301cb9f0109ac4965511cba9969e0b4.safeframe.googlesyndication.com
ad.adondemand.com
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
agent.aralego.com
audiencedata.im-apps.net
bidder.criteo.com
c.holmesmind.com
cdn.aralego.net
cdn.bmcdn5.com
cdn.holmesmind.com
cdnjs.cloudflare.com
cf.hamreus.com
cm.g.doubleclick.net
dfd0798d-c8a9-4915-8056-b110df132dc6.t.ssp.hinet.net
dmp.im-apps.net
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
geo.yahoo.com
gocm.c.appier.net
gum.criteo.com
i.hamreus.com
img.feebee.tw
l.logly.co.jp
logs.sitemaji.com
m.holmesmind.com
media.bmcdn5.com
mug.criteo.com
nt.compass-fit.jp
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
rd.sitemaji.com
region1.google-analytics.com
s.yimg.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.sitemaji.com
static.bmcdn5.com
static.criteo.net
sync.aralego.com
sync.logly.co.jp
t.ssp.hinet.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.lookit.tw
www.manhuagui.com
www.mhgui.com
fcm.holmesmind.com
103.132.192.30
104.21.81.135
107.189.8.124
108.138.7.64
13.113.89.39
130.211.28.216
139.162.106.29
139.162.38.30
142.251.39.2
162.210.196.208
172.105.236.33
178.250.0.157
2001:4860:4802:34::36
203.75.214.136
207.244.89.4
2600:9000:221e:2c00:3:1794:2540:93a1
2600:9000:2250:8a00:0:e06c:e940:93a1
2606:4700:20::ac43:47fe
2606:4700::6811:190e
2606:4700:e6::ac40:c81a
2a00:1288:110:c204::b000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400d:802::2002
2a00:1450:400d:803::2001
2a00:1450:400d:803::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::2004
2a00:1450:400d:808::2006
2a00:1450:400d:808::200a
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:11a::5f65:1760
2a02:26f0:dc::6853:40a
2a06:98c1:3121::c
34.95.67.231
34.96.119.68
35.186.204.155
35.186.215.140
35.201.76.93
35.227.249.156
52.193.146.227
54.95.227.57
60.199.208.47
65.108.141.188
87.248.100.137
00e403e6066333be598299c21ca80f7723b70f47571dcc8a867db59a3082b902
0e78778d5d1f4f049728c4e5e2866876562c18eb40a63876c018a99fd4ba8851
0e80702d4f20af4ff614e5900743194e27da08c242ae42196791c8c8ac8ab97e
0e81967508632534241cb30237bd29c37f3b460f70f8b6a7c68203c5bf689342
0f37e41cfd6ef708a4545e4187dfc56501a577c44e64f521ad18d736a8ee0a95
0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d
103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f
119675abf3b276d4d21f7e21d6f4014726bc5c599d5e6bff6f227d7706b351e0
127d77a32b34260d6c0fec0e002caa0d6ae13fb3176018520d7cc9e297a0d774
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
181c9768942a73cf58299504dac634ca88d0d2232d32327c35985198edcc1190
18efdf012dece794bbf103d636188d8cc0e11e672259b41ce42d72ff82a347a2
195ee4fa3d490ac0a2ca8f2ff7e250f81c382d307cdf2d81ba0debd428fd6a6f
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1f105f94097f21d363113f45f66d3aff8d274009658dbab3b45f4a984d4288f4
2072e010e953ad7f9e45c9c5a90f2524cd55d9197a8593768d7dba7baefec10a
23f0b5c088a9b70ea13dffacf91f505915c1742ebd6b93364ee220bca14de313
23fea8e3dd92fc7af7e4b0346cbf5b864d6da50717f8dc7ee6aae26a5fecac5c
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29e829276fcb7756a3614cf336327db1f7e028e9a9a043ffe31304a8dc98621b
2c1874a430d05d260c5378da7f9df2b4fe347f7e31f7a65072168980a0dd873b
2ff06a7037f2bbe722bef67146ec4fd4e7b83a9b7d396694849cc5e34594acb3
301778cadbb06eebdb2cdee06b83730a861a73fd659f6d61142bfecc2472966a
30dea500a4657accba196909831f0e21a6ad970c8595cc1a87e1c7e16bfe9c6d
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
383ae10121336424dc871b1717459ae84f6d8d172c21805982722b83ee386453
391d878b38b9e37726f0cadbdfbc3e0a6c4b58437668a81af3ba8797c68c70d4
3bfee844c201bc7cc02e4041b7c78840817491179f2ba5ba988350eae6b1f922
3e20995babc972edbbaa72a67791b07096ddbc140ff2334860cff0c45f2fd942
3ec348f7008b2fccd6cc39398578f397c833c06380fe90463191116d27027036
426a1677bc6156171f49adb932f58b34c428dfebcac1b69e51a64e6e711cf634
46047315c67456ba61f5c8c39ae0605921ffceb47c03ce69df26be0740e8e12e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
46e9f38fdbd437a0e7c446af860ba0521d12adb0037b8eed1d0d0252b08705cc
485c80e3fd631c92ab1a8ec00b4083e66123f14c80fdbcd71da9a01ce707067d
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
4992ee1b6908be6313e5657dc00c9494188fad9097089c4116d4fb7d58a5fd6b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569c0623741d6ed8fb4b9befae4f805c87735ee3a304312114a299f468136a24
59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d
5a74841588b691df29fbb7da5975b01a1e2510159ea413a8b43a8fd6c9fd3d90
5b36fc790be1246f322aeca41ad3c545ef46302b0c0f937b853a9f4509e15e57
5bc239944d31c4d37485c831907fbf1e13711462d27912f906a09e7a72982f99
5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a
5eaf3876d583ff50dfc9e2b1bdd23ef1a56311b63c0577451a2d15a0a9deebd0
5f8d384bdf63ca942acd96a1decb58e9166acde56d9b878e415826444ecff3f5
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623d93bd8398f1f481c4987347f04f7b3b41baaa59d0492ba07aec8b9ba26d65
625e4b1e8423b4ea6f4fc0df9fc95098cb96da8e5ed2b254b8cbb665e87e207b
626a1a3a966835661fd675614389c65711f85dd9c8f7a760e79081801b78ed88
683dd22ae63369605f71e2622a7112358f0773e0c0cda97e1178923db1ca03de
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a31731f77417debae5aab04e781d03985ab8e3e3ce541a6207e95e29c296058
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f
750e58da77bd4d04018b30ce67d3b42801887fcae2d7b8f54cad58fca3401c90
753386321de142ccbfc747b2f5a0d21d32e5d1e79fcb878c608f1a49a11b3362
76000ec0c9d4551dc0917e8667950f2937e208febe114c7f1c0f7c2c7b72718b
7a95d6f6c1968d6c76eaff43c82dfc93acc89a9989fdc0eb2d215e3e1be4ebae
7b4feca9662c11539e45ab3cc082f0e12c7111f105b54758b91f56f9202718e0
7ff0e4d9612eafcc42290e47e1d647839327c813747502ba22d11ae192d673c1
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
875d07e11023026cab2454571668f68d2397426c4cec5e9872b7b84e5d2e900f
87a107b8f235a7ae5d4b5f670e6d915df3b3089628c7d833f5ef1c4e585f5f7c
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473
8cd54b3672ee0ba1d6914648c4d623e770bcd1c7e52cf2cd4d32368100eb240a
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8edfa1e8ae21af70195c3137f3df48216cca5b608855bc033473b3be51ad3073
8fa925f71e7a36c075854affa56c3281104cb0dc133a5da43173f5f853bc6bce
90793c1baf99401b1035128354e80db56006f9140d9a20c53fdce8eb47f6e493
92e3a7cda19a1b46b911991074f44b875f4f08d108a291a536866cdb5957dc43
936b091c61ff5a77a40c9bec531f22e2ce232a497727d7b1022eaedfb5140259
95639944299e18eb59244b862f4862ef8280ef72d141c18aaaf2fa50c70e8d99
961088884ac29c3a34f45a1be1935d44ed818f05510fb53e3c6b166d4db315a1
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
990c597fb7fc7314f88fd52a119ad991342638c6268366c0e60d89790d13dc15
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d9bfaf6a51a1bba2b2ac2a1dad54b4ceaecfd2b29f5df7441e5c0507f45c339
9dcf6c5158343aabb957c8ed1fc92d56cc687f938dedd289b2696ea2a7d50b2f
9edd15a2f73a751203b9ebc3c8f6eba5495d81394a764370b04786678876916b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09e2a1f24beb22144faf2198a5aff52cb1cf42fc52b606a395162126a7020d3
a12cbeab57f2de6528ada64cceea100360cf7e4ff7a295371bb72cee948489eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a500bf0142beb5c84a52df3e3d1c1dcaf3b565c3f171d06812fa8a7a810aaa3d
a63d03ced4a1478e3e5c09f2011aaeaab82ee2f0faa68f08379bf37632cc8ef6
aa57468383b53d9b60458647e700cac69a75326752b41c9a6db4fdbab461a58c
ac50e3f1b80e462d8bb974452d8d26d191a9614946b2b310a4f8def011abf5b1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b060d5753b585b57b36e4eda6a1a6b6aec1113c1e6cf76b246ef7d58ca915a5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1547761793a9a6a826497d3b241d08ec43d4359a177e26948f8823c206dccbe
b1e1b749d57de7a2e9ad0416ff1b6fbf5d0b79931eece134128ccf1ce33a6d25
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c0b6a6dc6b6531516480c3ea81e352c643ac97a7ccca99a5f2732bade5938354
c3cd6bf39b83b23baa7352ebe70739dfff1f3687deb5e83f940dfabb49db32e1
c8bbe71674bbe9a8540da5d814f3dab83f3a53752b1df4cc0f7f65d0e231c3ad
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cd874e2a62ceb9c887d06cf839f7f194c306cb4b59bf23f311102adbdde42ab9
d356a7a44605bddbb47597e0fcbd373b6b7c16345625a6ebd24030a525e93dad
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d6c45ce2632e6c386adea71c0d746f54bd458d9cfcc374bc832562aaf5a0d8de
daa08f05292f73773845fd62950085a23f4a250edd0ad14aafc9c8526e2276d0
dbbeaf476c8a7e3d3040afb7d60a768996f2b8ea1801264f1689fc7611c74334
dd71a955bcd2d39f8d0ce170b828831a5398b4d38a06f4b0eeeb5f51a767fcd2
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a448690be6fb8430ed2bcd08d2416aff5f8ea37b42596876720a3e897f834
e5d8ae18c8e4e8f9322eab897e4fa64b5ec02eaa0531b9a534d4c3c011770c44
ea8d0aac0845198f8c36e8219e851e8518e587056a38b9339d92c13cf62e0ed8
eae81fe066ccd7fdff5a7aaecd8be83c54f505db795f668e646077939d0f7c9b
eeb0671a5f44561a1f6a027ed7b5c466379a746a8a294c3f82bd88a0822763a4
f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f45251ca5f051c72ad1fb169af736cc21c8a16f798f4b7583f8717c3ff0773d6
f4c8b1528ff42fe56b43dfb6480dda2986035895d64ddadd618b3f5159e52764
f5b812d6655b437dae9589d0a40726647c5d8901576739502a3356e9ec68ae30
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fbfdfbb16fdf69da4dc68583466d74abe9f91b2716e79754c447e2d429ba9024
fc96fdc422e2b8a3fb5391083711f24541fdc36248fb5f6404093092259d225f
fe1ee57d32480ff10f2f8c215c1d81f05c67bc17024094ad5e6664fc64f7e387
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

www.manhuagui.com Open in urlscan Pro 139.162.106.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

342 Requests

92 %HTTPS

50 %IPv6

32 Domains

57 Subdomains

48 IPs

12 Countries

3204 kBTransfer

6389 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

342 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.manhuagui.com Open in urlscan Pro
139.162.106.29 Public Scan

Screenshot
Live screenshot

Full Image

342
Requests

92 %
HTTPS

50 %
IPv6

32
Domains

57
Subdomains

48
IPs

12
Countries

3204 kB
Transfer

6389 kB
Size

23
Cookies

342 HTTP transactions
6 data transactions