the.regressedsonofadukeisanassassin.com Open in urlscan Pro
2606:4700:3030::6815:5ad5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.regressedsonofadukeisanassassin.com/
Effective URL:
https://the.regressedsonofadukeisanassassin.com/
Submission: On May 24 via api (May 24th 2024, 9:34:30 am UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3030::6815:5ad5, located in United States and belongs to CLOUDFLARENET, US. The main domain is the.regressedsonofadukeisanassassin.com.
TLS certificate: Issued by E1 on May 13th 2024. Valid for: 3 months.

This is the only time the.regressedsonofadukeisanassassin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3030::6815:5ad5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	172.67.161.107 172.67.161.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:911d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.17.39.115 104.17.39.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1178:1:4... 2a00:1178:1:4b::1a	35415 (WEBZILLA) (WEBZILLA)
2	2606:4700::68... 2606:4700::6810:a091	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	24.144.71.195 24.144.71.195	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	67.216.91.19 67.216.91.19	35415 (WEBZILLA) (WEBZILLA)
1	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 4	172.67.170.60 172.67.170.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.43.93 104.17.43.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
63	18

2 2606:4700:3030::6815:5ad5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.regressedsonofadukeisanassassin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
the.regressedsonofadukeisanassassin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.67.161.107 (United States)

ASN13335 (CLOUDFLARENET, US)

the.regressedsonofadukeisanassassin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
regressedsonofadukeisanassassin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:911d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hooliganmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.17.39.115 (None, )

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::1a (Netherlands)

ASN35415 (WEBZILLA, NL)

silentinevitable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a091 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 24.144.71.195 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

publishers.hooliganmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.216.91.19 (United States)

ASN35415 (WEBZILLA, NL)

www.indeliblehang.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.170.60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.43.93 (None, )

ASN13335 (CLOUDFLARENET, US)

fa.aidemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	regressedsonofadukeisanassassin.com 1 redirects www.regressedsonofadukeisanassassin.com the.regressedsonofadukeisanassassin.com regressedsonofadukeisanassassin.com	981 KB
15	demand.supply live.demand.supply — Cisco Umbrella Rank: 78628	41 KB
7	googlesyndication.com 5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	67 KB
4	fouanalytics.com 1 redirects api.fouanalytics.com — Cisco Umbrella Rank: 12890	8 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	186 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4680 onesignal.com — Cisco Umbrella Rank: 1554	74 KB
3	hooliganmedia.com cdn.hooliganmedia.com publishers.hooliganmedia.com	81 KB
2	indeliblehang.pro www.indeliblehang.pro	26 KB
2	silentinevitable.com silentinevitable.com — Cisco Umbrella Rank: 550877	14 KB
1	aidemsrv.com fa.aidemsrv.com — Cisco Umbrella Rank: 12612	736 B
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
63	12

	Domain	Requested by
19	the.regressedsonofadukeisanassassin.com	the.regressedsonofadukeisanassassin.com
15	live.demand.supply	the.regressedsonofadukeisanassassin.com live.demand.supply client
4	api.fouanalytics.com	1 redirects cdn.hooliganmedia.com api.fouanalytics.com
4	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net cdn.hooliganmedia.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.indeliblehang.pro	silentinevitable.com
2	5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.onesignal.com	the.regressedsonofadukeisanassassin.com cdn.onesignal.com
2	silentinevitable.com	the.regressedsonofadukeisanassassin.com silentinevitable.com
2	cdn.hooliganmedia.com	the.regressedsonofadukeisanassassin.com cdn.hooliganmedia.com
1	fa.aidemsrv.com
1	onesignal.com	cdn.onesignal.com
1	publishers.hooliganmedia.com	cdn.hooliganmedia.com
1	fonts.gstatic.com	fonts.googleapis.com
1	regressedsonofadukeisanassassin.com	the.regressedsonofadukeisanassassin.com
1	fonts.googleapis.com	the.regressedsonofadukeisanassassin.com
1	www.regressedsonofadukeisanassassin.com	1 redirects
63	18

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
regressedsonofadukeisanassassin.com E1	`2024-05-13` - `2024-08-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hooliganmedia.com E1	`2024-05-22` - `2024-08-20`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2024-01-20` - `2024-12-31`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
silentinevitable.com R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
onesignal.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.publishers.hooliganmedia.com E1	`2024-05-18` - `2024-08-16`	3 months	crt.sh
www.indeliblehang.pro R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
fouanalytics.com E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://the.regressedsonofadukeisanassassin.com/
Frame ID: D6E0808EC5CCDA9A16CF77E3C4C6D50F
Requests: 61 HTTP requests in this frame

Frame: https://5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 86A1307FA79B92B74D974BDE31A3AAE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0A89D491F7189CCEE0B2D34A97AF88B
Requests: 1 HTTP requests in this frame

Frame: https://5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6589BE846D5D40078C791A13E05BD037
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Regressed Son of a Duke is an Assassin Manga Online

Page URL History Show full URLs

https://www.regressedsonofadukeisanassassin.com/ HTTP 301
https://the.regressedsonofadukeisanassassin.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

47 %
IPv6

12
Domains

18
Subdomains

18
IPs

4
Countries

1527 kB
Transfer

3242 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://the.regressedsonofadukeisanassassin.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.regressedsonofadukeisanassassin.com/ HTTP 301
https://the.regressedsonofadukeisanassassin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://api.fouanalytics.com/api/noscript-3053c8p4c65wjmogn29v.gif HTTP 307
https://fa.aidemsrv.com/api/redirect.gif?61O1A9V6ORHg4nFy

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
the.regressedsonofadukeisanassassin.com/
Redirect Chain

https://www.regressedsonofadukeisanassassin.com/
https://the.regressedsonofadukeisanassassin.com/

233 KB
79 KB

668ms
667ms

Document
text/html

2606:4700:3030::6815:5ad5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5ad5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06a1ae7d849700575a41e4e11f6e7cd7d9f568f0ad025c2ae94c35e44c4dc531

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 888c4a06bf8130d0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 May 2024 09:34:19 GMT
expires: Fri, 24 May 2024 09:34:19 GMT
last-modified: Fri, 24 May 2024 09:26:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4ug8934yl3J3aF2kK3ootlUeKHRbPW%2FDadBhtTuXyoqa2854fyngvdxvTeeqzrXhhEUtb2oZY7uUdUzyC6146vAH0OK6j7jUDoI6LfeinLkmSahNVPU8mL5GJRvDn%2F73q5VIVRYYdk4Ut%2BOAJOcxJUfUBRqVGQYhJDVM%2FqK5T2zuUGUBB0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 888c4a038b1c30d0-FRA
content-type: text/html
date: Fri, 24 May 2024 09:34:18 GMT
location: https://the.regressedsonofadukeisanassassin.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UR3vG3fMO1DkI9RMDAhRg52pXLqK41IWVYEcC1zkQtSmXxh18JRIXRjJs4pPCcVC4rfy3UWODGPhVvnqv9zCXf1RAFaSVMSddnzQEkTwi08E3zit9WZGNUuh9wgz30NfVCC%2FG9TAGbZIRCcCo7TXO5sg%2FD4zzgNoORK7Ic6zGDRNQ7lql2Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H3 200 fontawesome.min.css
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/ 161 KB
38 KB 59ms
58ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/fontawesome.min.css
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cA55W2RmD758gy%2FZ8e5MNn2iZ4THzT213Vrd%2BTPXzJ%2BKECo6nWIYnZRLPGPTdKdWxo%2Bh64Wiuc2B61orOvytaY4DF83UYZJqGOmLn81g%2B0S5LSJxu%2F%2BhfbyvvKRBtdP18doemTnSqOxS8CS4U4%2F2t6jXZTBp1rbQej8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0ae8e5972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 May 2025 15:48:32 GMT

GET
H3 200 brands.min.css
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/ 18 KB
5 KB 50ms
48ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/brands.min.css
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639686ad0cfdc6a7f751fcdbd4ab4f6a29a15395792a745dfcec6c965e572339

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lfOgzt88a7SEGx%2BOCErXNXIlp%2Fb%2FpBPZjjYY1wV2q9YdFGdDRpicOAvIX4VWW3oKI2lA1vkojP9uZ5HaQ3KSL0wWEQ7VeJJO%2Fn2oWzMbbepFY3v%2F5FssURCSYPhn%2BM%2BpBEFYRRZf5SswIgYpjKgLdB3UuinmNgpSjPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0af8e8972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 May 2025 15:48:32 GMT

GET
H3 200 regular.min.css
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/ 534 B
818 B 76ms
74ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/regular.min.css
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ee1e2611af1828a330ec300c7bb7c19e5bf3df378b46ef361ce42587378fcd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 552429
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ygw8P87ZOpl6Wfw4mjHkRpPVYDcmdJviVM0JXQrN6C1FwzamPHWMr2OAozKXUX%2BlQZSshfX0uXyJ1JqMzf7bVm3Uj93jMb7S7bdGW8ey767Me7LfdZWf23be6tOvfvil90cZs5bISeLHZfEmuEfC4ogm5N76d2lkTlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0af906972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 May 2025 00:07:10 GMT

GET
H3 200 solid.min.css
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/ 526 B
853 B 51ms
48ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/solid.min.css
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85f2570bc2e8b08cbcb970aef4727a675139b424a95970c3ce3fca048165b5b8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 88907
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPKBmFo3oFrZA37AtCbxRLZeLMnCMPXTcU9huKXSO5V6pmtQtQRjzhdm5uph1NkbvLu0v85sNBMd6TA8Ln6FrcCBP5kJVS4SDKPjevVYLEg5HDyxACzImtgHdbTrs%2F%2FE68nmAmoJvgLWGaV5Qv4jCnILCcXeFlw0ypc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0af90b972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 23 May 2025 08:52:32 GMT

GET
H3 200 style.min.css
the.regressedsonofadukeisanassassin.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 77ms
75ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 19:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYjs6Kp0cwUuczEGKCO5duxR2QVs5gjWTRXa2g9sR5Uzc%2Ff9OUYNCpazRzJ5z8OuFYAgIF6I9q8VoR8Gw89EIYjQ7EakYpaP56Yhohtcda3gmGYVkZLe1w1UxCZvFC1%2BQaLqxEWZD8sSfSntY30TRa%2B7ALgVCcuLuAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0b1933972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 May 2025 15:48:32 GMT

GET
H3 200 manga-display.css
the.regressedsonofadukeisanassassin.com/wp-content/plugins/Recommendation-Host/includes/css/ 1 KB
1 KB 83ms
81ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/plugins/Recommendation-Host/includes/css/manga-display.css?ver=6.5.3
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26716463b0eed0bcbe95a27a24358c355d51d511d039100a4b27cd0e43579004

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Mar 2024 04:05:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSzHIRdrm8MZF6A%2BVAWAGjnIFaX1Nr8sSdf6Dvvw7Yvu1pxaotdAwuqnCqGsZkytSFbLtoIEMnDCV3sorTO1HFcty86XPztXCY4KNoUAB7IapHejH2Nj56mSxhPRo6%2BBmy5rISHPxBiNG%2FQzvIW4%2BWKtErQ64uOc6ns%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0b193e972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 May 2025 15:48:32 GMT

GET
H3 200 style.css
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/ 27 KB
8 KB 84ms
82ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/style.css?ver=6.5.3
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f41453813e720d4e3c1c00107b0b23ea7b24ef0cde3f2750a2eeadf9e868661

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 23:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tv157f2SpsBLf%2B0Yf4J7HLY76gEfBf7fHvLa%2F46Jh3e3ensZTuAIA6IojzMBq%2B5byICer%2B8ztINHB2praR4H6mMKEPqaAcF6hWwdDxehefpO%2Fmy7M7cc8mmPFnwk00lub710Pb%2FkqpHxHObVue1rrbK19XEq0y%2FdeAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0b1941972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 May 2025 15:48:32 GMT

GET
H3 200 report-form.css
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/css/ 2 KB
1 KB 84ms
82ms Stylesheet
text/css 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/css/report-form.css?ver=1.0
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feeafd2aff5e309b7c1b82d38d823d3c716a4efc1e788f5685a9ecb1834fe83c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqhSNFhCLry4%2FUhTLpqrNwYQFFFKRLvuVVwcoyxCiLrorHh%2BsRlw09tRNbALu5HO0vhvcasugmzGmv7kgpTT0FVMcw8M4DN%2FeshKRTdxt14%2FZyARemxDTFbyVuqzHr9kF5p92Gd2m9JcW%2BVIas8i8PB3oTookhGyxz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0b1943972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 May 2025 15:48:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 52ms
20ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext&display=swap

Requested by

Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fc2d920e0cd1e978754d27abe44b86f86091d649ef98e4cc9545b7a4ac50b45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 May 2024 09:34:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 May 2024 09:34:19 GMT

GET
H3 200 jquery.min.js Show response
the.regressedsonofadukeisanassassin.com/wp-includes/js/jquery/ 86 KB
31 KB 84ms
83ms Script
text/javascript 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 19:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oIZYa2ohg4vHxB%2BPnc9dmEO%2FkDs6BQdNKurDDhwtjhJ42UpnKiB%2BczCxveBdcihsMzEFbrmjC69DvPBnH%2BpXzd%2B0nR3GXOyBLMt2ebhfB4%2FS2JlS8rfIPmDUB4e7UlSyRZjBjD16OUr59VjHUhB%2B6Mpob6C38OzI30%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0b1945972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 15:48:32 GMT

GET
H3 200 jquery-migrate.min.js Show response
the.regressedsonofadukeisanassassin.com/wp-includes/js/jquery/ 13 KB
5 KB 107ms
106ms Script
text/javascript 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 19:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yVfcOYNfHxYCXG1PXIs9bhcNxn3fvtHLONFNfai1%2BREEafhmqD4%2F3h0ZMSJmBsCzw8%2FEzPNYCx0JNE5a80%2BV%2FvhHYoUFhpjSlx3zHF1fk709YpdHOHSj9uKX3Em0a7hnaBabefYOEsCKOjmhUdvOqwbYrfK3zNDCZrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0b194c972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 15:48:32 GMT

GET
H3 200 customscripts.js Show response
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/js/ 2 KB
1 KB 108ms
107ms Script
text/javascript 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/js/customscripts.js?ver=6.5.3
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fb54a733ed6286bed8b2540d1a07b77a1a7b86e31dea07075deaef341589c0d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:14:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014347
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zn%2BZFp7haDpk6Xgs6QjzKts4HbLMZBreLYCDejrkAGu5jZtYHA8jHDvC0ONU1NcEC1aeUOgplrHXHFGhlwqqRNSeTNfgohM9s%2B5pUEibOx2yksHHrJJxC3ELw%2FDASYeov%2F5%2BJf2EBt0hWfnyzJ8nAkQYCkC%2B1xyG39I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0b1953972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 15:48:32 GMT

GET
H2 200 hm-ads.js Show response
cdn.hooliganmedia.com/ 31 KB
6 KB 67ms
29ms Script
text/javascript 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hooliganmedia.com/hm-ads.js

Requested by

Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0d5e317216791cf5902b0fb827a7a94e54bc562c80e74ac503d53797687e3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx00000cbe246a139902f28-0065f1c73e-8d8c72e0-nyc3c
age: 2346
x-envoy-upstream-healthchecked-cluster
last-modified: Sun, 03 Mar 2024 18:16:59 GMT
server: cloudflare
etag: W/"33061247f8780b61dda1fea0de3bbb22"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript
x-do-cdn-uuid: 7dcd0873-b15b-4e73-8333-499a1d24ab87
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 888c4a0bea699bfe-FRA

GET
H3 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 129ms
98ms Script
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e19e15e0f354476d38409fd0450e0993674124b71cf2011523640af3a811db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWAW49T6DJXCHS3FM4JZGX5P
date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 630
cf-polished: origSize=5343
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"dbfb28e408f563c47c5a6f819ef24bd8-ssl-df"
cache-status: "Netlify Edge"; fwd=stale
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 888c4a0b188b9101-FRA
link: <https://live.demand.supply/impl.v17.32.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H3 200 The-Regressed-Son-of-a-Duke-is-an-Assassin.webp
the.regressedsonofadukeisanassassin.com/wp-content/uploads/2024/02/ 68 KB
68 KB 109ms
108ms Image
image/webp 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/uploads/2024/02/The-Regressed-Son-of-a-Duke-is-an-Assassin.webp
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1988c71bc6a53099b05fb77910b6ca11a0593af73a8c3b8df77bc4c79aa4852d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 538957
alt-svc: h3=":443"; ma=86400
content-length: 69180
last-modified: Sun, 25 Feb 2024 20:11:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHT9JxCk3ZjPOLFgfxP92T2nWWoYCdv15lv3yTUR9SS6hN0Caryl1CTnaupG6YYa62zD8ma9PeCHvfq9dT4jMnzlUVvJxHQ8%2FZr%2Fzm%2BwgW58NUVJEb7Rcrqfud0%2BvvpGPCBDOfOhMYGFmuAqQBybPLClTLZcpCC%2B4p0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 888c4a0b1955972a-FRA
expires: Sun, 15 Sep 2024 03:51:42 GMT

GET
H3 200 The-Regressed-Son-of-a-Duke-is-an-Assassin-Manhwa.webp
regressedsonofadukeisanassassin.com/wp-content/uploads/2024/02/ 9 KB
9 KB 31ms
30ms Image
image/webp 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://regressedsonofadukeisanassassin.com/wp-content/uploads/2024/02/The-Regressed-Son-of-a-Duke-is-an-Assassin-Manhwa.webp
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 324d74c895468d3703739c66a117a61c2d9ac7c4c74ec7b989f06de59a480a8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5383240
alt-svc: h3=":443"; ma=86400
content-length: 9056
last-modified: Sun, 25 Feb 2024 20:11:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsGFvkTuAzVH9O7PT3yP%2FHjPFXXtOKkeeOf39ER3TZwFNVZd1lF68xE3vHuHjs9ANVD%2FNccjmldkNVen6pGCPuMWgwRm0RHI23sCqOA65gFH8N9%2F2Mw8juILKFxQ8tNKRPz7F3aSdkujnZo9ht9u3K1XFofT%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 888c4a0baa8c972a-FRA
expires: Sun, 21 Jul 2024 02:13:39 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
48 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://the.regressedsonofadukeisanassassin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:46:03 GMT
x-content-type-options: nosniff
age: 110896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:46:03 GMT

GET
H3 200 impl.v17.32.0.js Show response
live.demand.supply/ 89 KB
30 KB 57ms
56ms Script
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.32.0.js

Requested by

Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77415363ffad60ce3f975e393d3ef44a47d8bddbec2f0a2f9f0e9587dd5c501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWAW44Z8KJM1G27JKQDGSW4N
date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 2486267
cf-polished: origSize=91396
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"b0ea5d9194ab3fdb131dbfcf767a3676-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 888c4a0bb9449101-FRA

GET
H3 200 dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw== Show response
live.demand.supply/p4/v17-24-0/ 1 KB
674 B 99ms
99ms Script
text/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9df3938eded3633daf65182157eef205c0c0574d2c106aa951e144ee2fa8720

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 888c4a0bb9489101-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 182ms
170ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=131&cs=c&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN6GQRG3H15ZPW4EVZNQ0
date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014495
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a0bdd412bb5-FRA

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 93 KB
30 KB 83ms
51ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d7777cb27c1707bf2f5753003056e3838b5abc563ad7c34727cf794735bf62ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30189
x-xss-protection: 0
server: cafe
etag: 819 / 19867 / 31083884 / config-hash: 4428179186715077715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 May 2024 09:34:19 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
650 B 52ms
40ms XHR
text/html 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN6GQC140Z9VSAA7T6VY1
date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1014346
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 888c4a0bdd432bb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wC Show response
silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/ 41 KB
14 KB 117ms
71ms Script
application/javascript 2a00:1178:1:4b::1a
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC

Requested by

Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

6ef88dfac49d64f28692e43122e005617831cc9147c0f1b06085625980e3435e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 24 May 2024 09:34:19 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H3 200 chapter-search.js Show response
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/js/ 1 KB
995 B 22ms
21ms Script
text/javascript 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/js/chapter-search.js
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c43144e5f31e6e81f2673a706189c7991d0ff52d28fdb0c62acd80c2b9330f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:14:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 129669
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T66CPbrUQXfpQdBbtUYe6kuuyz5PLWFBAu%2Fki6iK97Radm%2FVr%2BWT3sWhcEWLdrX06Tl9y%2BO7Q818wAuJbPVynvzI%2B3Ciqx4L%2BT4jWgRWu7H6UhSTsTElFvNI9r5bU2%2Fdsnp7iBpuGWriQUBjxp5uB8EHEicrxWGeqa0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0c1b2e972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 21 Jun 2024 21:33:10 GMT

GET
H3 200 manga-display.js Show response
the.regressedsonofadukeisanassassin.com/wp-content/plugins/Recommendation-Host/includes/js/ 1009 B
885 B 21ms
19ms Script
text/javascript 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/plugins/Recommendation-Host/includes/js/manga-display.js?ver=1.0
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ee6c97c16b58d3da64a42eee1bf4efc254b09480032983d9e2326027ee9385

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Mar 2024 04:05:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 530739
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YBpLWRLeQvifMpxlUskOIpQrMZRZ7y7aPWSiJQflKHPdXWsTDx9Xe2CVHx2XxuCsnPu8roRuZTuAJUGCH7cBkEXIbUKYJpFctcWqHF%2FTGPHCDSvNC2zMBvwNc%2BIZ1KWe9GlDIurX880NlzU4ja%2BVYE7A6Y9BDl7Yt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0c1b30972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jun 2024 06:08:40 GMT

GET
H3 200 report.js Show response
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/js/ 3 KB
1 KB 26ms
25ms Script
text/javascript 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/js/report.js
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6c0ae17941702ad4c415359bdec67d14c1784f2582287d88376074311dcdb31

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 23:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1014346
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQfew0Zu32rfa8LD0y3kbfxN%2F8CB4q4hyyjEfdTqcPLQ3gKQWdCZ4N9UiXM8q53A4BAbdUOFLf%2BXF%2FPbIsCVPQONGfDPfioMb4Ns4XBzgpg7Rei%2BXKWEdd4knbu60%2F6hm4JIy%2BaELhW7BNixw0vh11MOpnvnm91VCqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 888c4a0c1b34972a-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Jun 2024 15:48:32 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 82ms
55ms Script
application/javascript 2606:4700::6810:a091
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Requested by

Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1598
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 888c4a0c4d4d5d84-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 May 2024 09:34:19 GMT

GET
H3 200 fa-regular-400.woff2
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/ 388 KB
389 KB 31ms
31ms Font
font/woff2 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/fa-regular-400.woff2
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/regular.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/regular.min.css
Origin: https://the.regressedsonofadukeisanassassin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97810
alt-svc: h3=":443"; ma=86400
content-length: 397196
last-modified: Thu, 09 Nov 2023 16:12:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7GDoJsjcL58ZP3%2Flo5VdOvzWI%2FFfl119rOfIPvkrOWhgOlNJ0ns%2BY73qc%2BgYOcVfXMbxbwMxi23%2BcMiI%2BEVOqCLx8Sj7HUd5G6mPWEXrcf%2BrzvgIerDbMf6ioRUNK4FBQeCt4Gb7YRjz5Hn%2Fc%2BUI5oGt3pEVswkVbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 888c4a0c2b4b972a-FRA
expires: Fri, 20 Sep 2024 06:24:09 GMT

GET
H3 200 fa-solid-900.woff2
the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/ 318 KB
319 KB 24ms
24ms Font
font/woff2 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/fa-solid-900.woff2
Requested by: Host: the.regressedsonofadukeisanassassin.com
URL: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/solid.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/wp-content/themes/ifenzi-v2/fonts/aws/css/solid.min.css
Origin: https://the.regressedsonofadukeisanassassin.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1013967
alt-svc: h3=":443"; ma=86400
content-length: 325592
last-modified: Thu, 09 Nov 2023 16:12:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTnXAGOparRVo7kTeqepOwJPZZoRchyL9p7x1Jlh%2FDy%2BbTKSchODUY3MK%2FNwX2LZ5Lxx0lOm7oqrgSsQJIxDWZvcVyr4X%2B5ZpQAvdjs8umv7pxXSbUNrBluBiLwYtN%2B5x1dxM5Lvfp7cHHYAwi7TMhzKFFUOC8Ld6mg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 888c4a0c2b4f972a-FRA
expires: Mon, 09 Sep 2024 15:54:52 GMT

GET
H2 200 prebid.js Show response
cdn.hooliganmedia.com/prebid/ 235 KB
74 KB 50ms
48ms Script
text/javascript 2606:4700:4400::ac40:911d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hooliganmedia.com/prebid/prebid.js

Requested by

Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hm-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d46259d8a9cfd6e52a0bc251f717ab05dbd7526088d442a3a83037bc31b0ecd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx000003e5f1a0731d01ff1-0065e4c213-7a12c4e8-nyc3c
age: 2494
x-envoy-upstream-healthchecked-cluster
last-modified: Mon, 25 Sep 2023 19:23:44 GMT
server: cloudflare
etag: W/"f234ceccf35e1a0ce496a10a5e73dcb1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript
x-do-cdn-uuid: 7dcd0873-b15b-4e73-8333-499a1d24ab87
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 888c4a0c5aee9bfe-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
512 B 22ms
22ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=fs&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.32.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN8740SQAAGWM8JNVCVEP
date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014495
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a0c4dc72bb5-FRA

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/ 453 KB
141 KB 23ms
22ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

adaeefa326020cb39ba8c7de0a79d6daab058939b95cc3db3fa3d46c67821fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 01:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30786
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144704
x-xss-protection: 0
server: cafe
etag: 14917180474181173892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 24 May 2025 01:01:13 GMT

GET
H3 200 regressedsonofadukeisanassassin.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
375 B 593ms
593ms XHR
text/plain 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/regressedsonofadukeisanassassin.com_auto_728x90_sticky_display_bottom?mlcu=a0800935-fe74-4ff7-8aad-b3f33111c096&mlos=wi&mlbr=ch&mlla=de&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.32.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01ac3e64b27d74045aba7dd437a63db123517de7bd47d911b4c0d8d202fb0e9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 888c4a0c8dfc2bb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 51ms
50ms Script
application/javascript 2606:4700::6810:a091
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 105
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 888c4a0cbe225d84-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 May 2024 09:34:19 GMT

POST
H/1.1 201
Created get_domain_status Show response
publishers.hooliganmedia.com/api/ 32 B
288 B 533ms
198ms Fetch
application/json 24.144.71.195
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://publishers.hooliganmedia.com/api/get_domain_status
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hm-ads.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 24.144.71.195 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.24.0 (Ubuntu) / Express
Resource Hash: 6f7f0e2e670b2c36687d943991d94483a7c1a11042ddbb3a81ca0ac8f6565c71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 24 May 2024 09:34:20 GMT
server: nginx/1.24.0 (Ubuntu)
x-powered-by: Express
content-length: 32
etag: W/"20-FPC2rD0f4ePmfWasJpJhVL8mCSQ"
content-type: application/json; charset=utf-8

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
513 B 167ms
167ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=regressedsonofadukeisanassassin.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.32.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN6GQRG3H15ZPW4EVZNQ0
date: Fri, 24 May 2024 09:34:19 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014495
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a0cfe7f2bb5-FRA

GET
H2 200 container.html
5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 86A1 0
0 112ms
27ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://the.regressedsonofadukeisanassassin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 May 2024 09:34:19 GMT
expires: Sat, 24 May 2025 09:34:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5cc91e139fb0.js Show response
www.indeliblehang.pro/ecc874/ 69 KB
26 KB 172ms
21ms XHR
application/javascript 67.216.91.19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.indeliblehang.pro/ecc874/5cc91e139fb0.js
Requested by: Host: silentinevitable.com
URL: https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: e83539bc0aaa4ff08c1483e12956ade7f9b594b3ac15ab479a9c5af39bec2a73

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: MbhzUJ3abdJCAnHL7F0nDXcz/OMokKoLBXXFknDtpFrAZbVySAcrXDOO0GXmDNUxWXyPtXW95OS25mdhT/tjlBu+/ThX10k5rdTAQ2swmYU=
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 103, 23123
cache-control: max-age=314405585, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5cc91e139fb0.js Show response
www.indeliblehang.pro/ecc874/ 69 KB
0 173ms
173ms Script
application/javascript 67.216.91.19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.indeliblehang.pro/ecc874/5cc91e139fb0.js
Requested by: Host: silentinevitable.com
URL: https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: e83539bc0aaa4ff08c1483e12956ade7f9b594b3ac15ab479a9c5af39bec2a73

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: MbhzUJ3abdJCAnHL7F0nDXcz/OMokKoLBXXFknDtpFrAZbVySAcrXDOO0GXmDNUxWXyPtXW95OS25mdhT/tjlBu+/ThX10k5rdTAQ2swmYU=
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 103, 23123
cache-control: max-age=314405585, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 Yt2ux.pvZ-Wx5y0zZAG_FC0DYETF9-yHcImJlKk_PMWNYOyPN-jRYSyTMUj_UWzXMYjZg-2bMcDdlej_NgDhki4jZ-GlEm3nYoj_hqirMsTtQ-1vNwWxJyj_YAWBNChD
silentinevitable.com/ 0
322 B 35ms
35ms Ping
text/plain 2a00:1178:1:4b::1a
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://silentinevitable.com/Yt2ux.pvZ-Wx5y0zZAG_FC0DYETF9-yHcImJlKk_PMWNYOyPN-jRYSyTMUj_UWzXMYjZg-2bMcDdlej_NgDhki4jZ-GlEm3nYoj_hqirMsTtQ-1vNwWxJyj_YAWBNChD

Requested by

Host: silentinevitable.com
URL: https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 24 May 2024 09:34:19 GMT
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/fd01abb2-32cc-4edf-a1da-71deeeff1f08/ 3 KB
2 KB 102ms
63ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/fd01abb2-32cc-4edf-a1da-71deeeff1f08/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4340e8c1f57a838e8852d6d3a90c6c8b03babfaf1fc9d8bce1ad06b2c3cd7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1597
cf-polished: origSize=3567
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 487593e8-621b-4946-975a-26b1c1ff1b95
x-runtime: 0.047674
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"4c0145a323e557bd6b51f4919491f69c"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 888c4a0d980c4da8-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 24 May 2024 10:34:19 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 99ms
55ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

d85ffb1183f2b5692d47b4dbf5ae0d2e2b12eec75f2591f43c25ab32b6598b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12892
x-xss-protection: 0

GET
H3 200 The-Regressed-Son-of-a-Duke-is-an-Assassin-Online-150x150.jpg
the.regressedsonofadukeisanassassin.com/wp-content/uploads/2024/02/ 6 KB
7 KB 32ms
31ms Other
image/jpeg 172.67.161.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.regressedsonofadukeisanassassin.com/wp-content/uploads/2024/02/The-Regressed-Son-of-a-Duke-is-an-Assassin-Online-150x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f4c9d9a9f8caefc01e201b5e14dd70f6627c1c33e3846219e8dc5df62c860a3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1014341
alt-svc: h3=":443"; ma=86400
content-length: 6243
last-modified: Sun, 25 Feb 2024 20:11:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxYFQERBOfkmjK09WFks4BmlRnCJQYvQf6f59hEPjpYoGmw4caXm45KanoTiRhmJHcpVLbTIIU0p1kiljkeXsShcv2x4pBQVJETpX2CZ80kgyBEg7iRAYgDDCxHL6O6lNimDa%2Fe0cxN72kVcFfta7h%2BdlIdMqUzUWOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 888c4a0e9f99972a-FRA
expires: Mon, 09 Sep 2024 15:48:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 258ms
33ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 May 2024 09:34:20 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
512 B 32ms
31ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=regressedsonofadukeisanassassin.com_auto_728x90_sticky_display_bottom&pdc=0.3124227002263069&e=tcp&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.32.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN6GQRG3H15ZPW4EVZNQ0
date: Fri, 24 May 2024 09:34:20 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014496
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a106a832bb5-FRA

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 849 B
481 B 258ms
257ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4385746324389239&correlator=1090493571128204&eid=31079957%2C31083884%2C44777900%2C31078668&output=ldjh&gdfp_req=1&vrg=202405200101&ptt=17&impl=fif&ltd_cs=1&iu_parts=44890869%3A22894525440%2Cca-pub-3831894559014614-tag%2Ca4da0ec6-c35b-41a8-98d7-da08dd19d018&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fas=1&eri=1&sc=1&abxe=1&dt=1716543260211&lmt=1716542788&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fthe.regressedsonofadukeisanassassin.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1789826997.1716543260&ga_sid=1716543260&ga_hid=752861255&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1716543259340&idt=322&prev_scp=ti%3Da0800935-fe74-4ff7-8aad-b3f33111c096%26chrand%3Dy%26pof%3D0%26pdc%3D0.3124%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D95&adks=1335285266&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

86e460468371812749ed326431ce2dca7173464d00bda1f9db6518b1f5c9d05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 452
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://the.regressedsonofadukeisanassassin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/ 47 KB
15 KB 18ms
18ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl_page_level_ads.js?cb=31083884

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4d77457b68a0302f4806201ef1ac542562588a2c18c13d1949485ecb642a7e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84708
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15243
x-xss-protection: 0
server: cafe
etag: 5229628316685409199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 May 2025 10:02:32 GMT

GET
H3 200 init-3053c8p4c65wjmogn29v.js Show response
api.fouanalytics.com/api/ 318 B
727 B 281ms
250ms Script
text/javascript 172.67.170.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-3053c8p4c65wjmogn29v.js
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hm-ads.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1579f3bd34e1413f39a9496198a00582adba8370f26dc4abc2eff5b4d77714cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 09:34:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWhqpJaW19aZb7PNNbiY7v7p6tS3h94KXPqW4ObwmoVVFXVpvA4itgfYhQfVMhMPbaxFf3Ciy1b6P8dEHDZcm%2FgioRVh5oRhzjiMyT59nrzMoIFTkX9fPRC5z5JiXdl40d6dr0vKLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 888c4a10ae3271dc-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0
expires: 0

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
511 B 155ms
155ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=nsi&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN8740SQAAGWM8JNVCVEP
date: Fri, 24 May 2024 09:34:20 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014496
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a108a9c2bb5-FRA

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 93 KB
0 0ms
0ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hm-ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d7777cb27c1707bf2f5753003056e3838b5abc563ad7c34727cf794735bf62ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30189
x-xss-protection: 0
server: cafe
etag: 819 / 19867 / 31083884 / config-hash: 4428179186715077715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 May 2024 09:34:19 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
511 B 33ms
33ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=nsi&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN8740SQAAGWM8JNVCVEP
date: Fri, 24 May 2024 09:34:20 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014496
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a108aa32bb5-FRA

GET
H3

200

redirect.gif
fa.aidemsrv.com/api/
Redirect Chain

https://api.fouanalytics.com/api/noscript-3053c8p4c65wjmogn29v.gif
https://fa.aidemsrv.com/api/redirect.gif?61O1A9V6ORHg4nFy

45 B
736 B

477ms
454ms

Image
image/gif

104.17.43.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa.aidemsrv.com/api/redirect.gif?61O1A9V6ORHg4nFy
Protocol: H3
Server: 104.17.43.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacc3415ac477e2881e621274425641e828cf53353de1d392e14a4f067b42c6f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://the.regressedsonofadukeisanassassin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 May 2024 09:34:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7q2IJKiTldqRJiln6AEhwNsRZ7Uk8w8IJkNWKRHw7iu2AiuOClzht3xOei2uVVanHpHQUzIQFgf%2BGN73IqaZgD5PlheoVqj92QHvbe1msX86YZNzCoRVqPlF34EQR2MNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 888c4a124c2d90d7-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 May 2024 09:34:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uJk2%2FQAGw%2FszgdeIa%2FycpdM2s2KEP9Tcmyp%2FMRlfIO97iTYTtNcgv%2FPTw8vU1JEKMSmW8IbYQTyjkGTfQG6TAbSvkWGerviaOduwOyqiYH6vLmmMQXZRSMuFeBuxmSURzN4IrM9jjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://fa.aidemsrv.com/api/redirect.gif?61O1A9V6ORHg4nFy
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 888c4a10ae3571dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 168
priority: u=3,i
expires: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A0A8 0
0 40ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://the.regressedsonofadukeisanassassin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 7537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 May 2024 07:28:43 GMT
expires: Sat, 24 May 2025 07:28:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 159 KB
47 KB 224ms
224ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4385746324389239&correlator=2486845472936213&eid=31079957%2C31083884%2C44777900%2C31078668&output=ldjh&gdfp_req=1&vrg=202405200101&ptt=17&impl=fif&ltd_cs=1&iu_parts=44890869%3A22894525440%2Cca-pub-3831894559014614-tag%2C1262ca9f-981b-4689-8e4c-fa8c0489e4fd&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=1&eri=1&sc=1&abxe=1&dt=1716543260497&lmt=1716542788&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fthe.regressedsonofadukeisanassassin.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1789826997.1716543260&ga_sid=1716543260&ga_hid=752861255&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1716543259340&idt=322&prev_scp=ti%3Da0800935-fe74-4ff7-8aad-b3f33111c096%26chrand%3Dy%26pof%3D0%26pdc%3D0.3124%26interstitials-bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D95&cust_params=site%3Dthe.regressedsonofadukeisanassassin.com&adks=1167914857&frm=20&eo_id_str=ID%3D993670934d87956d%3AT%3D1716543260%3ART%3D1716543260%3AS%3DAA-AfjZAg88e5IwdQO-hS_8iU6-Y

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

68ad595ee166bea7f6401cc0db366b33d74dffdd221bf3d4b8b240b609547290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47835
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://the.regressedsonofadukeisanassassin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
7 KB 23ms
23ms Script
text/javascript 172.67.170.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-3053c8p4c65wjmogn29v.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d20c481e50170ca79ba8d1e25956a4dd11088bdd7ccd13cdd0b45f96b20c535

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 09:34:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 39743
etag: W/"65fff55c-3bdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owQeVk8yKIqXg2ee5QO5eQoB4hnIOST%2Bd7F8WWNWyUZ5VKwtezcIUMx8B1umyiuHesmLelwYVi6Yp3mf0or9L1g6NZl1iMJBIsuXWZLI0QB1LzfzxwlZ3sGWA%2Fo6FQPuc%2FSpvK2aaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 888c4a12494271dc-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

GET
H2 200 container.html
5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6589 0
0 1ms
1ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js?cb=31083884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://the.regressedsonofadukeisanassassin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 May 2024 09:34:19 GMT
expires: Sat, 24 May 2025 09:34:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
512 B 147ms
147ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=regressedsonofadukeisanassassin.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.3124227002263069&ds=true&e=wdp&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.32.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN6GQRG3H15ZPW4EVZNQ0
date: Fri, 24 May 2024 09:34:20 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014496
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a13ce6b2bb5-FRA

GET
H3 200 sda.css
live.demand.supply/css/ 4 KB
2 KB 30ms
30ms Stylesheet
text/css 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/css/sda.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQ01J6EEB1QSNKKNYKWECV
date: Fri, 24 May 2024 09:34:20 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1015244
cache-status: "Netlify Edge"; hit
etag: W/"e40559eb4b6a422ce65b7f620d726f96-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 888c4a13cc5b9101-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
509 B 30ms
30ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=0.01&b=3&r=regressedsonofadukeisanassassin.com_auto_728x90_sticky_display_bottom&sy=2f6f3cbf-186c-4897-8006-6cba7c7247a5&ts=95&cd=2&pud=131&pus=c&pue=1388&pid=63&pis=c&pie=1452&ppd=100&pps=a&ppe=1489&pcl=1479&ttc=1508&tti=2677&ttif=0&lca=1489&lcak=ppe&lct=1489&lctk=ppe&mlbr=ch&mlos=wi&mlla=de&mlco=de&mldo=the.regressedsonofadukeisanassassin.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=unset&e=lm&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.32.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN6GQRG3H15ZPW4EVZNQ0
date: Fri, 24 May 2024 09:34:20 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014496
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a13ce732bb5-FRA

POST
H3 200 x
api.fouanalytics.com/api/ 0
402 B 220ms
220ms Ping
text/plain 172.67.170.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 May 2024 09:34:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCMoaQ6qJDkF1ODyG6OSuc9EQYG3n%2B7ReZIoI3dw%2B17xH4DvsTNzCb17lYPjD2AZ%2FO3Xjeh7wjpQXluxHiovjelnBtyqLi50%2F%2FqBcBmwrU59quStT3G4vs7K0JRuYlhkwdJevpyhKA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 888c4a13fbb271dc-FRA
alt-svc: h3=":443"; ma=86400
priority: u=4,i

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
513 B 57ms
55ms XHR
application/javascript 104.17.39.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=regressedsonofadukeisanassassin.com_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=dGhlLnJlZ3Jlc3NlZHNvbm9mYWR1a2Vpc2FuYXNzYXNzaW4uY29tLw==

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.32.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.39.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://the.regressedsonofadukeisanassassin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXPQN6GQRG3H15ZPW4EVZNQ0
date: Fri, 24 May 2024 09:34:25 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1014501
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "799cfe824336f1fce20d72fb9944d5d5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 888c4a31ee5f2bb5-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405200101&jk=4385746324389239&bg=!39yl3JPNAAaTdHvKs3Q7ADQBe5WfOJ4nUIm8M4dMjP82s1mfehh6nNaoTbSO4lxJ963J3wMhGOcul8DComMsyaQ_e3u9AgAAAFpSAAAAiWgBB34ANuYJU0VRywVZkxWi4_RJKdKyrIbBj5hDOQidm0lxfhW3NJPd_L6PXlI4Ju0C7Rk93x5f-duHMgoAGBpv9rS8Lt0aYa34vUfgcCS50ZX-85BX85kCqwI7vr9Hxb48_cdedovyXVq3FuQ1Mvt10vKrN61ivkKi546wp8g_S4YCOO7q6miKoHtIvv250wnKk84pcWDhOIWG95b3phrX3OsbHgfdUieuyNUFA0e0Zzl5vCaF_gPFq44aBZqDXOA1ziQ-tlqA6NQoMdxPpgwRMnxo8Inuc_g85JHSCT2oe7fXjtChhv2EY5Fieqj-L4rFQD9DaW52IasqNxWJTLiQGHehiOjRJTA0I_eEhOprruuUMtCu11-G7T9Ku9AuZ6K4agpjxMO9AygpsmweJha2xE6dLxrObGk5PQOlHBs9GP2L5YOAjT3S2o9Pmp-AJinf5Os5L6FfHsQxQVtGJtTiS0odoxYwxl-Q1xDk3n4-66lXkiOeIkGoR1hu3SdZkYSuruvWua8Ifqm3vhVdq7ZwuPZEFvUP3B2TLOo48R7gq6uuKSvFmc5AnZJf5mAuDmJ64PoMJdcnbxljMO5DZdo20vsC-m0IAsDS_nwX5sf_ggLmxlHd3PzOKAEOGmJ-sNS6VLyO8dfR3Bi0vGY0nvNwVEkKIyl5knxKo54PzWvv_CE1vReQ_-LQ6Xx_GD-Mhgm5jmKoCbAKqCBK7WWYdt6OqwGi1FZklfrbnYDnpZ6PsbYMF1syjCeQURRVIIIaBWZIutE8tdiM9pwy8apAvXJk7jVaaAUVSD3O0TvC5GXArGhjF8H7_x5WvMyNSMW2hVVV425VB1n17FvuxvqmjmDdFU52e9h3ptJkAbHKR7lTuT51QDDwWb2CMnZD2DYhezQ_4c-TNqNKjO7hd0vIClLa-shto3yysfR57rXdcP9QhxfuKgM8r23ljL_byZK0p-Hlh-LcVi7atxzyGmmiH6M8Ao5wOjVSJ4vp0j7SdBU_Xb_5ghuTrl7tEatXJ1xYQNtQJan5

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demand.supply/	1970-01-20 20:49:05	Name: __cf_bm Value: Yq4p9yiCE9.3FzwQmIvP6VFk.KWoAMlpDMA3TRN9rzs-1716543259-1.0.1.1-RStx_Qrbktn3DDT.Kppj508g1FmF8IAL7yvzfsfPH8tjoDT.nKVHAaoVWgnwgcYhQDXS41lYS_QEiQB_hC4LaA
.cdn.hooliganmedia.com/	1970-01-20 20:49:05	Name: __cf_bm Value: 4YwQsade5K83iWxQXhK2mSGDu30iqftjXEzYuLmL.Us-1716543259-1.0.1.1-IR8dncYs5XtjEYUB8TERbnnfTfCJBKEkLmZtq971iGuqTPGkNvhOrEHFEj8XxhXJdsjiMJePacnD0C7Gq.4DNQ
the.regressedsonofadukeisanassassin.com/	1969-12-31 23:59:59	Name: userSession Value: 1716543259531
.onesignal.com/	1970-01-20 20:49:05	Name: __cf_bm Value: K9k4GMK70cJiaLe9Ba0ggmimxqZhQeFgshFjBc0dyA8-1716543259-1.0.1.1-6k_y1FIW.cJKJ64TmGWncm4Lw3KxH5ow0w9mj3qfR9jxKG0Iz6wvdnF6FNFiUs3xay8UZd8EmzdhvrJDnkoBxA
.regressedsonofadukeisanassassin.com/	1970-01-21 01:08:15	Name: __eoi Value: ID=993670934d87956d:T=1716543260:RT=1716543260:S=AA-AfjZAg88e5IwdQO-hS_8iU6-Y
.aidemsrv.com/	1970-01-20 20:49:05	Name: __cf_bm Value: 3qw8jzU8VdMXJQIRed.YbAWStHmDpVf2KtPox7Sxy90-1716543260-1.0.1.1-V1jpnqozBtAKyaAWUEr4VNDO63YwdaFgDsSNTZaYx8rooF6C6ge0NJ1Jzw2RVD2qPxs4JRwD6nAAc1DUIUgk.g

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/(Line 599) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://the.regressedsonofadukeisanassassin.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f239fb5d0861ef40f81995100ba165d.safeframe.googlesyndication.com
api.fouanalytics.com
cdn.hooliganmedia.com
cdn.onesignal.com
fa.aidemsrv.com
fonts.googleapis.com
fonts.gstatic.com
live.demand.supply
onesignal.com
pagead2.googlesyndication.com
publishers.hooliganmedia.com
regressedsonofadukeisanassassin.com
securepubads.g.doubleclick.net
silentinevitable.com
the.regressedsonofadukeisanassassin.com
tpc.googlesyndication.com
www.indeliblehang.pro
www.regressedsonofadukeisanassassin.com
pagead2.googlesyndication.com
104.17.111.223
104.17.39.115
104.17.43.93
142.250.186.66
172.217.16.194
172.67.161.107
172.67.170.60
24.144.71.195
2606:4700:3030::6815:5ad5
2606:4700:4400::ac40:911d
2606:4700::6810:a091
2a00:1178:1:4b::1a
2a00:1450:4001:806::2001
2a00:1450:4001:811::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:830::2001
67.216.91.19
06a1ae7d849700575a41e4e11f6e7cd7d9f568f0ad025c2ae94c35e44c4dc531
1579f3bd34e1413f39a9496198a00582adba8370f26dc4abc2eff5b4d77714cf
1988c71bc6a53099b05fb77910b6ca11a0593af73a8c3b8df77bc4c79aa4852d
1d20c481e50170ca79ba8d1e25956a4dd11088bdd7ccd13cdd0b45f96b20c535
25ee6c97c16b58d3da64a42eee1bf4efc254b09480032983d9e2326027ee9385
26716463b0eed0bcbe95a27a24358c355d51d511d039100a4b27cd0e43579004
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
324d74c895468d3703739c66a117a61c2d9ac7c4c74ec7b989f06de59a480a8a
36c43144e5f31e6e81f2673a706189c7991d0ff52d28fdb0c62acd80c2b9330f
3f41453813e720d4e3c1c00107b0b23ea7b24ef0cde3f2750a2eeadf9e868661
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4d77457b68a0302f4806201ef1ac542562588a2c18c13d1949485ecb642a7e28
4fc2d920e0cd1e978754d27abe44b86f86091d649ef98e4cc9545b7a4ac50b45
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56ee1e2611af1828a330ec300c7bb7c19e5bf3df378b46ef361ce42587378fcd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639686ad0cfdc6a7f751fcdbd4ab4f6a29a15395792a745dfcec6c965e572339
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
68ad595ee166bea7f6401cc0db366b33d74dffdd221bf3d4b8b240b609547290
6ef88dfac49d64f28692e43122e005617831cc9147c0f1b06085625980e3435e
6f7f0e2e670b2c36687d943991d94483a7c1a11042ddbb3a81ca0ac8f6565c71
85f2570bc2e8b08cbcb970aef4727a675139b424a95970c3ce3fca048165b5b8
86e460468371812749ed326431ce2dca7173464d00bda1f9db6518b1f5c9d05b
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9f4c9d9a9f8caefc01e201b5e14dd70f6627c1c33e3846219e8dc5df62c860a3
9fb54a733ed6286bed8b2540d1a07b77a1a7b86e31dea07075deaef341589c0d
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410
adaeefa326020cb39ba8c7de0a79d6daab058939b95cc3db3fa3d46c67821fa6
b6c0ae17941702ad4c415359bdec67d14c1784f2582287d88376074311dcdb31
b77415363ffad60ce3f975e393d3ef44a47d8bddbec2f0a2f9f0e9587dd5c501
b9df3938eded3633daf65182157eef205c0c0574d2c106aa951e144ee2fa8720
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d01ac3e64b27d74045aba7dd437a63db123517de7bd47d911b4c0d8d202fb0e9
d0d5e317216791cf5902b0fb827a7a94e54bc562c80e74ac503d53797687e3b2
d46259d8a9cfd6e52a0bc251f717ab05dbd7526088d442a3a83037bc31b0ecd5
d7777cb27c1707bf2f5753003056e3838b5abc563ad7c34727cf794735bf62ec
d85ffb1183f2b5692d47b4dbf5ae0d2e2b12eec75f2591f43c25ab32b6598b6e
dacc3415ac477e2881e621274425641e828cf53353de1d392e14a4f067b42c6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4340e8c1f57a838e8852d6d3a90c6c8b03babfaf1fc9d8bce1ad06b2c3cd7d3
e7e19e15e0f354476d38409fd0450e0993674124b71cf2011523640af3a811db
e83539bc0aaa4ff08c1483e12956ade7f9b594b3ac15ab479a9c5af39bec2a73
e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
feeafd2aff5e309b7c1b82d38d823d3c716a4efc1e788f5685a9ecb1834fe83c

the.regressedsonofadukeisanassassin.com Open in urlscan Pro 2606:4700:3030::6815:5ad5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

47 %IPv6

12 Domains

18 Subdomains

18 IPs

4 Countries

1527 kBTransfer

3242 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

the.regressedsonofadukeisanassassin.com Open in urlscan Pro
2606:4700:3030::6815:5ad5 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

47 %
IPv6

12
Domains

18
Subdomains

18
IPs

4
Countries

1527 kB
Transfer

3242 kB
Size

6
Cookies

63 HTTP transactions
1 data transactions