aminoapps.com Open in urlscan Pro
52.38.135.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aminoapps.com/p/ghkpxd
Effective URL:
https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Submission: On February 06 via manual (February 6th 2021, 9:09:54 pm UTC) from CO

Summary HTTP 141 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 28 domains to perform 141 HTTP transactions. The main IP is 52.38.135.31, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is aminoapps.com.
TLS certificate: Issued by Amazon on June 4th 2020. Valid for: a year.

This is the only time aminoapps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 7	52.38.135.31 52.38.135.31	16509 (AMAZON-02) (AMAZON-02)
24	65.9.58.47 65.9.58.47	16509 (AMAZON-02) (AMAZON-02)
1	143.204.93.91 143.204.93.91	16509 (AMAZON-02) (AMAZON-02)
36	13.224.194.79 13.224.194.79	16509 (AMAZON-02) (AMAZON-02)
2	65.9.58.106 65.9.58.106	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.78.36 13.225.78.36	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.93.32 143.204.93.32	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4001:c32::8a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	92.122.214.146 92.122.214.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	35.194.11.13 35.194.11.13	15169 (GOOGLE) (GOOGLE)
6	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:f200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.93.123 143.204.93.123	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	143.204.93.17 143.204.93.17	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1	34.250.244.32 34.250.244.32	16509 (AMAZON-02) (AMAZON-02)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	88.214.207.190 88.214.207.190	46636 (NATCOWEB) (NATCOWEB)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
141	38

7 52.38.135.31 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-135-31.us-west-2.compute.amazonaws.com

aminoapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 65.9.58.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)

wa1.narvii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-91.fra50.r.cloudfront.net

js.media-lab.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 13.224.194.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-79.fra2.r.cloudfront.net

pm1.narvii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.58.106 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cm1.narvii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-36.fra2.r.cloudfront.net

s0.ipstatp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-32.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4001:c32::8a (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.122.214.146 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-122-214-146.deploy.static.akamaitechnologies.com

maliva-mcs.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.194.11.13 (United States)

ASN15169 (GOOGLE, US)
PTR: 13.11.194.35.bc.googleusercontent.com

apps.media-lab.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-123.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-17.fra50.r.cloudfront.net

pv1.narvii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5a5549d8e7535c73e616aa8e8aae25e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.244.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-244-32.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.207.190 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.mobfox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	narvii.com wa1.narvii.com pm1.narvii.com cm1.narvii.com pv1.narvii.com	1 MB
14	media-lab.ai js.media-lab.ai apps.media-lab.ai	9 KB
11	googlesyndication.com 5a5549d8e7535c73e616aa8e8aae25e3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	20 KB
8	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	134 KB
7	aminoapps.com 3 redirects aminoapps.com	32 KB
6	googleapis.com fonts.googleapis.com firebase.googleapis.com firebaseinstallations.googleapis.com	3 KB
5	ampproject.org cdn.ampproject.org	97 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	59 KB
4	byteoversea.com maliva-mcs.byteoversea.com	4 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	google.com 1 redirects ampcid.google.com adservice.google.com www.google.com	1 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	emxdgt.com 2 redirects cs.emxdgt.com	598 B
2	nr-data.net bam-cell.nr-data.net	1 KB
2	googletagmanager.com www.googletagmanager.com	83 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
1	pubmatic.com ads.pubmatic.com
1	mobfox.com 1 redirects cs.mobfox.com	659 B
1	gumgum.com rtb.gumgum.com
1	districtm.io cdn.districtm.io
1	google.pl adservice.google.pl	803 B
1	newrelic.com js-agent.newrelic.com	11 KB
1	google.de ampcid.google.de	282 B
1	quantcount.com rules.quantcount.com	355 B
1	ipstatp.com s0.ipstatp.com	8 KB
141	28

	Domain	Requested by
36	pm1.narvii.com	aminoapps.com wa1.narvii.com
24	wa1.narvii.com	aminoapps.com wa1.narvii.com
13	apps.media-lab.ai	js.media-lab.ai
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net aminoapps.com tpc.googlesyndication.com cdn.ampproject.org
7	aminoapps.com	3 redirects wa1.narvii.com
6	securepubads.g.doubleclick.net	js.media-lab.ai securepubads.g.doubleclick.net aminoapps.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	maliva-mcs.byteoversea.com	s0.ipstatp.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	ib.adnxs.com	3 redirects
3	www.google-analytics.com	aminoapps.com www.google-analytics.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	cs.emxdgt.com	2 redirects
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	firebase.googleapis.com	www.gstatic.com
2	www.googletagmanager.com	www.gstatic.com www.googletagmanager.com
2	www.gstatic.com	aminoapps.com
2	fonts.googleapis.com	aminoapps.com securepubads.g.doubleclick.net
2	cm1.narvii.com	aminoapps.com
1	googleads.g.doubleclick.net	aminoapps.com
1	www.google.com	1 redirects
1	ads.pubmatic.com	js.media-lab.ai
1	cs.mobfox.com	1 redirects
1	rtb.gumgum.com	js.media-lab.ai
1	cdn.districtm.io	js.media-lab.ai
1	5a5549d8e7535c73e616aa8e8aae25e3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	js-agent.newrelic.com	aminoapps.com
1	pixel.quantserve.com	aminoapps.com
1	pv1.narvii.com	aminoapps.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	certify.alexametrics.com	aminoapps.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	aminoapps.com
1	certify-js.alexametrics.com	aminoapps.com
1	s0.ipstatp.com	aminoapps.com
1	js.media-lab.ai	aminoapps.com
141	43

This site contains links to these domains. Also see Links.

Domain
youtu.be
www.facebook.com
twitter.com
www.tumblr.com
narvii.com
support.aminoapps.com

Subject Issuer	Validity	Valid
*.aminoapps.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
*.narvii.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
*.media-lab.ai Amazon	`2020-08-13` - `2021-09-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.sgpstatp.com Amazon	`2020-06-25` - `2021-07-25`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.byteoversea.com RapidSSL RSA CA 2018	`2019-10-11` - `2022-01-09`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.google.pl GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Frame ID: C49BF3293D323D2952DCBB282A1B93EC
Requests: 112 HTTP requests in this frame

Frame: https://apps.media-lab.ai/doh/ingest?partner=appnexus&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=5314374601846871334
Frame ID: 38E3E7B37AC0580D88F9E231C788BC44
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/?sellerid=101159
Frame ID: FD3E9704128FE29307AC85409B45444D
Requests: 1 HTTP requests in this frame

Frame: https://apps.media-lab.ai/doh/ingest?partner=emx&uid=5314374601846871334brt153931612645770396316f1
Frame ID: 0816E969FE77253FFD060387E3501F81
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jwsmmlmf?gdpr=0&iframe=1&r=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dgumgum%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D
Frame ID: 52A362297CE8E84AA68A4269D5B24C25
Requests: 1 HTTP requests in this frame

Frame: https://apps.media-lab.ai/doh/ingest?partner=ix&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=YB8FiuJ2KIvDNJEREQ0Y2gAA%261148
Frame ID: EF8994DF219115EC96BB1E5A6A33654F
Requests: 1 HTTP requests in this frame

Frame: https://apps.media-lab.ai/doh/ingest?partner=mobfox&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=7389f5da-1f85-4229-a3e8-c46ae310c0df
Frame ID: 1472F397DF5833840993D3DB76399D7D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156998&s=767985&userIdMacro=PM_UID&predirect=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dpubmatic%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3DPM_UID
Frame ID: 1657898009718786B6A0B38D68C9CB6C
Requests: 1 HTTP requests in this frame

Frame: https://apps.media-lab.ai/doh/ingest?partner=sovrn&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=d4df508c604f616c4aa48586
Frame ID: FD6C551FD33E85F79FDCD85CA26E87A4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: AB593ED9DAAC98B6BE8249CFDA2F1D8E
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: AB51433BD48347759496378DD0417908
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://aminoapps.com/p/ghkpxd HTTP 301
https://aminoapps.com/p/ghkpxd HTTP 301
https://aminoapps.com/p/ghkpxd/ HTTP 301
https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

141
Requests

100 %
HTTPS

49 %
IPv6

28
Domains

43
Subdomains

38
IPs

6
Countries

1814 kB
Transfer

2922 kB
Size

30
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://youtu.be/wB7VuR_7Rts
Title: Song 1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Faminoapps.com%2Fp%2Fghkpxd
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=http%3A%2F%2Faminoapps.com%2Fp%2Fghkpxd&text=Mei+Lan
Title:

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=http%3A%2F%2Faminoapps.com%2Fp%2Fghkpxd&text=Mei+Lan
Title:

Search URL Search Domain Scan URL

URL: http://narvii.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://support.aminoapps.com/hc/en-us/articles/360004040313-Does-Amino-use-cookies-on-its-website-
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aminoapps.com/p/ghkpxd HTTP 301
https://aminoapps.com/p/ghkpxd HTTP 301
https://aminoapps.com/p/ghkpxd/ HTTP 301
https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://ib.adnxs.com/getuid?https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dappnexus%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fapps.media-lab.ai%252Fdoh%252Fingest%253Fpartner%253Dappnexus%2526uid%253D6e8b3b62-41bb-4c85-9161-d13a1288890d%2526property_id%253Daminoapps.com%2526app_version%253Dweb_0.0.1%2526lib_version%253Dweb_1.1.8%2526partner_uid%253D%2524UID HTTP 302
https://apps.media-lab.ai/doh/ingest?partner=appnexus&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=5314374601846871334

Request Chain 110

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Demx%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D$UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Demx%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D%24EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=5314374601846871334&redirect=https://apps.media-lab.ai/doh/ingest?partner=emx&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=$EMXUID HTTP 302
https://apps.media-lab.ai/doh/ingest?partner=emx&uid=5314374601846871334brt153931612645770396316f1

Request Chain 112

https://ssum-sec.casalemedia.com/usermatchredir?s=187335&cb=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dix%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=187335&cb=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dix%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D&C=1 HTTP 302
https://apps.media-lab.ai/doh/ingest?partner=ix&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=YB8FiuJ2KIvDNJEREQ0Y2gAA%261148

Request Chain 113

https://cs.mobfox.com/1af518a91fb9471ec20984ad23975b23.gif?puid=[UID]&redir=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dmobfox%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D[UID] HTTP 302
https://apps.media-lab.ai/doh/ingest?partner=mobfox&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=7389f5da-1f85-4229-a3e8-c46ae310c0df

Request Chain 115

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dsovrn%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D$UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dsovrn%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D%24UID&sovrn_retry=true HTTP 307
https://apps.media-lab.ai/doh/ingest?partner=sovrn&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=d4df508c604f616c4aa48586

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

141 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL Show response
aminoapps.com/c/attackontitan-amino/page/item/mei-lan/
Redirect Chain

http://aminoapps.com/p/ghkpxd
https://aminoapps.com/p/ghkpxd
https://aminoapps.com/p/ghkpxd/
https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

83 KB
25 KB

528ms
527ms

Document
text/html

52.38.135.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.38.135.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-135-31.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

900fb986a98091617d75112082a318da55df627feaf94e290f023cf0e5218762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: aminoapps.com
:scheme: https
:path: /c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: session=.eJwNy8EKgkAQANBfiTl30EUvgpfYNRRmQhCX3YuULuXmSIhlKP57vfvboHm5ia-jG2dI5untjtC5T9-6pu8g2eBwgwRQqoiE9STqB3HBdCYmjwJlGZBQAa7PL8l6ML4MrS7YVPfIcD0g58KsGBmtBK5tbPl_zrjYKg8vOuuRzWr8yaPsButVTDrzuKQp7PsPIx0yQQ.YB8Fhw.By5B1QYYwhKYCIW-fC9dPYc0KJM; exp=60-0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:28 GMT
content-type: text/html; charset=utf-8
server: openresty/1.15.8.2
cache-control: private, no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: User-Agent
set-cookie: session=.eJwNy8EKgkAQANBfiTl30EUvgpfYNRRmQhCX3YuULuXmSIhlKP57vfvboHm5ia-jG2dI5untjtC5T9-6pu8g2eBwgwRQqoiE9STqB3HBdCYmjwJlGZBQAa7PL8l6ML4MrS7YVPfIcD0g58KsGBmtBK5tbPl_zrjYKg8vOuuRzWr8yaPsButVTDrzuKQp7PsPIx0yQQ.YB8FiA.DNnvkLON0PdSizFwUflp7xVupJ8; Domain=.aminoapps.com; Expires=Sun, 19-Aug-2334 21:09:28 GMT; HttpOnly; Path=/
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-envoy-upstream-service-time: 133

Redirect headers

date: Sat, 06 Feb 2021 21:09:27 GMT
content-type: text/html; charset=utf-8
content-length: 403
location: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
server: openresty/1.15.8.2
set-cookie: exp=60-0; Domain=.aminoapps.com; Expires=Sun, 07-Feb-2021 21:09:27 GMT; Max-Age=86400; Secure; HttpOnly; Path=/ session=.eJwNy8EKgkAQANBfiTl30EUvgpfYNRRmQhCX3YuULuXmSIhlKP57vfvboHm5ia-jG2dI5untjtC5T9-6pu8g2eBwgwRQqoiE9STqB3HBdCYmjwJlGZBQAa7PL8l6ML4MrS7YVPfIcD0g58KsGBmtBK5tbPl_zrjYKg8vOuuRzWr8yaPsButVTDrzuKQp7PsPIx0yQQ.YB8Fhw.By5B1QYYwhKYCIW-fC9dPYc0KJM; Domain=.aminoapps.com; Expires=Sun, 19-Aug-2334 21:09:27 GMT; HttpOnly; Path=/
cache-control: private, no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: User-Agent
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 39

GET
H2 200 main.762c5543a.js Show response
wa1.narvii.com/static/dist/js/ 201 KB
57 KB 195ms
68ms Script
application/x-javascript 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa1.narvii.com/static/dist/js/main.762c5543a.js
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c10cc72b40fb47589bce48be3ba229f5eedf31eaaf26f24be6c96501df6e204

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:25:53 GMT
content-encoding: gzip
last-modified: Sat, 23 Jan 2021 22:26:59 GMT
server: AmazonS3
age: 204215
etag: W/"1bd92878b5602073fbbd18eb6d21a6cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: XbFnEPlUM2CCsKWWssispyF6IH4nin.h
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
content-type: application/x-javascript
x-amz-cf-id: rEknm5xbmgIniC3a_G4-cL4QW9dc19hIlBl5y5QT5BQGX_mVuqAS6g==

GET
H2 200 desktop-style.85d10f7d7.css
wa1.narvii.com/static/dist/css/ 162 KB
30 KB 194ms
68ms Stylesheet
text/css 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa1.narvii.com/static/dist/css/desktop-style.85d10f7d7.css
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb970d6ad0eee071cded1f2f077d1d3d39fe6944a78b634d5ec34d7df607a36e

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: arnRV49X1sUh6jtR8jFm_8qMxaAb5OF4
content-encoding: gzip
last-modified: Sat, 23 Jan 2021 22:26:59 GMT
server: AmazonS3
age: 58571
etag: W/"3381ba46c5f04fc56e1b90bc4cdeb45a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: public,max-age=604800
date: Sat, 06 Feb 2021 04:56:32 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Sr1U2O36PrQKD2Af5D2zIY2A-J-bCEVzXBsZbiTaM-1F7enAFnI01g==

GET
H2 200 wana.1.1.8.js Show response
js.media-lab.ai/ 18 KB
7 KB 158ms
48ms Script
application/javascript 143.204.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.media-lab.ai/wana.1.1.8.js
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-91.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b1095f273553861416fd3fd193ef203a9bfb9e42ae48702f7e95100dab0f93

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 02:13:19 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 21:00:46 GMT
server: AmazonS3
age: 68170
etag: W/"b3e531ae9588f25d7645c63f235b00bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VJ430Ie47V2pHhV.WFKD9RPtljvnrScG
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: fGu98MNu9mj4CjvkrxN-oq0imWRLk2woVHqrZmMKv6Cx0DnleG62vQ==

GET
H2 200 amino-logo-white.svg
wa1.narvii.com/static/img/ 2 KB
1 KB 67ms
62ms Image
image/svg+xml 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/img/amino-logo-white.svg?v=2
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fe6f76dce44adaa90fc4025dffa8d8e7a2923ee42e0d09754d467a11bb22d37

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: KMSpiER.Q0KkxPxhOHmtG_PxqBDF11z5
content-encoding: gzip
last-modified: Sat, 23 Jan 2021 22:26:58 GMT
server: AmazonS3
age: 418955
etag: W/"109eda949a346e72ff31f5c47fdea564"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: public,max-age=604800
date: Tue, 02 Feb 2021 00:46:54 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 3K62yo5uY0l1foaMCqSEmiVLZsxdOmEw_4_MNqb1G-gPu2KeOgZi8Q==

GET
H2 200 fce2f0badd882104fccc623f25b1087eb0619ca1r1-750-735v2_00.jpg
pm1.narvii.com/7827/ 35 KB
35 KB 222ms
124ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7827/fce2f0badd882104fccc623f25b1087eb0619ca1r1-750-735v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 935a60d51694072fe00880b07703ba402751822425b7d3362784d4fbdc34181f

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 20:11:37 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sat, 06 Feb 2021 14:09:08 GMT
server: AmazonS3
age: 3472
etag: "f0f3c936ca9d723b1f1a2e2d74551e4b"
x-cache: Hit from cloudfront
x-amz-version-id: AQ3EpaYuwzgoYkBBWOrAqIhZM_ZVVhHQ
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 35494
x-amz-cf-id: o8hetsYy02jSoVmdAek7cM_RQslHYu35KxtfdI69iULZgC_2UCh4rA==

GET
H2 200 fce2f0badd882104fccc623f25b1087eb0619ca1r1-750-735v2_128.jpg
pm1.narvii.com/7827/ 4 KB
5 KB 714ms
616ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7827/fce2f0badd882104fccc623f25b1087eb0619ca1r1-750-735v2_128.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f4c705bcefe0d9b85082b4df02564f595faa9df374d993201763274d9eec71d

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sat, 06 Feb 2021 14:09:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "92c8c7e58e5f5c9af9f3dd75e9a60c91"
x-cache: Miss from cloudfront
x-amz-version-id: QVTK3oDm2DkuyJ_Y7fgMaVePbmShArrm
cache-control: max-age=432000,public
accept-ranges: bytes
content-type: image/jpeg
content-length: 4385
x-amz-cf-id: Cu69k7_Tk-9zGi5wZtCrEiHV80z-jnTO8WRzENzcvfvhGQS1EXcdZg==

GET
H2 200 3e1707f1aad6a5db63be4c1f5a0c9a15ef7f6a13r1-941-750v2_128.jpg
pm1.narvii.com/7822/ 4 KB
4 KB 236ms
139ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7822/3e1707f1aad6a5db63be4c1f5a0c9a15ef7f6a13r1-941-750v2_128.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ea267eb5e6ff3261ce4c66dc43fdc7c17d8901ed7d9beffbb1d1176415f91c3

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:16:09 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 11:24:14 GMT
server: AmazonS3
age: 298400
etag: "f2e3a7f07e734e52bdb0ff16d16a9f72"
x-cache: Hit from cloudfront
x-amz-version-id: W3NQY.raxdnJ1oKogUj3Gq_dLIWAIRgX
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4039
x-amz-cf-id: sn2ACC7YKd3ePV0Pw81dF3WMUopqrTPGq3v5q49nMWrk2bfl5BZZ3A==

GET
H2 200 user-icon-placeholder.png
wa1.narvii.com/static/img/ 2 KB
2 KB 66ms
62ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/img/user-icon-placeholder.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43fc305b97dcd5167e4d6bca9126dde00928f9fc69414cb37af15122fe394641

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: OO3BaMJFC0UG49i.J2CJfLv7GNXnYB21
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:59 GMT
server: AmazonS3
age: 212283
etag: "0a0888d8773cdecef58cc33d089ac5df"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=604800
date: Thu, 04 Feb 2021 10:11:26 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2086
x-amz-cf-id: uyXgAqVZEuaauktXbHC7fdKmFw4J_YjQchQdpTU6rXlg53ARJY7YtQ==

GET
H2 200 151892f462db895b009f01c04e84045e479b640b_120.jpg
cm1.narvii.com/7800/ 4 KB
4 KB 197ms
59ms Image
image/jpeg 65.9.58.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm1.narvii.com/7800/151892f462db895b009f01c04e84045e479b640b_120.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96fca52e37b8a039bacb8c4939eb84e44c5eab5644d7717006f023f2c3700d69

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 15:52:43 GMT
via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified: Sun, 10 Jan 2021 18:58:12 GMT
server: AmazonS3
age: 19006
etag: "79c820641ddc30b9631901f07797a1a9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3930
x-amz-cf-id: vAHENvDWDI_WuGPBELgSleYkgzmpqbDsxZZYJpPnuvXSioDeFuHxbA==

GET
H2 200 f305834e1662b34e8cbbbe39dc29fe998b430b4cr5-706-1024_00.jpg
pm1.narvii.com/7245/ 115 KB
115 KB 154ms
58ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7245/f305834e1662b34e8cbbbe39dc29fe998b430b4cr5-706-1024_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c521e7df0300d25e5103c3df768d90935e952689ce91c89e9011cb926a6f9a3

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:07:51 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jul 2019 00:35:11 GMT
server: AmazonS3
age: 234098
etag: "969a9fc45ec2a9210c6c80a6702ed69b"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 117386
x-amz-cf-id: oO80jg3aCw0ohJszjksCZtcUoNXVCFBXo8uhfmRtzpjT9EFYWKSDBw==

GET
H2 200 dc96ecc6b2ad3dcac6f8ac795b3b833ad687adefr1-745-1080v2_00.jpg
pm1.narvii.com/7245/ 53 KB
53 KB 228ms
131ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7245/dc96ecc6b2ad3dcac6f8ac795b3b833ad687adefr1-745-1080v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a3f471f2d3c04aad3458d1a67e4df554ad7efd45155584169e3ba1319c0512f

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:07:51 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jul 2019 00:35:11 GMT
server: AmazonS3
age: 234098
etag: "b350a6fab0dcde903458a1c203edccd6"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 53779
x-amz-cf-id: JEwweULRNUhK9JdKfZ-K32wUvf74RYpfF86f3FwLjabaHma_XBGKsg==

GET
H2 200 b3a23b7a77df3b97cf1959bcd1baefcea33f8f0cr1-640-360v2_128.jpg
pm1.narvii.com/7382/ 5 KB
5 KB 305ms
216ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7382/b3a23b7a77df3b97cf1959bcd1baefcea33f8f0cr1-640-360v2_128.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbafbf95048dd4408002fe4f64c8d6c547674eb39cc973daca4231be3fc972a2

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 23:02:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "9a35b7a82db2cbe09b07721b6dbe54dc"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
date: Sat, 06 Feb 2021 21:09:29 GMT
accept-ranges: bytes
content-length: 5159
x-amz-cf-id: uHoVL3XoLC8W1diGyH5a1bvpodCT_WRtsdZvzFdm9Saxkr1S3cCeQw==

GET
H2 200 b3a23b7a77df3b97cf1959bcd1baefcea33f8f0cr1-640-360v2_00.jpg
pm1.narvii.com/7382/ 21 KB
21 KB 131ms
130ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7382/b3a23b7a77df3b97cf1959bcd1baefcea33f8f0cr1-640-360v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b5e69bd7baba112262223abf352f30bde3ba1387a4bae36a7339463448f2545

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 07:46:30 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 23:02:36 GMT
server: AmazonS3
age: 134579
etag: "2de2425b430a4ed8d05ebd68d53d7175"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21169
x-amz-cf-id: ZiJ4OLC_jlFbNjbiOT8VaUMJdayxapQEy_k0T5uwsqJpgme0zqvqow==

GET
H2 200 lazy.png
wa1.narvii.com/static/img/ 68 B
453 B 65ms
62ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/img/lazy.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: nKO_n78lHRMxGHpF4vzPvVPFDygYVuus
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:58 GMT
server: AmazonS3
age: 522305
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=604800
date: Sun, 31 Jan 2021 20:04:23 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 68
x-amz-cf-id: 1NFrCgy_7Yxmv5aO-YlSdGmNVJW13kyfGCs1OEeR_uDeiStxVA_AgQ==

GET
H2 200 57a79294ee0eb95b5d0d0b1e0ae2d28853f84e03r1-1080-1080v2_128.jpg
pm1.narvii.com/7383/ 5 KB
5 KB 132ms
132ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7383/57a79294ee0eb95b5d0d0b1e0ae2d28853f84e03r1-1080-1080v2_128.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 031e85957253caace891483cc9d811614872b9d163a98d0e6873c37ba8197845

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 18:20:19 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Wed, 20 Nov 2019 17:24:12 GMT
server: AmazonS3
age: 269350
etag: "5255f5158494f0d9e4784c3eace7b5d4"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 5254
x-amz-cf-id: HWDwTpw2v67NtqA1r4Mw3RSFNaRZWJOP9Bfz5yNCl-qliR-1zcorFQ==

GET
H2 200 57a79294ee0eb95b5d0d0b1e0ae2d28853f84e03r1-1080-1080v2_00.jpg
pm1.narvii.com/7383/ 45 KB
45 KB 135ms
134ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7383/57a79294ee0eb95b5d0d0b1e0ae2d28853f84e03r1-1080-1080v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da91ab5dc562e97e23dd475f13d6131c53c663d1863ee2d28223685b6713d9ba

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 21:44:38 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Wed, 20 Nov 2019 17:24:12 GMT
server: AmazonS3
age: 84291
etag: "b0f1930b3b5203e9f8d79b1dd3bee1d5"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 45805
x-amz-cf-id: f-VKPcHqUNtvbVX8ClmMP5Ar9GSGI3paaGw1YRRqF2y3kJmwPEMHEA==

GET
H2 200 b7e64944dacb0630b10bcf85a7615611f85f4a34_375.jpg
cm1.narvii.com/7800/ 40 KB
41 KB 186ms
60ms Image
image/jpeg 65.9.58.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm1.narvii.com/7800/b7e64944dacb0630b10bcf85a7615611f85f4a34_375.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9326cd5d57dda1f95892044ae2819ffdfbaf5a270fa6e75d4afa4d68706d23cf

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 21:44:05 GMT
via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified: Sun, 10 Jan 2021 19:00:58 GMT
server: AmazonS3
age: 84324
etag: "54294bb3879b25b1def65de2fa64507d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 41159
x-amz-cf-id: OaQN6F2gos83tdY_jVeQCghXh-P7KCTRWYo8ZaZfFhrlglRlYrq8KA==

GET
H2 200 play-button.svg
wa1.narvii.com/static/img/ 191 B
582 B 66ms
64ms Image
image/svg+xml 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/img/play-button.svg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7025cc4588e6f0a2727a7dcc036687aa5e31f015c9239002857f002f115bba1

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: d_Zk2hvJ_8nyLvZkFcPFiK30DqZa570f
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:59 GMT
server: AmazonS3
age: 183193
etag: "8d0ed7b6993b34e4eab75759161c6f1f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public,max-age=604800
date: Fri, 05 Feb 2021 17:53:03 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 191
x-amz-cf-id: eCFu_AT27EtvH5ADpMprmJj1SNDBV3gOP0SxXfpLq9fYIISPnFgJ4w==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
624 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:900&display=swap

Requested by

Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

497f499502194a9f828ba3b4a506d50554cc631d2469cf4f2328575edd398fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 20:58:10 GMT
server: ESF
date: Sat, 06 Feb 2021 21:09:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 21:09:28 GMT

GET
H2 200 font-awesome.5575f4609.css
wa1.narvii.com/static/dist/css/ 35 KB
8 KB 67ms
62ms Stylesheet
text/css 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa1.narvii.com/static/dist/css/font-awesome.5575f4609.css
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e855908ad6c21d403c36c151041df54333bf745c2aadafb24199d97f59ed09c2

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 13:27:22 GMT
content-encoding: gzip
last-modified: Sat, 23 Jan 2021 22:26:59 GMT
server: AmazonS3
age: 373327
etag: W/"7ecbe17f3127afca23c1385ed76ec7cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: dk88qFUTldezF6nTi5Ad09TAP1kKmJfA
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
content-type: text/css
x-amz-cf-id: b9DuIHp6lqQLL-nUT0curjTH-3xNT0fxB4DWjqQrV0t5ISx4OQ5UiA==

GET
H2 200 collect-v.3.1.32.js Show response
s0.ipstatp.com/static_magic/pgc/tech/collect/ 22 KB
8 KB 160ms
47ms Script
application/x-javascript 13.225.78.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.ipstatp.com/static_magic/pgc/tech/collect/collect-v.3.1.32.js
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-36.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 651eac3a34ca0f47b943abfabe71aec15b0ebc924a6df3b7851b28307deb5e9f

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 14:41:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=00;cdn-cache=miss
age: 4343289
x-cache: Hit from cloudfront
server-timing: inner; dur=0
access-control-allow-origin: *
last-modified: Fri, 14 Sep 2018 11:32:18 GMT
server: nginx
etag: W/"5b9b9c42-5965"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=7776000
x-tt-trace-host: 012325d9d81aa5850d145fb7ee4a4ec192c42f28427b4f73196eed94f31d2fec0973b60a8a386b600617587208ad1523d64dacfcd44ea490bc2da56a8a2db1ecfb7cfabb821a2a4c58f37353576b260361
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: O2TpYlr-XLTUlXDGLX9CrQxOKV4vHbWm0D7L3CsAmbyAgiddhvEijA==
expires: Thu, 18 Mar 2021 14:41:19 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.23.0/ 20 KB
7 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.23.0/firebase-app.js

Requested by

Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fbb9b0a6dd750be54d75b8eb16f6aea217aa36df2b4e3a4b80f960a1ca368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Oct 2020 20:48:24 GMT
server: sffe
age: 202364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6636
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:44 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/7.23.0/ 35 KB
11 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.23.0/firebase-analytics.js

Requested by

Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

954201eeb1cac382fbf2a85d6023b581a75c1d58c618367851503ef696262e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Oct 2020 20:48:30 GMT
server: sffe
age: 146614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10857
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:54 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 133ms
42ms Script
text/javascript 143.204.93.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-32.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 11306081
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: N6a15hKW5SY-yS0ta-CHSLo2VPNJLCBGXw5biaw2n93eY-2CQDN8vQ==

GET
H2 200 99d4930ac2441caedbc7b5ae86ff4e07.png
wa1.narvii.com/static/dist/ 7 KB
7 KB 59ms
58ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/dist/99d4930ac2441caedbc7b5ae86ff4e07.png
Requested by: Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/css/desktop-style.85d10f7d7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b45269fe4c6286f40b5c322ed7121cdcd4cf6d42e53c9d8cf0a221ed3a0332f2

Request headers

Referer: https://wa1.narvii.com/static/dist/css/desktop-style.85d10f7d7.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 19:02:17 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:59 GMT
server: AmazonS3
age: 439632
etag: "99d4930ac2441caedbc7b5ae86ff4e07"
x-cache: Hit from cloudfront
x-amz-version-id: pa8lpuyyaY568UHvYzmwh6Yqrwa7HAdM
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 7079
x-amz-cf-id: zjOe0z28EEYqJnaUMsKQjpmav4ZwzR4FsRa4qoAqLhhgpoWQOV0_bQ==

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69b59054159c1197bc73ffdc566eab25d9eec6af896cb04e01226780adb9bbff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff2
wa1.narvii.com/static/fontawesome/ 75 KB
76 KB 178ms
62ms Font
application/octet-stream 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa1.narvii.com/static/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/css/font-awesome.5575f4609.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://aminoapps.com
Referer: https://wa1.narvii.com/static/dist/css/font-awesome.5575f4609.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 06:38:33 GMT
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
vary: Origin
age: 484256
x-cache: Hit from cloudfront
content-length: 77160
last-modified: Sat, 23 Jan 2021 22:26:53 GMT
server: AmazonS3
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: CsDNRjAI7Fr4PpH9CM8RUx3rD0EeZ_n0
access-control-allow-origin: *
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: GbFzE9GhvIHJOKZHV8_dcgtsKa-3R28WCb0OnSajw_yvgCPcj8GA0Q==

GET
DATA 200
OK truncated
/ 78 B
78 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc638d319e8429772a3b08f3f66ad80f8b20358d08ba29422314572b3101536e

Request headers

Origin: https://aminoapps.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aminoapps.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:14:10 GMT
server: sffe
age: 146623
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 111ms
111ms Script
text/javascript 2607:f8b0:4001:c32::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4001:c32::8a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2623
date: Sat, 06 Feb 2021 20:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 06 Feb 2021 22:25:45 GMT

GET
H2 200 x154501166 Show response
aminoapps.com/partial/public-chat-threads/ 14 KB
3 KB 235ms
235ms Fetch
text/html 52.38.135.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aminoapps.com/partial/public-chat-threads/x154501166

Requested by

Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/js/main.762c5543a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.38.135.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-135-31.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

658f34a0d8b86d79db1ce63e4cd9df2740d941adbe2cb7ad312a0b4ea7c33fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: xmlhttprequest

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:28 GMT
content-encoding: gzip
server: openresty/1.15.8.2
vary: User-Agent
content-type: text/html; charset=utf-8
cache-control: private, no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
x-envoy-upstream-service-time: 24
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 27ms
6ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:28 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 13 Feb 2021 21:09:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.23.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c89ffcdcf3a556199921214251525a297fed02cb62a1347a04632f3e396fdca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38709
x-xss-protection: 0
expires: Sat, 06 Feb 2021 21:09:28 GMT

GET
H2 200 amino-icon.0e4baf457.woff
wa1.narvii.com/static/dist/fonts/ 14 KB
14 KB 91ms
63ms Font
application/octet-stream 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa1.narvii.com/static/dist/fonts/amino-icon.0e4baf457.woff
Requested by: Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/css/font-awesome.5575f4609.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b038497371152e3ca1d285702e66549ab12d71e6b50ca33bfe1682f743c060eb

Request headers

Origin: https://aminoapps.com
Referer: https://wa1.narvii.com/static/dist/css/font-awesome.5575f4609.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 06:05:20 GMT
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
vary: Origin
age: 227049
x-cache: Hit from cloudfront
content-length: 14076
last-modified: Sat, 23 Jan 2021 22:26:59 GMT
server: AmazonS3
etag: "0e4baf4575cfca6ec41b15c4a3dca4e8"
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: yyP7HNZrUXFIDbadiupzr8q.Cl7T6fGi
access-control-allow-origin: *
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: M-3-UkUieRlUfwYBFFwYOtVARbxPnJTjyKNpX9gJssqM6BQcaPqtag==

GET
H2 200 e114cf67c608b5beb854ec4ee7a6dd986f39c928r1-735-738v2_68.jpg
pm1.narvii.com/7822/ 2 KB
2 KB 652ms
650ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7822/e114cf67c608b5beb854ec4ee7a6dd986f39c928r1-735-738v2_68.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 055df8666c18036d6f17852a9d4889d24300593b8ea71d7d05fae4f3a1e8404c

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 23:42:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "d9d57e1e8e063dc63dd36a8db0ed8e36"
x-cache: Miss from cloudfront
x-amz-version-id: 7Vo60vDcr7GpsGbnV1SOMH3O_tcNcMDh
cache-control: max-age=432000,public
accept-ranges: bytes
content-type: image/jpeg
content-length: 2053
x-amz-cf-id: XpAQ3UyOGAzVHVDkVX9ORd0986sbYwh4quPhO2F-B4I6eX_5XZ4ycw==

GET
H2 200 426c0f57c8e86a73144b00ec928afe4c75b06ee9r1-512-512v2_68.jpg
pm1.narvii.com/7824/ 2 KB
2 KB 54ms
52ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7824/426c0f57c8e86a73144b00ec928afe4c75b06ee9r1-512-512v2_68.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ae0e58bcad4e36dd064f55f2972cb88b73c809152f3dd3f54e8b9ffee7f665a

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 17:23:17 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Wed, 03 Feb 2021 17:18:05 GMT
server: AmazonS3
age: 272772
etag: "ed64c387808bcb4b537877fdea00bd11"
x-cache: Hit from cloudfront
x-amz-version-id: WYDvPh0rZjrl6oriMB5u6ODG0avzBdZ8
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2156
x-amz-cf-id: 5B6oEyOVZCIL9UikBrhKqwnqi4C8L3rh75gcNJw8wm32QQP5rU8hOg==

GET
H2 200 75cb419c1193afbf0b9a6b02222cb099b7254355r1-1069-1065v2_68.jpg
pm1.narvii.com/7822/ 2 KB
3 KB 645ms
643ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7822/75cb419c1193afbf0b9a6b02222cb099b7254355r1-1069-1065v2_68.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb54590e4d2cbc5f0ef73f0039ce688a1558e5a8675669a06f4a5ebe4b0e41cf

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 21:23:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "227b7b62a3be6f57f8fe54525a04ef71"
x-cache: Miss from cloudfront
x-amz-version-id: dPSfxOX_KjFoUcWjP5yQnRNmqhVSBF9I
cache-control: max-age=432000,public
accept-ranges: bytes
content-type: image/jpeg
content-length: 2372
x-amz-cf-id: w3O2RrUyEktZxYgNXavnv8KE22COvESm9rK_ws0SUvb67wzAMrvvmg==

GET
H2 200 007e4f14007d04f1fd907a0a8257991d1e9f15bar1-640-360v2_68.jpg
pm1.narvii.com/7826/ 2 KB
2 KB 213ms
212ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7826/007e4f14007d04f1fd907a0a8257991d1e9f15bar1-640-360v2_68.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d007685651c7114d29fc6473e158dab2aa00cfd9ccfcdfd7eba6e1c6e39828db

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Fri, 05 Feb 2021 03:06:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "e30551c3998001e822e09a2d7410beaf"
x-cache: Miss from cloudfront
x-amz-version-id: k1Y2TAc1KsPB3NR3tEzVDJCOvZ6GUQNT
cache-control: max-age=432000,public
accept-ranges: bytes
content-type: image/jpeg
content-length: 1964
x-amz-cf-id: tg20mqPUyS565YdV_jBZyJYaP0d8AK3nLR8s53WWk9ObLm6GwO25vA==

GET
H3-Q050 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:641940763521:web:26ac22ae145b37182d6e80/ 361 B
629 B 72ms
58ms Fetch
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:641940763521:web:26ac22ae145b37182d6e80/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.23.0/firebase-analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

340f47084bc3dc475332d56fa5dc71948d774d977887f7d78e996b95e2cad004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
x-goog-api-key: AIzaSyDUbgzJwO1Fd5oawjcV3x8HkWGHET-Ky8Q
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 238
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:641940763521:web:26ac22ae145b37182d6e80/ Frame 0
0 52ms
20ms Other
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:641940763521:web:26ac22ae145b37182d6e80/webConfig

Protocol

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-goog-api-key
Origin: https://aminoapps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://aminoapps.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: x-goog-api-key
access-control-max-age: 3600
date: Sat, 06 Feb 2021 21:09:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 200
OK webid
maliva-mcs.byteoversea.com/v1/user/ Frame 0
0 413ms
314ms Other
application/octet-stream 92.122.214.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://maliva-mcs.byteoversea.com/v1/user/webid
Protocol: HTTP/1.1
Server: 92.122.214.146 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-122-214-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://aminoapps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/octet-stream
Content-Length: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://aminoapps.com
Access-Control-Max-Age: 1800
x-tt-trace-host: 013b9afffa479b6845c6c382592db89711f83fde1009984d05d8760ef7b47d0aee516059e647f780ce8d1951c2eb5315552a7b60b6e678c2cdbbc7ccf3fd1428897e5e996d3405421d55008e28aca49fff28f18bd49f314d0b46fddece20de719be67f29c805248b22ec304b09275b083b
X-Origin-Response-Time: 3,204.93.38.140
X-Akamai-Request-ID: bc72f77.1312d83f
Date: Sat, 06 Feb 2021 21:09:29 GMT
X-Cache: TCP_MISS from a92-122-214-142.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
Connection: keep-alive
X-Cache-Remote: TCP_MISS from a204-93-38-140.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
X-Parent-Response-Time: 267,92.122.214.142
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=264, origin; dur=3 inner; dur=0
Timing-Allow-Origin: *

POST
H/1.1 200
OK webid Show response
maliva-mcs.byteoversea.com/v1/user/ 84 B
1 KB 144ms
144ms XHR
application/json 92.122.214.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://maliva-mcs.byteoversea.com/v1/user/webid
Requested by: Host: s0.ipstatp.com
URL: https://s0.ipstatp.com/static_magic/pgc/tech/collect/collect-v.3.1.32.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.214.146 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-122-214-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 24b1014175cbd516ebf7d35586eabbfa049ab9c1a956d73db95964e709d492c6

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID: bc73035.1312d8f5
Date: Sat, 06 Feb 2021 21:09:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a92-122-214-142.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
X-Parent-Response-Time: 97,92.122.214.142
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=8, inner; dur=4
Content-Length: 99
Server: nginx
X-Cache-Remote: TCP_MISS from a204-93-38-140.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://aminoapps.com
Connection: keep-alive
X-Origin-Response-Time: 8,204.93.38.140
x-tt-trace-host: 013b9afffa479b6845c6c382592db89711f83fde1009984d05d8760ef7b47d0aee516059e647f780ce8d1951c2eb53155532659b5148b4756e97d226e40952df25964788c0d62069014ff366d88ec09be3e3073ccfac8e47ee3b10f5885b376dbb61c9963c4e4cb045adcbe71fb2e3229e
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers

OPTIONS
H/1.1 200
OK sync
apps.media-lab.ai/doh/ Frame 0
0 593ms
148ms Other 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/doh/sync?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com

Protocol

HTTP/1.1

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Origin: https://aminoapps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://aminoapps.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-headers: X-Real-Ip,lib_version,publisher_version,ana-api-key,x-whisper-testyoself,user-agent,content-type,content-length
access-control-max-age: 43200
date: Sat, 06 Feb 2021 21:09:28 GMT
connection: close
content-length: 0
Strict-Transport-Security: max-age=31536000

OPTIONS
H/1.1 200
OK request
apps.media-lab.ai/wana/bids/ Frame 0
0 593ms
148ms Other 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/wana/bids/request?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d

Protocol

HTTP/1.1

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Origin: https://aminoapps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://aminoapps.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-headers: X-Real-Ip,lib_version,publisher_version,ana-api-key,x-whisper-testyoself,user-agent,content-type,content-length
access-control-max-age: 43200
date: Sat, 06 Feb 2021 21:09:29 GMT
connection: close
content-length: 0
Strict-Transport-Security: max-age=31536000

OPTIONS
H/1.1 200
OK request
apps.media-lab.ai/wana/bids/ Frame 0
0 595ms
148ms Other 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/wana/bids/request?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d

Protocol

HTTP/1.1

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Origin: https://aminoapps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://aminoapps.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-headers: X-Real-Ip,lib_version,publisher_version,ana-api-key,x-whisper-testyoself,user-agent,content-type,content-length
access-control-max-age: 43200
date: Sat, 06 Feb 2021 21:09:28 GMT
connection: close
content-length: 0
Strict-Transport-Security: max-age=31536000

OPTIONS
H/1.1 200
OK request
apps.media-lab.ai/wana/bids/ Frame 0
0 610ms
153ms Other 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/wana/bids/request?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d

Protocol

HTTP/1.1

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Origin: https://aminoapps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://aminoapps.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-headers: X-Real-Ip,lib_version,publisher_version,ana-api-key,x-whisper-testyoself,user-agent,content-type,content-length
access-control-max-age: 43200
date: Sat, 06 Feb 2021 21:09:29 GMT
connection: close
content-length: 0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK sync Show response
apps.media-lab.ai/doh/ 2 KB
932 B 589ms
150ms XHR
application/json 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/doh/sync?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

0ec623cf4432c0c03d4abd0218eeab7df4d061f6bf874b6bb08a320eacffcce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

publisher_version: web_0.0.1
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
lib_version: web_1.1.8
ana-api-key: 056363cfdcfcf7de5cea11820138b4d2daf3ca
Content-Type: application/json

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
connection: close
x-envoy-upstream-service-time: 1
Strict-Transport-Security: max-age=31536000
access-control-allow-credentials: true
transfer-encoding: chunked

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 154ms
53ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

a5294757e666228a1aba961385d499260e67b9284d7409902f24db17a70fe403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "776 / 504 of 1000 / last-modified: 1612566807"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19179
x-xss-protection: 0
expires: Sat, 06 Feb 2021 21:09:28 GMT

POST
H/1.1 200
OK request Show response
apps.media-lab.ai/wana/bids/ 37 B
436 B 609ms
157ms XHR
application/json 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/wana/bids/request?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

5669db14546a8b24fbca47c21cdc57ff0b0041e0af4ad62fb0621fb09664bf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

publisher_version: web_0.0.1
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
lib_version: web_1.1.8
ana-api-key: 056363cfdcfcf7de5cea11820138b4d2daf3ca
Content-Type: application/json

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
connection: close
x-envoy-upstream-service-time: 4
Strict-Transport-Security: max-age=31536000
access-control-allow-credentials: true
Transfer-Encoding: chunked

POST
H/1.1 200
OK request Show response
apps.media-lab.ai/wana/bids/ 37 B
436 B 607ms
156ms XHR
application/json 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/wana/bids/request?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

5669db14546a8b24fbca47c21cdc57ff0b0041e0af4ad62fb0621fb09664bf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

publisher_version: web_0.0.1
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
lib_version: web_1.1.8
ana-api-key: 056363cfdcfcf7de5cea11820138b4d2daf3ca
Content-Type: application/json

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
connection: close
x-envoy-upstream-service-time: 4
Strict-Transport-Security: max-age=31536000
access-control-allow-credentials: true
Transfer-Encoding: chunked

POST
H/1.1 200
OK request Show response
apps.media-lab.ai/wana/bids/ 37 B
436 B 592ms
152ms XHR
application/json 35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/wana/bids/request?uid=6e8b3b62-41bb-4c85-9161-d13a1288890d

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

5669db14546a8b24fbca47c21cdc57ff0b0041e0af4ad62fb0621fb09664bf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

publisher_version: web_0.0.1
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
lib_version: web_1.1.8
ana-api-key: 056363cfdcfcf7de5cea11820138b4d2daf3ca
Content-Type: application/json

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
connection: close
x-envoy-upstream-service-time: 4
Strict-Transport-Security: max-age=31536000
access-control-allow-credentials: true
Transfer-Encoding: chunked

GET
H2 200 rules-p-3bDtRer0SSNWT.js Show response
rules.quantcount.com/ 3 B
355 B 397ms
380ms Script
application/x-javascript 2600:9000:20eb:f200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-3bDtRer0SSNWT.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:07:35 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 114
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: iLguc6FDRrjjQ2TOy17C8RNfHRaDYYskVFnEL7uJPn_aRsNP8bm1NA==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 134ms
43ms Image
image/gif 143.204.93.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Mei%20Lan%20%7C%20Wiki%20%7C%20%E2%97%BEAttack%20On%20Titan%E2%97%BE%20Amino&time=1612645768882&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&random_number=3059802053&sess_cookie=54bdb710177792d9eb2d773da75&sess_cookie_flag=1&user_cookie=54bdb710177792d9eb2d773da75&user_cookie_flag=1&dynamic=true&domain=aminoapps.com&account=cTwYt1zDGU20kU&jsv=20130128&user_lang=en-US
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 02:26:16 GMT
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 67392
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: vthU9HaRw7cWPw9TC7loR2EnTijNIvpX1aqvMaY6eO090xQu8tP5PQ==

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/golden-shine-845/ Frame 0
0 34ms
15ms Other
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/golden-shine-845/installations

Protocol

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://aminoapps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://aminoapps.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Sat, 06 Feb 2021 21:09:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/golden-shine-845/ 579 B
855 B 287ms
255ms Fetch
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/golden-shine-845/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.23.0/firebase-analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df6f6a550b623916d81dabec1b0a29f2c3a81c2b27c48320237a97fa186e4de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
x-goog-api-key: AIzaSyDUbgzJwO1Fd5oawjcV3x8HkWGHET-Ky8Q
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 464
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
534 B 34ms
14ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Feb 2021 21:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 mailbox_with_mail.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 4 KB
5 KB 57ms
57ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/mailbox_with_mail.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a98bf4358e15a34917dc0e283742a074e054ca3fc14d6a12cff39ea7e0fdb3f5

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 08:49:43 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:36 GMT
server: AmazonS3
age: 303586
etag: "12adf52a9ba0fa79f8a502565ab9f1b3"
x-cache: Hit from cloudfront
x-amz-version-id: YbYMOWGYtcC_VLroxq_Rkzz0y3z8jkzQ
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 4581
x-amz-cf-id: OeHsOrMeiA9nZR5ed2Q8Xil-mFeAI9tmONiBQ4nRi6NneTB2YWeI4Q==

GET
H2 200 7bffc3276fc4c04b28d2f3c3d409a0e081fc0cfdr1-890-1000v2_00.jpg
pm1.narvii.com/7805/ 45 KB
45 KB 46ms
46ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7805/7bffc3276fc4c04b28d2f3c3d409a0e081fc0cfdr1-890-1000v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9a2b105a77087a2b317e1f8272ea771e9e9cd3a7869c85d90ca6042e53de0e8

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: dOHjVPQxPrPmkiZP_mlY7cEPuThz7SAe
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 21:07:30 GMT
server: AmazonS3
age: 289699
etag: "04e5992ff5ed367bd79abb34cb93f5f4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
date: Wed, 03 Feb 2021 12:41:10 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 45877
x-amz-cf-id: uh4291yKonb2OedJrzc4AKxFC8HiJLT2-LzRTckp_TMCMdeGONVe4Q==

GET
H2 200 40d06f13b63352253903c86eb755f751df88400br1-908-1036v2_00.jpg
pm1.narvii.com/7824/ 41 KB
41 KB 99ms
99ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7824/40d06f13b63352253903c86eb755f751df88400br1-908-1036v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 850f82c02dff76b2cd99cdc053132bd0af73a29a1e9352140ff1eb6264a9318a

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 15:29:34 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Wed, 03 Feb 2021 04:26:03 GMT
server: AmazonS3
age: 193196
etag: "ae27d49abbbc4b077196f6e4f57ed338"
x-cache: Hit from cloudfront
x-amz-version-id: EKb.S4hvEoaqZdjs1EDXlVer0l0ma3Iy
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 41844
x-amz-cf-id: 7cptkFSVxjAnbFGWdsIf4ggf4qXf4AOdBfZJaaHsLjIFGATSKv5efA==

GET
H2 200 confetti_ball.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 5 KB
6 KB 60ms
60ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/confetti_ball.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d583c7fecf54ccfe421e21e237cd691080d5b01d6c7240069b154b8f7be9001f

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lPQFooNgwwpT1xeBvLpVn1r5ZWtHxBte
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:35 GMT
server: AmazonS3
age: 353383
etag: "95e4252669cec7287354aa724e078232"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=604800
date: Tue, 02 Feb 2021 18:59:46 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5521
x-amz-cf-id: M91nTVmWlXqAxzxnRLzU5w78tdQXTgqnnbSXJSxdTn1PPi4srG24fw==

GET
H2 200 black_medium_small_square.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 3 KB
4 KB 58ms
58ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/black_medium_small_square.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10e345a433d0271f61bb37a0b15b16795d9c2e6c60f6ba5a8207f0a8411af22a

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 16:09:09 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:34 GMT
server: AmazonS3
age: 277220
etag: "244eccd33cbe4a615f33db2be55bf708"
x-cache: Hit from cloudfront
x-amz-version-id: SL1izymZo77XUf2gjL4HzZChIsm5jIrp
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 3495
x-amz-cf-id: ui8oPAEkSQG7C66CAwFr_i75u-K1PRFrlic3Zh7E7h77rSVQARa5jQ==

GET
H2 200 strawberry.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 5 KB
6 KB 60ms
59ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/strawberry.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f7e0b3131af406481259f7c6fed5d46714bf0c9427909e94a1652719d1d888e

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hZcQopTnSldp3a764upgmTx4gpjJLPaI
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 359075
etag: "d7a9638f5c3dbd8281738333a1ce65b2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=604800
date: Tue, 02 Feb 2021 17:24:54 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5477
x-amz-cf-id: cD6O0yX6hI07wNL74Vgg50JYMWozuM1iCdL22ZLEf7mWwU9ChRX6tg==

GET
H2 200 blossom.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 4 KB
5 KB 59ms
59ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/blossom.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdc5e8f7a5bfcfc49c5530c42f5adc5a6e8ed5cfaa349cddf57cd213fb3af2f6

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: FFNmbPdFp22UOU7F93mxFYG7ozkNrtpf
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:34 GMT
server: AmazonS3
age: 156033
etag: "34fe17fa9e128061362f9b2c34997a12"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=604800
date: Fri, 05 Feb 2021 01:48:56 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4232
x-amz-cf-id: jtoPXPTOuQo6-EuVrtN2ePnFo7h_vHrrI3q09_73eNFoqV7dXQC-7g==

GET
H2 200 star.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 4 KB
4 KB 60ms
59ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/star.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0582542e7338ffe28bc07bcd06e2a047d529743295cb753916c435368db3838b

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 06:38:35 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 484254
etag: "f2ba498e88e4b9a73fb7e4e4a558c647"
x-cache: Hit from cloudfront
x-amz-version-id: dEuhcN5zrpQDEAo_Uvd5whJQx8nu4g7m
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 3628
x-amz-cf-id: R-kedsuWWVJ90tU2txU7WNbv-VwbRefa_qyexID4v0C1A-fcbw-44g==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
282 B 14ms
13ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Feb 2021 21:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
45 KB 45ms
31ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9SJ4LCCH1X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9a14a82336f8cf37b982f127d8b81f62d8dc79ea592b2f6e7ef9447b220022e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45435
x-xss-protection: 0
expires: Sat, 06 Feb 2021 21:09:29 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
386 B 67ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1649087964&t=pageview&_s=1&dl=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&ul=en-us&de=UTF-8&dt=Mei%20Lan%20%7C%20Wiki%20%7C%20%E2%97%BEAttack%20On%20Titan%E2%97%BE%20Amino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAQCAC~&jid=292296758&gjid=1451935307&cid=1794443356.1612645769&tid=UA-55669232-10&_gid=1725597073.1612645769&_r=1&cd4=no&cd6=https&cd2=page_v2%3Famino_id%3Dattackontitan-amino%26page_type%3Dpage%26slug%3Ditem%252Fmei-lan%252F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&cd3=2021-02-01T18%3A27%3A59Z&cd5=page_v2.item.None&cd7=&cd9=0&z=622497926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aminoapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4a16e006d74c30a27eb7a7025decaac28886e11er1-736-609v2_00.jpg
pm1.narvii.com/7823/ 47 KB
47 KB 47ms
47ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7823/4a16e006d74c30a27eb7a7025decaac28886e11er1-736-609v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b9306b4615e4c2efed82bbb3356e9c5f44e79e1f86c6dbcc6931e6b135a06bb

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:28:41 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 05:58:21 GMT
server: AmazonS3
age: 243648
etag: "ad82f52fdfee551da76711b92d8168fd"
x-cache: Hit from cloudfront
x-amz-version-id: qjTaUCPfWl6IJhL5lnDT8.7pkd98.LcW
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 47769
x-amz-cf-id: wrMTOWzpsxJqJhWRLIhXi4nBwiIkcAcgaGd7PbFJKXzkoSzVaz4hbw==

GET
H2 200 541af5901ae8b519f4b638f57347cc3b29df02abr4-500-250_00.jpg
pm1.narvii.com/7797/ 30 KB
30 KB 55ms
53ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7797/541af5901ae8b519f4b638f57347cc3b29df02abr4-500-250_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da6b7faeab0aab1da7df99bfc8c045f64e331ccbc18534198ec5edbda74f884e

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: PQiRd1Gey.oqmn2MWIRnwvwBnG9SDZhf
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Thu, 07 Jan 2021 23:44:11 GMT
server: AmazonS3
age: 155021
etag: "a29995ab5044bc16c9952b2f6d628fd8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
date: Fri, 05 Feb 2021 02:05:49 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 30666
x-amz-cf-id: WEk8XNqC_lsgwiv6h0rKWJMdFKBY3M_umPLBGu7Q9QYIojzLkJI0OA==

GET
H2 200 5b31b9e26e6aa47dc36f199375cc636afc1fd1a3r4-349-175_00.jpg
pm1.narvii.com/7820/ 15 KB
15 KB 54ms
52ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7820/5b31b9e26e6aa47dc36f199375cc636afc1fd1a3r4-349-175_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f82273e9afe4a2f3c1e3ecfe075df31e0fe92cff06c2e028f929c18374078e05

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:21:54 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sat, 30 Jan 2021 07:58:37 GMT
server: AmazonS3
age: 71256
etag: "60a0dd8dd28744f16ad0998b23149e56"
x-cache: Hit from cloudfront
x-amz-version-id: Pm5iTqGDOogBwR7wv97ORkW4xHjBxhs6
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 15159
x-amz-cf-id: vodXxoYvnz4r7Q-syc2hkTJqjiInkIIReSIzCeOWx2EhXYIc9RARog==

GET
H2 200 b176faca13d6a1617c28b04fff6ae0c755b3d528r1-800-799v2_00.jpg
pm1.narvii.com/7525/ 40 KB
41 KB 52ms
50ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7525/b176faca13d6a1617c28b04fff6ae0c755b3d528r1-800-799v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e70f587d440d5e8d86e95fbb456834f7d90a68131261354387e538dd55d93a68

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 15:21:33 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 23:07:52 GMT
server: AmazonS3
age: 107276
etag: "d7138d4064e70fc2b42742738bbf4f28"
x-cache: Hit from cloudfront
x-amz-version-id: KChXjPAEip2ong9YzK9qcyt26yu9t4n4
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 41290
x-amz-cf-id: 4NdKSJQgdjoRuAmOa0q_-e_-vHDEEQ0Fi31q_Rvu-4jZlmU-UAChMg==

GET
H2 200 39e7086faf4c0c1542e6d0b12d9a512f6061c40dr4-736-368_00.jpg
pm1.narvii.com/7795/ 40 KB
41 KB 57ms
55ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7795/39e7086faf4c0c1542e6d0b12d9a512f6061c40dr4-736-368_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8eb51d0195796f9459227c8ed55a5da02d944af324d35241fc68756aab92539

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: oLR6zzQcuWAi9CY9Dh4yXHRPvOzyrTRb
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Tue, 05 Jan 2021 05:09:09 GMT
server: AmazonS3
age: 14441
etag: "79e80afb236d6b7bb0f9b2c6cd49a195"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
date: Sat, 06 Feb 2021 17:08:49 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 41242
x-amz-cf-id: Oi6EO0RNwwwgXwev57wsgi6aBGQHkjxIOlAl4Jlle-oMpT_rG7WAEw==

GET
H2 200 2e7838e664cf15aec1bbf4d2bca39cde5a81753cr4-750-375_00.jpg
pm1.narvii.com/7820/ 59 KB
60 KB 59ms
58ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7820/2e7838e664cf15aec1bbf4d2bca39cde5a81753cr4-750-375_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bff2d41e326774343a73aff939c7e616b21d54ce1a2989272ceda06ef6e05ef3

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 13:52:36 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sat, 30 Jan 2021 01:50:29 GMT
server: AmazonS3
age: 199014
etag: "9490eab45ec12c87388fecc3f512e930"
x-cache: Hit from cloudfront
x-amz-version-id: 6x.ZE39waJJe4TgOdlsFUpUdjejDOs40
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 60686
x-amz-cf-id: NRvjH6yUdDDZic7W4eVHeHZiDG6KjrNsxNEsesxX31Np9YuBIhecIg==

GET
H2 200 d02a506cc50613117244fd18a77e3614916a160cr4-750-375_00.jpg
pm1.narvii.com/7820/ 34 KB
34 KB 64ms
62ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7820/d02a506cc50613117244fd18a77e3614916a160cr4-750-375_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96a9472a6c38a8c575541bfe1fa2f88d93a55d906ba64a8460454a4318a6d7b5

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sxcqbDqrfnqXvDrEWOtJSyeIGD4aDQpD
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sat, 30 Jan 2021 22:45:11 GMT
server: AmazonS3
age: 157880
etag: "31d66c59047a623dccf00fe2bc8b7c65"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
date: Fri, 05 Feb 2021 01:18:10 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 34658
x-amz-cf-id: mBIGJkArLidis8ZM2BuLR4WG_hC_tm1tJ5WbLXclBSz8VjjGuEw5Tg==

GET
H2 200 e04bdb8a5ebf89aed6d0a85023c4eb5a9f8188c2r4-500-250_00.jpg
pm1.narvii.com/7758/ 15 KB
16 KB 61ms
59ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7758/e04bdb8a5ebf89aed6d0a85023c4eb5a9f8188c2r4-500-250_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9a44fd7a0d2fe49f26732393d42207cfd9c1a9c14ddb08b9aad6fd11f8c0926

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 20:31:21 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 16:21:13 GMT
server: AmazonS3
age: 175089
etag: "68b600b3fa12172eb0e6a973a63a6613"
x-cache: Hit from cloudfront
x-amz-version-id: 53Z9s6oQ9Pyfe0H8._6XT4SExPhiu10s
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 15703
x-amz-cf-id: 3hcQyE6J3N1jy_I3tqTIdaENEJhpt9oymoPKxL-D8UWznm2TglUv7Q==

GET
H2 200 fbe2935c328336b80569f2f78b6d78cee8cc96ecr4-600-300_00.jpg
pm1.narvii.com/7817/ 34 KB
35 KB 67ms
66ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7817/fbe2935c328336b80569f2f78b6d78cee8cc96ecr4-600-300_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5affb1050912f960f091dfa0f28d7850de2d68c1b2d56f66479478219bccab02

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 20:31:07 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 05:40:54 GMT
server: AmazonS3
age: 175103
etag: "25f55813d82464f109e6bd051c5b34ee"
x-cache: Hit from cloudfront
x-amz-version-id: jXNY.QcHbsbxQZU8.m7fvu9HFedue3ko
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 35233
x-amz-cf-id: OUv341BhMEblhrBST9cAfRXUvF2WiVvZLULMOUWM5wXB2C0bS8U_LA==

GET
H2 200 6ffdbb4a65168745083b2a9d7a11e7e9e227c0abr4-612-306_00.jpg
pm1.narvii.com/7685/ 19 KB
20 KB 66ms
65ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7685/6ffdbb4a65168745083b2a9d7a11e7e9e227c0abr4-612-306_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2837d0bb94d16628f7fc29733d0c277efbc88e23820c17d2a5138704a4591fd

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:04:29 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Thu, 17 Sep 2020 19:07:30 GMT
server: AmazonS3
age: 216300
etag: "290723360d5babe05d81ac6d66346eb5"
x-cache: Hit from cloudfront
x-amz-version-id: M4Sl1yyIn6NlPHUaywdrkizEHXyiKlBS
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 19891
x-amz-cf-id: zUGkfTa1Qxdntvc-7EGQRng35YEOa-HtxScrtZR_33sx5cei3auk_g==

GET
H2 200 2d380d1bf90756d992aaf3fae21a395ecd600fa2r4-750-375_00.jpg
pm1.narvii.com/7827/ 18 KB
18 KB 69ms
68ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7827/2d380d1bf90756d992aaf3fae21a395ecd600fa2r4-750-375_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5f1ec5732faaf8adcadea80c9d231e4860f7b1413608668de8c45ba1556438a

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 17:07:59 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sat, 06 Feb 2021 16:19:45 GMT
server: AmazonS3
age: 14491
etag: "82ca29e68a010b31a18be7eaac0749c6"
x-cache: Hit from cloudfront
x-amz-version-id: cgBL8PHxQGa0uQReiyusJymXy3NAAmrE
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 18394
x-amz-cf-id: eJFdtv5lyDWr-iU3v7n6oKO8pxSVDZWaKYzmQKUmrXLHoBHQroExxg==

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
23 B 14ms
13ms Other
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9SJ4LCCH1X&gtm=2oe1r0&_p=1649087964&sr=1600x1200&ul=en-us&_fid=f34FfWPqnKG4X4_l3LjHjL&cid=1794443356.1612645769&_s=1&dl=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&dr=&dt=Mei%20Lan%20%7C%20Wiki%20%7C%20%E2%97%BEAttack%20On%20Titan%E2%97%BE%20Amino&sid=1612645768&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9SJ4LCCH1X&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aminoapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-55669232-10&cid=1794443356.1612645769&jid=292296758&gjid=1451935307&_gid=1725597073.1612645769&_u=YEDAAEAAAAQCAC~&z=845562347

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Feb 2021 21:09:29 GMT
content-type: text/plain
access-control-allow-origin: https://aminoapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 873675f3222bc04610d6c79e141ba9c4fbf75a45r1-1484-1080v2_00.jpg
pm1.narvii.com/7803/ 59 KB
59 KB 47ms
46ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7803/873675f3222bc04610d6c79e141ba9c4fbf75a45r1-1484-1080v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cf6a6dcebcfe030494178ee5d08d0912b2d7dd1188fc865640dc97b2f66c0e4

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 12:40:47 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jan 2021 18:59:33 GMT
server: AmazonS3
age: 289723
etag: "38a323309cc6881a9bc078087d5c27ed"
x-cache: Hit from cloudfront
x-amz-version-id: VZ421kLGxiBCX9T4BWDCp.nOsqBgrL_B
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 60096
x-amz-cf-id: tENnlwvPVzDEKR0-K1Hmq2ILrwI6iBYV2UhVZ-Z_1mNflTEg3wU2-Q==

GET
H2 200 7e4faa86de54ee82bc9bf3eefa5bce033b5b14far1-2048-683v2_00.jpg
pm1.narvii.com/7826/ 5 KB
6 KB 45ms
45ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7826/7e4faa86de54ee82bc9bf3eefa5bce033b5b14far1-2048-683v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b06bc5702a83b2fb4e1ace94a05c255d7f59aa23c74dc7ff5717c444af0045ad

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 23:06:51 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Fri, 05 Feb 2021 22:13:22 GMT
server: AmazonS3
age: 79359
etag: "10cae4902d354c11c2e784f563379866"
x-cache: Hit from cloudfront
x-amz-version-id: qdVbhJYuoBd2DH5pO2px0jXryQASEOA3
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 5571
x-amz-cf-id: UhF6Vbz5P-5D_kCs_JCmGUqry0YALCuOY_mMHj4T-elXN-dyar-g0w==

GET
H3-Q050 200 pubads_impl_2021020301.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 113ms
63ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

64c8ffa9d610f2016220d209f2f98f8982e0efc9d2a31dc647c7539949d4b512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 09:40:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103517
x-xss-protection: 0
expires: Sat, 06 Feb 2021 21:09:29 GMT

GET
H2 200 503dc9571179bac18e1e942cfe478f9cadbac114r1-720-816_raw.jpg
pv1.narvii.com/uploaded_cover/7815/ 46 KB
46 KB 163ms
57ms Image
image/jpeg 143.204.93.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv1.narvii.com/uploaded_cover/7815/503dc9571179bac18e1e942cfe478f9cadbac114r1-720-816_raw.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-17.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 762337a7b92fe7ed9fbf5312048b9b77f2af37635b494025618c468dfd490b72

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 05:52:05 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Mon, 25 Jan 2021 19:02:33 GMT
server: AmazonS3
age: 55045
etag: "0ce6f25771633443c4d126f49511a97c"
x-cache: Hit from cloudfront
x-amz-version-id: k_Bizm9BoL_2FPpUL2E8NSqoPvK9inTW
cache-control: max-age=432000,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 46976
x-amz-cf-id: UT3sEygvCXevZAv9o7DB0J5DloTJRahQOwrBoLbOfD_8bQe1y6rr4Q==

GET
H2 200 21accb4b54980349432e629e9e393383845f1505r1-717-696v2_00.jpg
pm1.narvii.com/7797/ 42 KB
43 KB 50ms
50ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7797/21accb4b54980349432e629e9e393383845f1505r1-717-696v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a3a804eaf71d440589eef5dde4bce801fb8fd27ebd149e3f0578c523b53d901

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:41:30 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Thu, 07 Jan 2021 19:39:21 GMT
server: AmazonS3
age: 214080
etag: "d994ab2ad6ad633be0258a22e1584d01"
x-cache: Hit from cloudfront
x-amz-version-id: 4Ds_TrchA5oEI0UA4yBNfDKlqLYuo58U
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 43470
x-amz-cf-id: _xwLuoeLlMf09NVvhxE49PfFuEt3npF-4iWmyQ8pnIzKp0OKv6o9CQ==

GET
H2 200 4b9dbd5acb8d8096ed65031f53e0b3539cf3069ar1-1234-2030v2_00.jpg
pm1.narvii.com/7674/ 16 KB
17 KB 56ms
55ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7674/4b9dbd5acb8d8096ed65031f53e0b3539cf3069ar1-1234-2030v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d562cb52469149f6846e3d783c2c736e9dd96cede3ea68c0f00fb72c024bbf77

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 17:11:21 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sun, 06 Sep 2020 03:22:55 GMT
server: AmazonS3
age: 14289
etag: "da5ac3257566656be24898a013ae99d9"
x-cache: Hit from cloudfront
x-amz-version-id: _eUc5i.cMwR80Is20UNtM9CU72qAjVIQ
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 16819
x-amz-cf-id: S2jhqDBJ1r6g-rM6A6eN8GC5VmCFyMaL6AVQ6XzgGE2T7VANLgbCdA==

GET
H2 200 3f29e84cba59b1e381777174096469d77d57e289r5-622-1024_00.jpg
pm1.narvii.com/7674/ 41 KB
41 KB 54ms
54ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7674/3f29e84cba59b1e381777174096469d77d57e289r5-622-1024_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67ca19bc9e77cc98183cd6d087737d09d14831a5b0ad224c847948b644276fb3

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:04:22 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sun, 06 Sep 2020 03:22:54 GMT
server: AmazonS3
age: 216308
etag: "4adff7001c417d1b28762aade3946529"
x-cache: Hit from cloudfront
x-amz-version-id: 424ICUDZ7pfurR56TLa0cQq76.f_Y9UC
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 41520
x-amz-cf-id: dJ1yE_uZMfOzgYY9nCn7DgSTiZld92KBC3JZInLo4WqskzIJA9BOSA==

GET
H2 200 cow2.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 5 KB
6 KB 65ms
65ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/cow2.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44aa80bc5a1c8772ac044525264e9bb2748cab654b5475476c5455aab9529d90

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 06:58:56 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:35 GMT
server: AmazonS3
age: 51034
etag: "d8cc045dea278f2683c9ef6b280096bc"
x-cache: Hit from cloudfront
x-amz-version-id: .S6HSU3LRAfjHK3oGT1Gltc90d.9_JsM
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 5303
x-amz-cf-id: zhQwdJ8pkUDESgbaYKbCwlHVbnYX5no21C9lXohovXdLT96r9JG5tg==

GET
H2 200 thumbsup.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 5 KB
5 KB 58ms
58ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/thumbsup.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e1e5732a264cb1c73a2fbdeb1a440668dabd2cd63eeb30152f8656fd655a091

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 00:22:16 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 506834
etag: "a0a5d07f60da887f916b5540f7cc14d4"
x-cache: Hit from cloudfront
x-amz-version-id: G_gGzot7aDQztTaUlX1YN9YyhfT2JUGh
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 5075
x-amz-cf-id: YBQHVZfMc1gD30Dkqo6kBp7GbfPbhM-RebvW66vWx4T3my1hUvTWwQ==

GET
H2 200 smiley.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 6 KB
6 KB 60ms
60ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/smiley.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d6dbf4f6967d9d636b86e4c3cba0a23da0d1ed45bf66a8ae300847f66a7202

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:36:28 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 318782
etag: "5fece00c22bedab7e68fe9965257125b"
x-cache: Hit from cloudfront
x-amz-version-id: KDxcCMDCFVKo1TLV.oJrgt0WMgEdd6SP
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 5794
x-amz-cf-id: LJxQ91TdMLrmn2KBPiI9Q8YVVFzLtc3sgTjrPO_EC2woGOd-i5NNyA==

GET
H2 200 coffee.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 4 KB
5 KB 59ms
59ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/coffee.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ab7f0680256fdd3dc2a2e31f73861302dc25d38b36f4baaf596217c03871b22

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: p.7hWkfqHSv5zzEhcCFKGVN7HoG8EUip
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:35 GMT
server: AmazonS3
age: 419275
etag: "06d4e6dde787543889ca7e1d56b4b3f9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=604800
date: Tue, 02 Feb 2021 00:41:35 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4306
x-amz-cf-id: TMqiyZSqMXO-8yHgdLmZZpYfyrUQFF3HPBd9PO9grtRL70eH1MJ8LQ==

GET
H2 200 sushi.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 5 KB
6 KB 59ms
59ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/sushi.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 831097849a370c02369283b17255c6e4f0ffe9e0a1269610119e49b26401f621

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 04:13:50 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 233740
etag: "1c873a340c556e04ade1e987b32fcc28"
x-cache: Hit from cloudfront
x-amz-version-id: cm3RQlBJVo2.MKqaC6TYeTFoJ4.C2.95
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 5257
x-amz-cf-id: yj2g4E2Nll2sjp85gWqQata0SfXVERFrgK9AQf7vkFRd6GNHBuZkUQ==

GET
H2 200 smirk_cat.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 6 KB
6 KB 61ms
60ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/smirk_cat.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32689cf5e138152fffdc682e99152f7d13166d6cd2d8b2c8d0d77d1118128588

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 07:25:11 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 49459
etag: "25298f805ca971c30cc8409938187fd4"
x-cache: Hit from cloudfront
x-amz-version-id: l9xrXBpU9d4EsfHyX9fhhMa4xEgCCx9y
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 6062
x-amz-cf-id: 8tYfHmZVwRD3ebJGxIkKvui2vhSuG7Avtyaadz_clR33AEb3vnB3PA==

GET
H2 200 two_hearts.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 3 KB
4 KB 60ms
60ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/two_hearts.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d536693d99ce68429134a8ed26d5e387a1f6fb48e0b0f7ac975dac2f9851426c

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 06:18:13 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 571877
etag: "107751de07a81c5f39c7e94e833ccaf9"
x-cache: Hit from cloudfront
x-amz-version-id: SoTbxoth9OYG11LE15p90vfc3pYCE9nE
cache-control: public,max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
content-length: 3565
x-amz-cf-id: nGfMS5yyD9YByeosxymnmwJ5MBqakJtB8k0Ft7l5h17Yb7JgsI-KJA==

GET
H2 200 sparkles.png
wa1.narvii.com/static/bower/emojify.js/images/emoji/ 2 KB
3 KB 60ms
60ms Image
image/png 65.9.58.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wa1.narvii.com/static/bower/emojify.js/images/emoji/sparkles.png
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01a596173ac379d01fb54b14f6cc4a9b1291bc59e6fc56a05be3c71c63d5788d

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xw2IIgj4S0cnwDCkYjwPjnNnxA4hG_m6
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Sat, 23 Jan 2021 22:26:37 GMT
server: AmazonS3
age: 43404
etag: "3f91c49c9dc3978a2f4e4d68e2973164"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public,max-age=604800
date: Sat, 06 Feb 2021 09:09:02 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2209
x-amz-cf-id: 0vkMPxLMGOPL6RuF3_-LoQUO80RxsJB1--I1t_TyfQuDPqjJi8-uCA==

GET
H2 200 cb6b62b2e2aaaa828c714eb6dbd6f2171955b8e7r1-1080-1021v2_00.jpg
pm1.narvii.com/7477/ 44 KB
44 KB 51ms
51ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7477/cb6b62b2e2aaaa828c714eb6dbd6f2171955b8e7r1-1080-1021v2_00.jpg
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f529de4f3d006afed63e854243b934a2167d806b22f152d49cf032f4c60bb09

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 19:12:49 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Sat, 22 Feb 2020 13:53:05 GMT
server: AmazonS3
age: 179800
etag: "c7fdf4822a83b34150be535c57702146"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 44567
x-amz-cf-id: r9ZNk9xCagk3bVnjgTAe33iaWSWWC0o9XzJV7eHYrKIlbDdEQn8H3Q==

GET
H2 200 pixel;r=2108945932;rf=0;uh=3b4c3d2b5dde;uht=0;a=p-3bDtRer0SSNWT;url=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL;fpan=1;fpa=P...
pixel.quantserve.com/ 35 B
371 B 11ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2108945932;rf=0;uh=3b4c3d2b5dde;uht=0;a=p-3bDtRer0SSNWT;url=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL;fpan=1;fpa=P0-1387569344-1612645769302;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=aminoapps.com;je=0;sr=1600x1200x24;dst=1;et=1612645769302;tzo=-60;ogl=description.%20Historia%3A%20%0A%0ANac%C3%AD%20en%20Shingashina%252C%20apartada%20de%20aquello%20a%20lo%20que%20se%20le%20llama%20socie%2Ctitle.Mei%20Lan%20%7C%20Wiki%20%7C%20%E2%97%BEAttack%20On%20Titan%E2%97%BE%20Amino%2Csite_name.%E2%97%BEAttack%20On%20Titan%E2%97%BE%20%7C%20aminoapps%252Ecom%2Cimage.http%3A%2F%2Fpm1%252Enarvii%252Ecom%2F7827%2Ffce2f0badd882104fccc623f25b1087eb0619ca1r1-750-735v2_

Requested by

Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200
OK list Show response
maliva-mcs.byteoversea.com/v1/ 7 B
1 KB 148ms
148ms XHR
application/json 92.122.214.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://maliva-mcs.byteoversea.com/v1/list?rdn=0.6670371241861186
Requested by: Host: s0.ipstatp.com
URL: https://s0.ipstatp.com/static_magic/pgc/tech/collect/collect-v.3.1.32.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.214.146 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-122-214-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: 3deb09a.1312d938
Date: Sat, 06 Feb 2021 21:09:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a92-122-214-142.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
X-Parent-Response-Time: 101,92.122.214.142
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=3, inner; dur=4
Content-Length: 7
Server: nginx
Pragma: no-cache
X-Cache-Remote: TCP_MISS from a23-218-221-20.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://aminoapps.com
Connection: keep-alive
X-Origin-Response-Time: 3,23.218.221.20
x-tt-trace-host: 013b9afffa479b6845c6c382592db89711f83fde1009984d05d8760ef7b47d0aee558ca8017f4d7519cd3bed377708c95e33242f2f22cc26c142fab3bba728c7c440d5712dee3f74812fab55a7092fe873a0f93cc48f60866a7004e2ad7f0b15e3d516db2ee2f8a55aa88eda7c9d3aeb9d
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers
Expires: 0

POST
H/1.1 200
OK list Show response
maliva-mcs.byteoversea.com/v1/ 7 B
1 KB 237ms
144ms XHR
application/json 92.122.214.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://maliva-mcs.byteoversea.com/v1/list?rdn=0.09179581367852752
Requested by: Host: s0.ipstatp.com
URL: https://s0.ipstatp.com/static_magic/pgc/tech/collect/collect-v.3.1.32.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.214.146 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-122-214-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: 8d972c9.1312d95f
Date: Sat, 06 Feb 2021 21:09:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a92-122-214-142.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
X-Parent-Response-Time: 98,92.122.214.142
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=3, inner; dur=0
Content-Length: 7
Server: nginx
Pragma: no-cache
X-Cache-Remote: TCP_MISS from a23-45-233-7.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-32030756) (-)
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://aminoapps.com
Connection: keep-alive
X-Origin-Response-Time: 3,23.45.233.7
x-tt-trace-host: 013b9afffa479b6845c6c382592db89711f83fde1009984d05d8760ef7b47d0aee55292ffe55e28742c4249052bd79fb47b041e8cc26a876543a0b7174b4dafd7920550a28ad785783f68879ebb50a614644cf545927a911d6c9625207e5141710247be16591ccb50fea758a60c0867fbe
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers
Expires: 0

GET
H2 200 nr-1198.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 139ms
46ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1198.min.js
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:29 GMT
content-encoding: gzip
x-amz-request-id: 8FBF058EA70ADB98
x-cache: HIT
content-length: 10682
x-amz-id-2: dCyln7OIf+i76Bn+clBUl8tM3pNPIGXfyNRvPHz5ZLwhdSBkIMjzducUvcecQ4BFCTB8K4VSAVo=
x-served-by: cache-fra19141-FRA
last-modified: Fri, 29 Jan 2021 19:19:08 GMT
server: AmazonS3
x-timer: S1612645770.600101,VS0,VE0
etag: "59c98195ba35e0b45cbe2e5beebd1ac8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10929

GET
H/1.1 200
OK 14361c43a8 Show response
bam-cell.nr-data.net/1/ 57 B
646 B 280ms
169ms Script
text/javascript 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/14361c43a8?a=278894250&v=1198.fe6ec20&to=bl0BZEJYV0VSUUFQWFcXJUVeWk1fXFwaTUVYVhBcUU1cUhxCVF5SFlEXVV0WEw%3D%3D&rst=3182&ck=1&ref=https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&ap=129&be=1863&fe=3034&dc=2349&perf=%7B%22timing%22:%7B%22of%22:1612645766451,%22n%22:0,%22f%22:1325,%22dn%22:1325,%22dne%22:1325,%22c%22:1325,%22ce%22:1325,%22rq%22:1325,%22rp%22:1853,%22rpe%22:1859,%22dl%22:1856,%22di%22:2349,%22ds%22:2349,%22de%22:2351,%22dc%22:3033,%22l%22:3033,%22le%22:3034%7D,%22navigation%22:%7B%7D%7D&fp=2136&fcp=2136&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 21:09:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 61d7da3d1c534c3e-AMS
cf-request-id: 081ac6ba2c00004c3e23330000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
803 B 80ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=aminoapps.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Feb 2021 21:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aminoapps.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Feb 2021 21:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
12 KB 327ms
327ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4107220429266782&correlator=3581287323794173&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069919%2C21069968%2C31060061&vrg=2021020301&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210206&iu_parts=114106652%2Camino_728x90_atf_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&fsbs=1&eri=1&cust_params=domain%3Daminoapps.com%26youtube%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1612645770&dt=1612645770087&dlt=1612645768307&idt=973&frm=20&biw=1600&bih=1200&oid=3&adxs=364&adys=136&adks=2542861004&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&vis=1&dmc=8&scr_x=0&scr_y=0&psz=874x0&msz=728x90&ga_vid=1794443356.1612645769&ga_sid=1612645770&ga_hid=1649087964&fws=132&ohw=874&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

a9f9697a1492fcbf6a68999b0156a6752b609e4205b056f467d2bf184fe0a3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12253
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5a5549d8e7535c73e616aa8e8aae25e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 63ms
26ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5a5549d8e7535c73e616aa8e8aae25e3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 461 B
735 B 265ms
265ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4107220429266782&correlator=2841709112294627&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069919%2C21069968%2C31060061&vrg=2021020301&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210206&iu_parts=114106652%2Camino_300x250_atf_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&fsbs=1&eri=1&cust_params=domain%3Daminoapps.com%26youtube%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1612645770&dt=1612645770101&dlt=1612645768307&idt=973&frm=20&biw=1600&bih=1200&oid=3&adxs=64&adys=432&adks=3516584440&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1794443356.1612645769&ga_sid=1612645770&ga_hid=1649087964&fws=644&ohw=300&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

bb9ee29a0f1c25e704deac60f9ba91396370894f4c3beb7702662d554fc7ee05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 459 B
276 B 313ms
313ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4107220429266782&correlator=2790829385183663&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069919%2C21069968%2C31060061&vrg=2021020301&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210206&iu_parts=114106652%2Camino_300x250_atf_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&fsbs=1&eri=1&cust_params=domain%3Daminoapps.com%26youtube%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1612645770&dt=1612645770107&dlt=1612645768307&idt=973&frm=20&biw=1600&bih=1200&oid=3&adxs=1238&adys=343&adks=2430221806&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faminoapps.com%2Fc%2Fattackontitan-amino%2Fpage%2Fitem%2Fmei-lan%2F4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1794443356.1612645769&ga_sid=1612645770&ga_hid=1649087964&fws=132&ohw=300&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

32f91a64e8fdfcdfe514183b3594daa66e1e8e55d6a30811fd91d9861ef3cc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aminoapps.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ingest
apps.media-lab.ai/doh/ Frame 38E3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dappnexus%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fapps.media-lab.ai%252Fdoh%252Fingest%253Fpartner%253Dappnexus%2526uid%253D6e8b3b62-41bb-4c85-9161-d13a1288890d%2526property_id%253Daminoa...
https://apps.media-lab.ai/doh/ingest?partner=appnexus&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=5314374601846871334

0
0

444ms
153ms

Document
text/html

35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/doh/ingest?partner=appnexus&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=5314374601846871334

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: apps.media-lab.ai
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 06 Feb 2021 21:09:30 GMT
x-envoy-upstream-service-time: 5
connection: close
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000

Redirect headers

Server: nginx/1.17.9
Date: Sat, 06 Feb 2021 21:09:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://apps.media-lab.ai/doh/ingest?partner=appnexus&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=5314374601846871334
AN-X-Request-Uuid: e38c5085-32bd-4eac-bdc9-3816b7b80bf3
Set-Cookie: uuid2=5314374601846871334; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 07-May-2021 21:09:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80

GET
H2 204 /
cdn.districtm.io/ids/ Frame FD3E 0
0 181ms
66ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/?sellerid=101159
Requested by: Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/?sellerid=101159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
set-cookie: __cfduid=d58395218726ff69edb340da8cf3f496c1612645770; expires=Mon, 08-Mar-21 21:09:30 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 081ac6bc1000000ba5bcac1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 61d7da401c390ba5-AMS

GET
H/1.1

400
Bad Request

ingest
apps.media-lab.ai/doh/ Frame 0816
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Demx%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1...
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Demx%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property...
https://cs.emxdgt.com/umcheck?apnxid=5314374601846871334&redirect=https://apps.media-lab.ai/doh/ingest?partner=emx&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web...
https://apps.media-lab.ai/doh/ingest?partner=emx&uid=5314374601846871334brt153931612645770396316f1

0
0

487ms
154ms

Document
application/json

35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/doh/ingest?partner=emx&uid=5314374601846871334brt153931612645770396316f1

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: apps.media-lab.ai
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

content-type: application/json; charset=UTF-8
date: Sat, 06 Feb 2021 21:09:30 GMT
content-length: 39
x-envoy-upstream-service-time: 1
connection: close
Strict-Transport-Security: max-age=31536000

Redirect headers

content-type: text/html
date: Sat, 06 Feb 2021 21:09:30 GMT
location: https://apps.media-lab.ai/doh/ingest?partner=emx&uid=5314374601846871334brt153931612645770396316f1
set-cookie: eapn_id=5314374601846871334; Max-Age=7776000; Expires=Fri, 07 May 2021 21:09:30 GMT; Domain=.emxdgt.com; Path=/; HttpOnly; SameSite=None; Secure
content-length: 0

GET
H2 200 jwsmmlmf
rtb.gumgum.com/usync/ Frame 52A3 0
0 186ms
62ms Document
text/html 34.250.244.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/jwsmmlmf?gdpr=0&iframe=1&r=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dgumgum%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D
Requested by: Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.244.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-244-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/jwsmmlmf?gdpr=0&iframe=1&r=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dgumgum%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_fdd2b890-4052-4f3a-a03f-a7f31acb1d50; Domain=.gumgum.com; Expires=Sun, 06-Feb-2022 21:09:30 GMT; Path=/; Secure; SameSite=None
etag: W/"0b443b1e3601ef8f71813d4a76e554088"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

ingest
apps.media-lab.ai/doh/ Frame EF89
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=187335&cb=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dix%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%...
https://ssum-sec.casalemedia.com/usermatchredir?s=187335&cb=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dix%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%...
https://apps.media-lab.ai/doh/ingest?partner=ix&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=YB8FiuJ2KIvDNJEREQ0Y2gAA%2...

0
0

456ms
153ms

Document
text/html

35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/doh/ingest?partner=ix&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=YB8FiuJ2KIvDNJEREQ0Y2gAA%261148

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: apps.media-lab.ai
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 06 Feb 2021 21:09:30 GMT
x-envoy-upstream-service-time: 1
connection: close
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000

Redirect headers

Server: Apache
Content-Length: 406
Content-Type: text/html; charset=iso-8859-1
Location: https://apps.media-lab.ai/doh/ingest?partner=ix&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=YB8FiuJ2KIvDNJEREQ0Y2gAA%261148
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 06 Feb 2021 21:09:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 06 Feb 2021 21:09:30 GMT
Connection: keep-alive
Set-Cookie: CMID=YB8FiuJ2KIvDNJEREQ0Y2gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 06 Feb 2022 21:09:30 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 21:09:30 GMT CMPRO=1148;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 21:09:30 GMT CMST=YB8FimAfBYoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 07 Feb 2021 21:09:30 GMT

GET
H/1.1

200
OK

ingest
apps.media-lab.ai/doh/ Frame 1472
Redirect Chain

https://cs.mobfox.com/1af518a91fb9471ec20984ad23975b23.gif?puid=[UID]&redir=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dmobfox%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property...
https://apps.media-lab.ai/doh/ingest?partner=mobfox&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=7389f5da-1f85-4229-a3e...

0
0

1327ms
154ms

Document
text/html

35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/doh/ingest?partner=mobfox&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=7389f5da-1f85-4229-a3e8-c46ae310c0df

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: apps.media-lab.ai
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 06 Feb 2021 21:09:31 GMT
x-envoy-upstream-service-time: 1
connection: close
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000

Redirect headers

Set-Cookie: mf_u_key=7389f5da-1f85-4229-a3e8-c46ae310c0df; path=/; domain=.mobfox.com; expires=Sat, 20 Feb 2021 21:09:30 GMT mf_red_key=75; path=/; domain=.mobfox.com; expires=Sat, 20 Feb 2021 21:09:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://apps.media-lab.ai/doh/ingest?partner=mobfox&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=7389f5da-1f85-4229-a3e8-c46ae310c0df
Date: Sat, 06 Feb 2021 21:09:30 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1657 0
0 152ms
50ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156998&s=767985&userIdMacro=PM_UID&predirect=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dpubmatic%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0.1%26lib_version%3Dweb_1.1.8%26partner_uid%3DPM_UID
Requested by: Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=120450
Expires: Mon, 08 Feb 2021 06:37:00 GMT
Date: Sat, 06 Feb 2021 21:09:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

ingest
apps.media-lab.ai/doh/ Frame FD6C
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dsovrn%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0....
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fapps.media-lab.ai%2Fdoh%2Fingest%3Fpartner%3Dsovrn%26uid%3D6e8b3b62-41bb-4c85-9161-d13a1288890d%26property_id%3Daminoapps.com%26app_version%3Dweb_0.0....
https://apps.media-lab.ai/doh/ingest?partner=sovrn&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=d4df508c604f616c4aa48586

0
0

566ms
159ms

Document
text/html

35.194.11.13
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.media-lab.ai/doh/ingest?partner=sovrn&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=d4df508c604f616c4aa48586

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.1.1.8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.194.11.13 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

13.11.194.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: apps.media-lab.ai
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 06 Feb 2021 21:09:30 GMT
x-envoy-upstream-service-time: 1
connection: close
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000

Redirect headers

Server: nginx
Date: Sat, 06 Feb 2021 21:09:30 GMT
Content-Length: 0
Location: https://apps.media-lab.ai/doh/ingest?partner=sovrn&uid=6e8b3b62-41bb-4c85-9161-d13a1288890d&property_id=aminoapps.com&app_version=web_0.0.1&lib_version=web_1.1.8&partner_uid=d4df508c604f616c4aa48586
Set-Cookie: ljt_reader=d4df508c604f616c4aa48586;Version=1;Domain=.lijit.com;Path=/;Max-Age=31536000;Secure; SameSite=None;
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap7ams1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 52ms
33ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a46474f1c3b2cf5e3df4e4eceb192e7607b9afd807f16cea971c2d24fc319ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Feb 2021 21:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6728
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame AB59 180 KB
51 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120029
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:49:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:49:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AB59 13 KB
5 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120051
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:48:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:48:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AB59 90 KB
27 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120058
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:48:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AB59 3 KB
1 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120058
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:48:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame AB59 41 KB
13 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118195
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 12:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 12:19:35 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame AB59 3 KB
1023 B 67ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 20:35:10 GMT
server: ESF
date: Sat, 06 Feb 2021 21:09:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 21:09:30 GMT

GET
DATA 200
OK truncated
/ Frame AB59 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0eb56bbfaf1e67be319dde76ac340248de10e8d32afbf5cec45015e98600ae4c

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 es_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB59 3 KB
3 KB 56ms
41ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es_bl.png

Requested by

Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9e843e63acdf34d5a5edbba301377df7e0089c44be896e2b36e9293227dbcda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Feb 2021 04:26:18 GMT
x-content-type-options: nosniff
server: cafe
age: 60192
etag: 11430072204764857781
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2664
x-xss-protection: 0
expires: Sun, 07 Feb 2021 04:26:18 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB59 295 B
748 B 55ms
40ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
server: cafe
age: 60232
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 07 Feb 2021 04:25:38 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AB59 0
0 78ms
76ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_7B2igUfYP7JCM2Q7_UPqpuGgA3e3IThXqy528uiDLX8kL6kGxABIITxyCtg6eTJhdgaoAHXw7DiA8gBAeACAKgDAcgDCqoEjQJP0GabrSd1lmM27DAxHCCHlFohuI7pG4-Y3m6JB0H6Dq-Ps-JQcLd7NWwDBZMDWsyHhNOIXmmrRwm6yqVEMrd7Xq8vOhSRLMGF9nvia9e7QInhhx_n-0kAxMoRRauwMDRRxGL2tE2kyFVlLa3pX4HxH4VY2RdR5r575K60Rbkcv7qzipPLiEmgF7Qr3-02hGPjzC0I4M2aoH3M2ZmfAE6LQwOSRsPmM7W9NEa2y8J-h67-tYM7itDKkKTVA3AXAkvsRURPqSyoUH7tjFe8D3dqpefI1Fj7m2amAvxhazGxhzHrnx0KtTDAggBF1yBlex4T8LzfkVQO3tK9W5BOmLIpQ2Z2y1QV-BcvlcE9ucAE7tCysIID4AQBkgUECAQYAZIFBAgFGASAB7POg4cBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEK7NA9IICQiA4YBQEAEYHYAKA8gLAdgTAogUAbIXGgoYCAASFHB1Yi01ODk4MDc4NzE5OTE2MjQ3&sigh=Dni3_92PLH0&tpd=AGWhJmswX7gfVVxCDmKQpeOGmmhf0OJ4nsmJVHU7TGm3bmDQNQ
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020301.js?31060061

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 06 Feb 2021 21:09:30 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame AB59
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: aminoapps.com
URL: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Feb 2021 21:09:30 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame AB51 0
0 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 06 Feb 2021 20:52:02 GMT
expires: Sun, 06 Feb 2022 20:52:02 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1048
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB59 14 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aminoapps.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 18:30:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 355117
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Wed, 02 Feb 2022 18:30:53 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB59 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aminoapps.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 202369
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:41 GMT

GET
H3-Q050 200 es_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB59 3 KB
3 KB 9ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9e843e63acdf34d5a5edbba301377df7e0089c44be896e2b36e9293227dbcda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Feb 2021 04:26:18 GMT
x-content-type-options: nosniff
server: cafe
age: 60192
etag: 11430072204764857781
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2664
x-xss-protection: 0
expires: Sun, 07 Feb 2021 04:26:18 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB59 295 B
320 B 9ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
server: cafe
age: 60232
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 07 Feb 2021 04:25:38 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
122 B 39ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020301&jk=4107220429266782&bg=!r6ylrO_NAAWnsTPUpzsAKQB2-DxaWcmHVRQ1kQeIdhGPXbm5Zyc2llQlrvTHMUHZjiEkARm73VqJAgAAAHFSAAAAH2gBBwoAsNpkvDPcBA5s07ACtRHddbcXmezmtGfMFSjoxgR0GGIXsbKEXGYfT-gsJQTTVczI1yNobYYGtEUJfbMagO-XX7_VWqtjl6foVz04yoEpdJWhGK7K9TL3LqFYBX14G1ww06_2goZBGimrHIHpYHzyIGP0cjwIzsNodG6zyoF5uCYySsbvDOjk-2W8bV9iG5yQL-g7PVq1ZB1y0W1Pb71LJNt-0axbTkfvCT0N8JwfgQ13mQHUveniCUHBgXFzC2yEiKAaq-uK_ZxXn3Xrk3l3gQhJoq5eRo6cmf-qmk4QfIG06-_Gp2O8xtf4mUeE3D_MkKUJlZu3xEwNgwkT_JyBXWEJpufIXnzJ_U8V_i3Cwb5RfWgU1MNN7HpEhPweTfaATbaLyRLm66E_Ofje95E8CNUQv8j_CLO9uLFXmDKeoCY-AkCYljcYtGheMm6DIZF1436-5WNyaA41DUCfEcGDzOYBj8U3xtPe4qKZgYv8Qtffd6zfNcb-w7Qhja2I73PQsrbFg8eTNVQXCvoZiIMINBL08nBgPS3GIjvgcwvWZe0lQYc2ryuhgK7-TxARm3S8uojz7eIAr_9YGIQTKAy0_M3WMcnYI60tZ2XlWsMSGir78hXWwefWRAAoid3DSm3EltHWZWF_O6nn28p5v1OfmfQSW_BPLSI3kzyvNS6t7RRO2OacQaG5yk6_g3lO2vKmUA1Q6jz2dat0ws3IFaIEpSle39R6Vvl2R47eFCHjnmKnQM4dQjpIE7Qxk1_ydpfE_o4vHOF8lPIIjL-_lQM76uAB3DeCs91hhj_QLVx5xM09ENOE7P9w9fVfh-_yyJSIubB6G_pTM5A644aeekhNKhytr8OqjTZ_

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AB59 42 B
94 B 45ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHkYpHLrqOWLoPhYZP7jzeCZZxGGLUjnOUc5LXsHd5lKxVOODm1Lx3wffikfbuKa4Iw8eJJXM96DhaJKFKCLDF0O9DZzWct9P99u-29AOjpY4FBlOpZ9A2KS6KV7rqvhno5946_60t9b_5vpUA7jxq&sai=AMfl-YTgd5rg6-FTqVrYsu6tGsZ5wTylk2FWWgjwXzFY4Ta5FmnRhB6UI8NBcqzIG54WAswJRtZYOLiEtcyDFUduHWcsWbaKdz-DRJFL-i4qWMNOHydffOnryZ6O7P005o3Q&sig=Cg0ArKJSzAqQZdzRv6fzEAE&cid=CAASPeRo3YPu9_SP2bY3CIcNE9-5uJF2Z6fra-2lcEZ0_7Rby3AdHZmRy-qNjVYA0XmdQiVtw1VE8aHWWyvzLZc&id=ampim&o=437,136&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=167&tls=1168&g=100&h=100&tt=1168&r=v&avms=ampa&adk=2542861004

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aminoapps.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 online-members Show response
aminoapps.com/api/x154501166/ 1 KB
1 KB 218ms
218ms Fetch
application/json 52.38.135.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aminoapps.com/api/x154501166/online-members

Requested by

Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/js/main.762c5543a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.38.135.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-135-31.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

bbeb682e6296a90746d5370922a02df2341f9a78da9c9c98e9198d248a237e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: xmlhttprequest

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:36 GMT
content-encoding: gzip
server: openresty/1.15.8.2
vary: User-Agent
content-type: application/json
cache-control: private, no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
x-envoy-upstream-service-time: 7
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 2a53bc50d90fd0fefc0055a492220bd290221d57r1-1118-1116v2_68.jpg
pm1.narvii.com/7822/ 2 KB
3 KB 207ms
207ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7822/2a53bc50d90fd0fefc0055a492220bd290221d57r1-1118-1116v2_68.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 402e239acda09e62c4b2b35e19c594448df78851ecd0ee685c3b5d29eea40db6

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: pWoZU5l6N8h3b_0YG7fkrdvBmI_Q22Ig
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 12:24:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "1005d87607dd0a36a11fa29b1e4bc99c"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
date: Sat, 06 Feb 2021 21:09:38 GMT
accept-ranges: bytes
content-length: 2473
x-amz-cf-id: O1g7E3HgXx_-EVzD6jnwJB8OMyeyO6DBS3ew_CaJpso_fL3RM6uDcw==

GET
H2 200 2a53bc50d90fd0fefc0055a492220bd290221d57r1-1118-1116v2_68.jpg
pm1.narvii.com/7822/ 2 KB
3 KB 49ms
49ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7822/2a53bc50d90fd0fefc0055a492220bd290221d57r1-1118-1116v2_68.jpg
Requested by: Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/js/main.762c5543a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 402e239acda09e62c4b2b35e19c594448df78851ecd0ee685c3b5d29eea40db6

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: pWoZU5l6N8h3b_0YG7fkrdvBmI_Q22Ig
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 12:24:26 GMT
server: AmazonS3
age: 1
etag: "1005d87607dd0a36a11fa29b1e4bc99c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=432000,public
date: Sat, 06 Feb 2021 21:09:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2473
x-amz-cf-id: N7hg3gYgH4qMjg44kp_QH3_Y8vyMUsayinOWdqPb-aWaFU27dYf40A==

POST
H/1.1 200
OK 14361c43a8 Show response
bam-cell.nr-data.net/events/1/ 24 B
489 B 179ms
179ms XHR
image/gif 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/14361c43a8?a=278894250&v=1198.fe6ec20&to=bl0BZEJYV0VSUUFQWFcXJUVeWk1fXFwaTUVYVhBcUU1cUhxCVF5SFlEXVV0WEw%3D%3D&rst=13182&ck=1&ref=https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 06 Feb 2021 21:09:39 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://aminoapps.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 61d7da7adcfc4c3e-AMS
Content-Length: 24
cf-request-id: 081ac6e0cc00004c3e56105000000001

GET
H2 200 online-members Show response
aminoapps.com/api/x154501166/ 1 KB
1 KB 224ms
223ms Fetch
application/json 52.38.135.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aminoapps.com/api/x154501166/online-members

Requested by

Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/js/main.762c5543a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.38.135.31 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-135-31.us-west-2.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

bbeb682e6296a90746d5370922a02df2341f9a78da9c9c98e9198d248a237e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: xmlhttprequest

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 21:09:44 GMT
content-encoding: gzip
server: openresty/1.15.8.2
vary: User-Agent
content-type: application/json
cache-control: private, no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 e114cf67c608b5beb854ec4ee7a6dd986f39c928r1-735-738v2_68.jpg
pm1.narvii.com/7822/ 2 KB
2 KB 55ms
54ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7822/e114cf67c608b5beb854ec4ee7a6dd986f39c928r1-735-738v2_68.jpg
Requested by: Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/js/main.762c5543a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 055df8666c18036d6f17852a9d4889d24300593b8ea71d7d05fae4f3a1e8404c

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 23:42:29 GMT
server: AmazonS3
age: 16
etag: "d9d57e1e8e063dc63dd36a8db0ed8e36"
x-cache: Hit from cloudfront
x-amz-version-id: 7Vo60vDcr7GpsGbnV1SOMH3O_tcNcMDh
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2053
x-amz-cf-id: jjnZurkVv2okeOryfYrpZlsOyjbAX2oOwdx1J_sr6HWNQhK2Rgi48w==

GET
H2 200 e114cf67c608b5beb854ec4ee7a6dd986f39c928r1-735-738v2_68.jpg
pm1.narvii.com/7822/ 2 KB
2 KB 43ms
43ms Image
image/jpeg 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm1.narvii.com/7822/e114cf67c608b5beb854ec4ee7a6dd986f39c928r1-735-738v2_68.jpg
Requested by: Host: wa1.narvii.com
URL: https://wa1.narvii.com/static/dist/js/main.762c5543a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 055df8666c18036d6f17852a9d4889d24300593b8ea71d7d05fae4f3a1e8404c

Request headers

Referer: https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 21:09:30 GMT
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 23:42:29 GMT
server: AmazonS3
age: 17
etag: "d9d57e1e8e063dc63dd36a8db0ed8e36"
x-cache: Hit from cloudfront
x-amz-version-id: 7Vo60vDcr7GpsGbnV1SOMH3O_tcNcMDh
cache-control: max-age=432000,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2053
x-amz-cf-id: zdR0oCi8wQQv-_gUyB8576JdUcb7n68NeCMfGE2z5nRzfJFEuhL4fQ==

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-19 18:07:01	Name: uuid2 Value: 5314374601846871334
.doubleclick.net/	1970-01-20 01:19:01	Name: IDE Value: AHWqTUnck84474yKDZ_6K_NjJ79deJ4mM49gctaKpxe2Jvmd0SBgSAH8mImB69llQvI
.pubmatic.com/	1970-01-19 16:40:37	Name: KRTBCOOKIE_391 Value: 22924-5207417609530860099
.pubmatic.com/	1970-01-19 18:07:01	Name: KRTBCOOKIE_377 Value: 6810-be874375-889f-4a07-ba8c-bff859ae541d&KRTB&22918-be874375-889f-4a07-ba8c-bff859ae541d&KRTB&23031-be874375-889f-4a07-ba8c-bff859ae541d
.pubmatic.com/	1970-01-19 16:40:37	Name: PugT Value: 1612645772
.pubmatic.com/	1970-01-19 16:40:37	Name: SPugT Value: 1612645772
.pubmatic.com/	1970-01-19 18:07:01	Name: KRTBCOOKIE_466 Value: 16530-c5f6b0f1-7091-42bd-ab0b-b0f83b2b562a
.pubmatic.com/	1970-01-19 18:07:01	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 18:07:01	Name: KADUSERCOOKIE Value: B3BA2C00-0DC3-4890-97F3-F2005CD821F7
.pubmatic.com/	1970-01-19 18:07:01	Name: DPSync3 Value: 1613779200%3A221_219_201_226
.pubmatic.com/	1970-01-19 15:58:52	Name: pi Value: 156998:2
.aminoapps.com/	1970-05-14 04:17:35	Name: session Value: .eJwNy8EKgkAQANBfiTl30EUvgpfYNRRmQhCX3YuULuXmSIhlKP57vfvboHm5ia-jG2dI5untjtC5T9-6pu8g2eBwgwRQqoiE9STqB3HBdCYmjwJlGZBQAa7PL8l6ML4MrS7YVPfIcD0g58KsGBmtBK5tbPl_zrjYKg8vOuuRzWr8yaPsButVTDrzuKQp7PsPIx0yQQ.YB8FiA.DNnvkLON0PdSizFwUflp7xVupJ8
.ads.pubmatic.com/	1970-01-19 15:58:52	Name: KCCH Value: YES
.aminoapps.com/	1970-01-20 01:19:01	Name: __gads Value: ID=5ea07aed0127b6ea-2205758160ba00fc:T=1612645770:S=ALNI_MZB9-5TtRDeRzNQoPCATSzTgBa1dA
.aminoapps.com/	1970-01-20 00:44:28	Name: __auc Value: 54bdb710177792d9eb2d773da75
.gumgum.com/	1970-01-20 00:43:01	Name: vst Value: e_fdd2b890-4052-4f3a-a03f-a7f31acb1d50
.aminoapps.com/	1970-01-20 01:21:54	Name: __qca Value: P0-1387569344-1612645769302
.aminoapps.com/	1970-01-20 09:28:37	Name: _ga Value: GA1.1.1794443356.1612645769
.pubmatic.com/	1970-01-19 16:40:37	Name: KRTBCOOKIE_27 Value: 16735-uid:b521601f-058a-4600-b837-9735e020f6a8&KRTB&16736-uid:b521601f-058a-4600-b837-9735e020f6a8&KRTB&23019-uid:b521601f-058a-4600-b837-9735e020f6a8&KRTB&23114-uid:b521601f-058a-4600-b837-9735e020f6a8
.aminoapps.com/	1970-01-20 09:28:37	Name: _ga_9SJ4LCCH1X Value: GS1.1.1612645768.1.0.1612645768.0
.pubmatic.com/	1970-01-19 18:07:01	Name: KRTBCOOKIE_80 Value: 16514-CAESEEvBj8Gf3IixNIsIO6uteHw&KRTB&22987-CAESEEvBj8Gf3IixNIsIO6uteHw&KRTB&23025-CAESEEvBj8Gf3IixNIsIO6uteHw
.pubmatic.com/	1970-01-19 18:07:01	Name: SyncRTB3 Value: 1613779200%3A21_13_56_54_220_161_7_3_223_71%7C1613865600%3A35%7C1613433600%3A63
.pubmatic.com/	1970-01-19 18:07:01	Name: chkChromeAb67Sec Value: 1
.doubleclick.net/	1970-01-19 15:57:29	Name: DSID Value: NO_DATA
.aminoapps.com/	1970-01-19 15:57:25	Name: _gat Value: 1
.aminoapps.com/	1970-01-19 15:58:52	Name: _gid Value: GA1.2.1725597073.1612645769
.aminoapps.com/	1970-01-19 15:57:29	Name: AMP_TOKEN Value: %24NOT_FOUND
.aminoapps.com/	1970-01-19 15:58:52	Name: exp Value: 60-0
.pubmatic.com/	1970-01-19 18:07:01	Name: KTPCACOOKIE Value: YES
.aminoapps.com/	1970-01-19 15:57:27	Name: __asc Value: 54bdb710177792d9eb2d773da75

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://aminoapps.com/c/attackontitan-amino/page/item/mei-lan/4Dzj_M3UvIolaE44M1QgpbrvNEWV818YPKFL

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5a5549d8e7535c73e616aa8e8aae25e3.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.pl
aminoapps.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
apps.media-lab.ai
bam-cell.nr-data.net
cdn.ampproject.org
cdn.districtm.io
certify-js.alexametrics.com
certify.alexametrics.com
cm1.narvii.com
cs.emxdgt.com
cs.mobfox.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
js-agent.newrelic.com
js.media-lab.ai
maliva-mcs.byteoversea.com
pagead2.googlesyndication.com
pixel.quantserve.com
pm1.narvii.com
pv1.narvii.com
rtb.gumgum.com
rules.quantcount.com
s0.ipstatp.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
wa1.narvii.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.68.69
13.224.194.79
13.225.78.36
143.204.93.123
143.204.93.17
143.204.93.32
143.204.93.91
151.101.14.110
162.247.243.147
18.195.155.181
2.18.233.180
2.18.234.21
216.52.2.39
216.58.212.130
2600:9000:20eb:f200:6:44e3:f8c0:93a1
2607:f8b0:4001:c32::8a
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9d
34.250.244.32
35.194.11.13
37.252.172.38
52.38.135.31
65.9.58.106
65.9.58.47
88.214.207.190
92.122.214.146
01a596173ac379d01fb54b14f6cc4a9b1291bc59e6fc56a05be3c71c63d5788d
031e85957253caace891483cc9d811614872b9d163a98d0e6873c37ba8197845
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
055df8666c18036d6f17852a9d4889d24300593b8ea71d7d05fae4f3a1e8404c
0582542e7338ffe28bc07bcd06e2a047d529743295cb753916c435368db3838b
0b9306b4615e4c2efed82bbb3356e9c5f44e79e1f86c6dbcc6931e6b135a06bb
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0eb56bbfaf1e67be319dde76ac340248de10e8d32afbf5cec45015e98600ae4c
0ec623cf4432c0c03d4abd0218eeab7df4d061f6bf874b6bb08a320eacffcce1
10e345a433d0271f61bb37a0b15b16795d9c2e6c60f6ba5a8207f0a8411af22a
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1f4c705bcefe0d9b85082b4df02564f595faa9df374d993201763274d9eec71d
24b1014175cbd516ebf7d35586eabbfa049ab9c1a956d73db95964e709d492c6
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
2a3f471f2d3c04aad3458d1a67e4df554ad7efd45155584169e3ba1319c0512f
2ab7f0680256fdd3dc2a2e31f73861302dc25d38b36f4baaf596217c03871b22
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f529de4f3d006afed63e854243b934a2167d806b22f152d49cf032f4c60bb09
32689cf5e138152fffdc682e99152f7d13166d6cd2d8b2c8d0d77d1118128588
32f91a64e8fdfcdfe514183b3594daa66e1e8e55d6a30811fd91d9861ef3cc68
340f47084bc3dc475332d56fa5dc71948d774d977887f7d78e996b95e2cad004
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3ae0e58bcad4e36dd064f55f2972cb88b73c809152f3dd3f54e8b9ffee7f665a
3cf6a6dcebcfe030494178ee5d08d0912b2d7dd1188fc865640dc97b2f66c0e4
402e239acda09e62c4b2b35e19c594448df78851ecd0ee685c3b5d29eea40db6
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
43fc305b97dcd5167e4d6bca9126dde00928f9fc69414cb37af15122fe394641
44aa80bc5a1c8772ac044525264e9bb2748cab654b5475476c5455aab9529d90
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
497f499502194a9f828ba3b4a506d50554cc631d2469cf4f2328575edd398fd8
4a3a804eaf71d440589eef5dde4bce801fb8fd27ebd149e3f0578c523b53d901
4a46474f1c3b2cf5e3df4e4eceb192e7607b9afd807f16cea971c2d24fc319ce
4f7e0b3131af406481259f7c6fed5d46714bf0c9427909e94a1652719d1d888e
5669db14546a8b24fbca47c21cdc57ff0b0041e0af4ad62fb0621fb09664bf7e
5affb1050912f960f091dfa0f28d7850de2d68c1b2d56f66479478219bccab02
5c10cc72b40fb47589bce48be3ba229f5eedf31eaaf26f24be6c96501df6e204
5e1e5732a264cb1c73a2fbdeb1a440668dabd2cd63eeb30152f8656fd655a091
61fbb9b0a6dd750be54d75b8eb16f6aea217aa36df2b4e3a4b80f960a1ca368f
64c8ffa9d610f2016220d209f2f98f8982e0efc9d2a31dc647c7539949d4b512
651eac3a34ca0f47b943abfabe71aec15b0ebc924a6df3b7851b28307deb5e9f
658f34a0d8b86d79db1ce63e4cd9df2740d941adbe2cb7ad312a0b4ea7c33fbd
67ca19bc9e77cc98183cd6d087737d09d14831a5b0ad224c847948b644276fb3
69b59054159c1197bc73ffdc566eab25d9eec6af896cb04e01226780adb9bbff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
762337a7b92fe7ed9fbf5312048b9b77f2af37635b494025618c468dfd490b72
7b5e69bd7baba112262223abf352f30bde3ba1387a4bae36a7339463448f2545
7ea267eb5e6ff3261ce4c66dc43fdc7c17d8901ed7d9beffbb1d1176415f91c3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe6f76dce44adaa90fc4025dffa8d8e7a2923ee42e0d09754d467a11bb22d37
831097849a370c02369283b17255c6e4f0ffe9e0a1269610119e49b26401f621
850f82c02dff76b2cd99cdc053132bd0af73a29a1e9352140ff1eb6264a9318a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
900fb986a98091617d75112082a318da55df627feaf94e290f023cf0e5218762
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9326cd5d57dda1f95892044ae2819ffdfbaf5a270fa6e75d4afa4d68706d23cf
935a60d51694072fe00880b07703ba402751822425b7d3362784d4fbdc34181f
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
954201eeb1cac382fbf2a85d6023b581a75c1d58c618367851503ef696262e7d
96a9472a6c38a8c575541bfe1fa2f88d93a55d906ba64a8460454a4318a6d7b5
96fca52e37b8a039bacb8c4939eb84e44c5eab5644d7717006f023f2c3700d69
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c521e7df0300d25e5103c3df768d90935e952689ce91c89e9011cb926a6f9a3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5294757e666228a1aba961385d499260e67b9284d7409902f24db17a70fe403
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a8eb51d0195796f9459227c8ed55a5da02d944af324d35241fc68756aab92539
a98bf4358e15a34917dc0e283742a074e054ca3fc14d6a12cff39ea7e0fdb3f5
a9a44fd7a0d2fe49f26732393d42207cfd9c1a9c14ddb08b9aad6fd11f8c0926
a9f9697a1492fcbf6a68999b0156a6752b609e4205b056f467d2bf184fe0a3a0
b038497371152e3ca1d285702e66549ab12d71e6b50ca33bfe1682f743c060eb
b06bc5702a83b2fb4e1ace94a05c255d7f59aa23c74dc7ff5717c444af0045ad
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b45269fe4c6286f40b5c322ed7121cdcd4cf6d42e53c9d8cf0a221ed3a0332f2
b5b1095f273553861416fd3fd193ef203a9bfb9e42ae48702f7e95100dab0f93
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b7025cc4588e6f0a2727a7dcc036687aa5e31f015c9239002857f002f115bba1
b7d6dbf4f6967d9d636b86e4c3cba0a23da0d1ed45bf66a8ae300847f66a7202
b9e843e63acdf34d5a5edbba301377df7e0089c44be896e2b36e9293227dbcda
bb9ee29a0f1c25e704deac60f9ba91396370894f4c3beb7702662d554fc7ee05
bbeb682e6296a90746d5370922a02df2341f9a78da9c9c98e9198d248a237e10
bdc5e8f7a5bfcfc49c5530c42f5adc5a6e8ed5cfaa349cddf57cd213fb3af2f6
bff2d41e326774343a73aff939c7e616b21d54ce1a2989272ceda06ef6e05ef3
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c5f1ec5732faaf8adcadea80c9d231e4860f7b1413608668de8c45ba1556438a
c89ffcdcf3a556199921214251525a297fed02cb62a1347a04632f3e396fdca9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc638d319e8429772a3b08f3f66ad80f8b20358d08ba29422314572b3101536e
d007685651c7114d29fc6473e158dab2aa00cfd9ccfcdfd7eba6e1c6e39828db
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d536693d99ce68429134a8ed26d5e387a1f6fb48e0b0f7ac975dac2f9851426c
d562cb52469149f6846e3d783c2c736e9dd96cede3ea68c0f00fb72c024bbf77
d583c7fecf54ccfe421e21e237cd691080d5b01d6c7240069b154b8f7be9001f
d9a2b105a77087a2b317e1f8272ea771e9e9cd3a7869c85d90ca6042e53de0e8
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da6b7faeab0aab1da7df99bfc8c045f64e331ccbc18534198ec5edbda74f884e
da91ab5dc562e97e23dd475f13d6131c53c663d1863ee2d28223685b6713d9ba
dbafbf95048dd4408002fe4f64c8d6c547674eb39cc973daca4231be3fc972a2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6f6a550b623916d81dabec1b0a29f2c3a81c2b27c48320237a97fa186e4de1
e2837d0bb94d16628f7fc29733d0c277efbc88e23820c17d2a5138704a4591fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e70f587d440d5e8d86e95fbb456834f7d90a68131261354387e538dd55d93a68
e855908ad6c21d403c36c151041df54333bf745c2aadafb24199d97f59ed09c2
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f82273e9afe4a2f3c1e3ecfe075df31e0fe92cff06c2e028f929c18374078e05
f9a14a82336f8cf37b982f127d8b81f62d8dc79ea592b2f6e7ef9447b220022e
fb54590e4d2cbc5f0ef73f0039ce688a1558e5a8675669a06f4a5ebe4b0e41cf
fb970d6ad0eee071cded1f2f077d1d3d39fe6944a78b634d5ec34d7df607a36e
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

aminoapps.com Open in urlscan Pro 52.38.135.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

100 %HTTPS

49 %IPv6

28 Domains

43 Subdomains

38 IPs

6 Countries

1814 kBTransfer

2922 kBSize

30 Cookies

6 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aminoapps.com Open in urlscan Pro
52.38.135.31 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

100 %
HTTPS

49 %
IPv6

28
Domains

43
Subdomains

38
IPs

6
Countries

1814 kB
Transfer

2922 kB
Size

30
Cookies

141 HTTP transactions
3 data transactions