ww3.read7deadlysins.com Open in urlscan Pro
2606:4700:3037::6818:7fc7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww3.read7deadlysins.com/
Effective URL:
https://ww3.read7deadlysins.com/
Submission: On February 03 via manual (February 3rd 2020, 12:12:22 pm UTC) from PL

Summary HTTP 64 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3037::6818:7fc7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww3.read7deadlysins.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.

This is the only time ww3.read7deadlysins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3037::6818:7fc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
2	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
10	2606:4700:10:... 2606:4700:10::6814:ed10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	143.204.214.43 143.204.214.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::6812:3677	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.224.165.8 54.224.165.8	14618 (AMAZON-AES) (AMAZON-AES)
5	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700::68... 2606:4700::6812:9be1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:4600:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
64	24

4 2606:4700:3037::6818:7fc7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ww3.read7deadlysins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

static.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6814:ed10 (United States)

ASN13335 (CLOUDFLARENET, US)

services.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
biltag.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmp.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.214.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-43.fra53.r.cloudfront.net

runwaff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6812:3677 (United States)

ASN13335 (CLOUDFLARENET, US)

ww8.tokyoghoulre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.224.165.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-165-8.compute-1.amazonaws.com

server.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9be1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

flx907.lporirxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4600:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bilsyndication.com services.bilsyndication.com biltag.bilsyndication.com cmp.bilsyndication.com assets.bilsyndication.com logs.bilsyndication.com	192 KB
7	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	112 KB
7	runwaff.com runwaff.com	17 KB
6	ampproject.org cdn.ampproject.org	111 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	27 KB
4	google-analytics.com 1 redirects www.google-analytics.com	35 KB
4	vidazoo.com static.vidazoo.com server.vidazoo.com	40 KB
4	read7deadlysins.com 1 redirects ww3.read7deadlysins.com	9 KB
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	93 KB
3	imgur.com i.imgur.com	284 KB
2	googletagmanager.com www.googletagmanager.com	56 KB
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	66 B
2	gstatic.com fonts.gstatic.com	22 KB
2	google.com 1 redirects adservice.google.com www.google.com	230 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	consensu.org vendorlist.consensu.org	17 KB
1	glotgrx.com pre.glotgrx.com	537 B
1	lporirxe.com 1 redirects flx907.lporirxe.com	454 B
1	google.be adservice.google.be	171 B
1	tokyoghoulre.com ww8.tokyoghoulre.com
64	20

	Domain	Requested by
7	runwaff.com	ww3.read7deadlysins.com runwaff.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net ww3.read7deadlysins.com
5	securepubads.g.doubleclick.net	runwaff.com securepubads.g.doubleclick.net ww3.read7deadlysins.com
4	assets.bilsyndication.com	biltag.bilsyndication.com ww3.read7deadlysins.com
4	www.google-analytics.com	1 redirects ww3.read7deadlysins.com www.googletagmanager.com
4	ww3.read7deadlysins.com	1 redirects ww3.read7deadlysins.com
3	cmp.bilsyndication.com	biltag.bilsyndication.com ww3.read7deadlysins.com
3	i.imgur.com	ww3.read7deadlysins.com
2	www.googletagmanager.com	biltag.bilsyndication.com
2	fonts.gstatic.com	ww3.read7deadlysins.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	server.vidazoo.com	static.vidazoo.com
2	static.vidazoo.com	ww3.read7deadlysins.com static.vidazoo.com
1	ads.pubmatic.com	assets.bilsyndication.com
1	hbopenbid.pubmatic.com	assets.bilsyndication.com
1	pagead2.googlesyndication.com	ww3.read7deadlysins.com
1	googleads.g.doubleclick.net	ww3.read7deadlysins.com
1	www.google.com	1 redirects
1	logs.bilsyndication.com	ww3.read7deadlysins.com
1	cdn.jsdelivr.net	assets.bilsyndication.com
1	vendorlist.consensu.org	cmp.bilsyndication.com
1	pre.glotgrx.com	ww3.read7deadlysins.com
1	flx907.lporirxe.com	1 redirects
1	imasdk.googleapis.com	biltag.bilsyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	ww3.read7deadlysins.com
1	biltag.bilsyndication.com	services.bilsyndication.com
1	ww8.tokyoghoulre.com	ww3.read7deadlysins.com
1	services.bilsyndication.com	ww3.read7deadlysins.com
64	31

This site contains links to these domains. Also see Links.

Domain
mangacruzers.com
7deadlysins.tv
merchoneesan.com
ww3.animecruzers.io
ww2.mangacruzers.com
twitter.com
www.facebook.com
readshokugeki.com
tokyoghoulre.com
readneverland.com
readnoblesse.com
readkingdom.com
ww3.readfairytail.com
www.readtowerofgod.com
readonepiece.com
readhaikyuu.com
readvinlandsaga.com
readmha.com
readkaguyasama.com
readjujutsukaisen.com
manga.watchoverlord2.com
demonslayermanga.com
read7deadlysins.com
readblackclover.com
readgintama.com
readopm.com
ww4.readnaruto.com
readnaruto.com
readbleachmanga.com
readhxh.com
readdetectiveconan.com
readsnk.com
readberserk.com
manga.watchsao.tv
manga.watchgoblinslayer.com
readdrstone.com
dbsmanga.com
ww3.readopm.com
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.vidazoo.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-20` - `2021-04-03`	2 years	crt.sh
bilsyndication.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
runwaff.com Amazon	`2019-09-05` - `2020-10-05`	a year	crt.sh
server.vidazoo.com Let's Encrypt Authority X3	`2019-12-29` - `2020-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-14` - `2020-03-22`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://ww3.read7deadlysins.com/
Frame ID: C751DB102F3B8063EFF2C3DE25AFECE2
Requests: 29 HTTP requests in this frame

Frame: https://ww8.tokyoghoulre.com/native.html
Frame ID: 981DB7CD6CF2CBDDF0951A246EA50B10
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6DEE7243F4C38EE1736CDC5B0DEE25EF
Requests: 8 HTTP requests in this frame

Frame: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94297&cb=4556901580731921737
Frame ID: 5D794E77546586767588964A9018F3FE
Requests: 1 HTTP requests in this frame

Frame: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=69a1ae274eff659621cc5da174992f8b7&cb=7623571580731921738
Frame ID: 4021D4233B252153A8AC3173B6CBDB47
Requests: 1 HTTP requests in this frame

Frame: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed9&cb=3449031580731921740
Frame ID: EE8B0962FB243B98E41411B750F6FF0D
Requests: 1 HTTP requests in this frame

Frame: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=6488641580731921741
Frame ID: 12977C188B2392E946EF9E6F3A8D46E6
Requests: 1 HTTP requests in this frame

Frame: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=c45f858cb8b4b094b8b6229bad96a54e1&cb=1558391580731921742
Frame ID: 44741D3841A426A3B84AE9A9C0918C0B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: FBA4C6B91FE25CFA85922A53B259C0A6
Requests: 17 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-17
Frame ID: 150A9DA39AA43A066AA230221E6E2724
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-10
Frame ID: 605F76E042AA21566C730619A89D458B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 35E8C4FB3C4180644A3850B21BC491FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ww3.read7deadlysins.com/ HTTP 301
https://ww3.read7deadlysins.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

64
Requests

100 %
HTTPS

72 %
IPv6

20
Domains

31
Subdomains

24
IPs

5
Countries

1016 kB
Transfer

2525 kB
Size

6
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: http://mangacruzers.com/download-the-seven-deadly-sins-manga-chapter-complete-free/
Title: Download

Search URL Search Domain Scan URL

URL: http://7deadlysins.tv/
Title: 7DS Anime

Search URL Search Domain Scan URL

URL: https://merchoneesan.com/collections/the-seven-deadly-sins
Title: Store

Search URL Search Domain Scan URL

URL: https://ww3.animecruzers.io/contact-us/
Title: Conatct Us

Search URL Search Domain Scan URL

URL: https://ww2.mangacruzers.com/download-the-seven-deadly-sins-manga-chapter-complete-free/
Title: Download

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?&ref_src=twsrc%5Etfw&region=follow_link&screen_name=Releases_Anime&tw_p=followbutton

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AnimeReleaseSupport/

Search URL Search Domain Scan URL

URL: http://readshokugeki.com/
Title: ReadShokugeki.com

Search URL Search Domain Scan URL

URL: http://tokyoghoulre.com/
Title: Tokyoghoulre.com

Search URL Search Domain Scan URL

URL: http://readneverland.com/
Title: ReadNeverland.com

Search URL Search Domain Scan URL

URL: http://readnoblesse.com/
Title: Readnoblesse.com

Search URL Search Domain Scan URL

URL: http://readkingdom.com/
Title: Readkingdom.com

Search URL Search Domain Scan URL

URL: https://ww3.readfairytail.com/manga/edens-zero/
Title: ReadFairyTail.com

Search URL Search Domain Scan URL

URL: https://www.readtowerofgod.com/
Title: ReadGodOfTower.com

Search URL Search Domain Scan URL

URL: http://readonepiece.com/
Title: ReadOnePiece.com

Search URL Search Domain Scan URL

URL: http://readhaikyuu.com/
Title: ReadHaikyuu.com

Search URL Search Domain Scan URL

URL: https://readvinlandsaga.com/
Title: ReadVinlandSaga.com

Search URL Search Domain Scan URL

URL: http://readmha.com/
Title: ReadMHA.com

Search URL Search Domain Scan URL

URL: http://readkaguyasama.com/
Title: ReadKaguyaSama.com

Search URL Search Domain Scan URL

URL: http://readjujutsukaisen.com/
Title: ReadJujutsuKaisen.com

Search URL Search Domain Scan URL

URL: http://manga.watchoverlord2.com/
Title: Manga.watchoverlord2.com

Search URL Search Domain Scan URL

URL: https://demonslayermanga.com/
Title: demonslayermanga.com

Search URL Search Domain Scan URL

URL: http://read7deadlysins.com/
Title: Read7DeadlySins.com

Search URL Search Domain Scan URL

URL: http://readblackclover.com/
Title: ReadBlackClover.com

Search URL Search Domain Scan URL

URL: https://ww3.readfairytail.com/manga/fairy-tail/
Title: ReadFairyTail.com

Search URL Search Domain Scan URL

URL: http://readgintama.com/
Title: ReadGintama.com

Search URL Search Domain Scan URL

URL: http://readopm.com/
Title: readOPM.com

Search URL Search Domain Scan URL

URL: https://ww4.readnaruto.com/manga/naruto/
Title: ReadNaruto.com

Search URL Search Domain Scan URL

URL: http://readnaruto.com/
Title: ReadNaruto.com

Search URL Search Domain Scan URL

URL: http://readbleachmanga.com/
Title: ReadBleachManga.com

Search URL Search Domain Scan URL

URL: http://readhxh.com/
Title: ReadHxH.com

Search URL Search Domain Scan URL

URL: http://readdetectiveconan.com/
Title: ReadDetectiveConan.com

Search URL Search Domain Scan URL

URL: http://readsnk.com/
Title: ReadSNK.com

Search URL Search Domain Scan URL

URL: http://readberserk.com/
Title: ReadBerserk.com

Search URL Search Domain Scan URL

URL: http://manga.watchsao.tv/
Title: Manga.Watchsao.tv

Search URL Search Domain Scan URL

URL: http://manga.watchgoblinslayer.com/
Title: Manga.watchgoblinslayer.com

Search URL Search Domain Scan URL

URL: http://readdrstone.com/
Title: ReadDrStone.com

Search URL Search Domain Scan URL

URL: http://dbsmanga.com/
Title: DBSmanga.com

Search URL Search Domain Scan URL

URL: https://ww3.readopm.com/manga/mob-psycho-100/
Title: ReadOPM.com

Search URL Search Domain Scan URL

URL: http://mangacruzers.com/
Title: MangaCruzers.com

Search URL Search Domain Scan URL

URL: https://valueimpression.com/privacy.html#cmpnoscreen
Title: Learn more

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=ww3.read7deadlysins.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww3.read7deadlysins.com/ HTTP 301
https://ww3.read7deadlysins.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1162102197&t=pageview&_s=1&dl=https%3A%2F%2Fww3.read7deadlysins.com%2F&ul=en-us&de=UTF-8&dt=Read%20Nanatsu%20no%20taizai%2F7%20Deadly%20Sins%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=664430359&gjid=1616008708&cid=2128567909.1580731922&tid=UA-149279885-2&_gid=1633374615.1580731922&_r=1&z=1138902298 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-149279885-2&cid=2128567909.1580731922&jid=664430359&_gid=1633374615.1580731922&gjid=1616008708&_v=j80&z=1138902298

Request Chain 29

https://flx907.lporirxe.com/flp/impimg.php?qid=03032313f573032313f5730393&cid=907&p=&s=read7deadlysins.com&x=&nci=&adtg=&nai=&si=2044&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&lat=&lon= HTTP 301
https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=read7deadlysins.com&x=&nci=&adtg=&nai=&si=2044&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&lat=&lon=&flsrc=1

Request Chain 55

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ww3.read7deadlysins.com/
Redirect Chain

http://ww3.read7deadlysins.com/
https://ww3.read7deadlysins.com/

28 KB
5 KB

352ms
333ms

Document
text/html

2606:4700:3037::6818:7fc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6818:7fc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d003cea6a2f6c404b32f55e258618f6ba4b5f3c6d16a6497f452f8f8cb4cd5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ww3.read7deadlysins.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 03 Feb 2020 12:12:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db209f816909a634e254684153e8166031580731921; expires=Wed, 04-Mar-20 12:12:01 GMT; path=/; domain=.read7deadlysins.com; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6InNNb3VQdGpaak5yaUg5eFhEc3Y3V3c9PSIsInZhbHVlIjoiZkVOaVlCQ29meldzZ2xNeThadlJYY1ZWbTRHejhidE5UcnV6aTRLYUZoMG5URFwvY2dvMHZXNlY4ck1JVVNpSGkiLCJtYWMiOiJlMWE2YThiYjQxMDliNjc1OGVjMzZlYTZlOWJlMjBkNGMwZjMyNjE5ZTU2MThjMDQ5NTQzZmExODQyNjA5YjYxIn0%3D; expires=Mon, 03-Feb-2020 14:12:01 GMT; Max-Age=7200; path=/ read_7_deadly_sins_manga_session=eyJpdiI6ImdyYkJTS0pXZ3Bld2tvbnpVUkR4WFE9PSIsInZhbHVlIjoiUkI1V2U3Z24xb2owRFVwM05Da1RJQ1BESnBNZkZiNVJpaFpiVlhnZ0VYblZxcENrcVFSMnpWOG1LcE0xSDU3ZCIsIm1hYyI6IjZkN2UwZjcwODY0Mzc5MDQwMzY5NDliYzE5YjA4ZGY1YjM0ZDk1YjYxYTVjMjk3Yzk5ZGNhMDM2MThiZGEwYmYifQ%3D%3D; expires=Mon, 03-Feb-2020 14:12:01 GMT; Max-Age=7200; path=/; httponly
vary: Accept-Encoding
cache-control: no-cache, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55f44f8bea80c2a4-FRA
content-encoding: gzip

Redirect headers

Date: Mon, 03 Feb 2020 12:12:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 03 Feb 2020 13:12:01 GMT
Location: https://ww3.read7deadlysins.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 55f44f8ba9eac2a4-FRA

GET
H2 200 app.css
ww3.read7deadlysins.com/css/ 9 KB
3 KB 18ms
16ms Stylesheet
text/css 2606:4700:3037::6818:7fc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww3.read7deadlysins.com/css/app.css?id=f729a9301235911c6f5c
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:7fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d00e3bae7c4f99e5e8b03852de086b7581348b8fa5a4adcd52d245555ea80f

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1618785
cf-polished: origSize=9143
status: 200
last-modified: Wed, 15 Jan 2020 16:29:12 GMT
pragma: public
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 55f44f8e08e1c2a4-FRA
expires: Fri, 14 Feb 2020 18:32:15 GMT

GET
H2 200 IWdMiG9.png
i.imgur.com/ 12 KB
12 KB 70ms
22ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/IWdMiG9.png
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: a733719e0ba21dbd1a691a459642d9037d594d70b0026b25836b6f75b290e5f0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
age: 2510608
x-cache: HIT, HIT
status: 200
content-length: 12352
x-served-by: cache-bwi5129-BWI, cache-fra19177-FRA
last-modified: Tue, 30 Jul 2019 11:59:29 GMT
server: cat factory 1.0
x-timer: S1580731922.654649,VS0,VE0
etag: "a3f5ceb17a617e1c28cad27623b77254"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 3

GET
H2 200 kIVlOWS.png
i.imgur.com/ 18 KB
19 KB 83ms
35ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/kIVlOWS.png
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 162eaee62eb9c97924a1b8a991f01364cc21b515c75de25810219c5396bd0bb0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
age: 7536154
x-cache: HIT, HIT
status: 200
content-length: 18887
x-served-by: cache-bwi5149-BWI, cache-fra19177-FRA
last-modified: Tue, 30 Jul 2019 11:59:28 GMT
server: cat factory 1.0
x-timer: S1580731922.654765,VS0,VE0
etag: "b6667f12053f4b82d0d91e4516b36b44"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 3

GET
H/1.1 200
OK widget.js Show response
static.vidazoo.com/basev/widgets/ 41 KB
15 KB 43ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/widgets/widget.js?widgetId=5deb0617e7293d0004afc801&gdpr=0&widgetPosition=vidazoo-player-div
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 5b9a618f63dcd663db0f118adbde3edb6bb3cc3c3da562633488804d503b8887

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 12:12:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 15:57:21 GMT
ETag: "1580399841"
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control: max-age=13552
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length: 14541
X-HW: 1580731910.dop011.wa1.shc,1580731921.dop011.wa1.t,1580731921.cds002.wa1.c

GET
H2 200 / Show response
services.bilsyndication.com/adv1/ 313 B
686 B 155ms
138ms Script
application/javascript 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bilsyndication.com/adv1/?q=87216b358402869b1c0e66facfc9ae3c

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5794ffdbe70a971704983ecda1b3a3085ae5f66915881e3379d556afc8dd7467

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 3 Feb 2020 07:12:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 157.114
content-type: application/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 55f44f8e197ac2b8-FRA
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 app.js Show response
ww3.read7deadlysins.com/js/ 2 KB
835 B 17ms
17ms Script
application/javascript 2606:4700:3037::6818:7fc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww3.read7deadlysins.com/js/app.js?id=f8802ebf3df99dfe3fe0
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6818:7fc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 866c919e279c032ffd8b9b2713332921d6d606ee61d68ea35142d73abb9171ff

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Jan 2020 16:29:12 GMT
server: cloudflare
age: 1618785
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-bgj: minify
cf-ray: 55f44f8e08e5c2a4-FRA
expires: Fri, 14 Feb 2020 18:32:15 GMT

GET
H2 200 t.js Show response
runwaff.com/ 16 KB
16 KB 109ms
52ms Script
application/javascript 143.204.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash: 172eeb23555ea463a8e0041e20529e58f201caa115881598a5502018fe49f03b

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 03 Feb 2020 12:12:01 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: wSy19SiA1CZo2MOpYQPgy2Cpwvyrp56RbgyomOV4MhiW_hQdL5aNdA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 native.html
ww8.tokyoghoulre.com/ Frame 981D 0
0 283ms
209ms Document
text/html 2606:4700:3034::6812:3677
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ww8.tokyoghoulre.com/native.html

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6812:3677 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ww8.tokyoghoulre.com
:scheme: https
:path: /native.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ww3.read7deadlysins.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/

Response headers

status: 200
date: Mon, 03 Feb 2020 12:12:01 GMT
content-type: text/html
set-cookie: __cfduid=db779376ccde3cbdadec2e926988f11981580731921; expires=Wed, 04-Mar-20 12:12:01 GMT; path=/; domain=.tokyoghoulre.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
last-modified: Sat, 04 Jan 2020 13:11:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55f44f8e999a6377-FRA
content-encoding: br

GET
H2 200 OjeMpsM.png
i.imgur.com/ 253 KB
253 KB 66ms
41ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/OjeMpsM.png
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 3ebc579d2a5ea97acdb56edfb0e2a98e4d41f4f3db179fc1847bd50251d2251e

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
age: 1622095
x-cache: HIT, HIT
status: 200
content-length: 259184
x-served-by: cache-bwi5126-BWI, cache-fra19177-FRA
last-modified: Wed, 15 Jan 2020 17:37:03 GMT
server: cat factory 1.0
x-timer: S1580731922.654753,VS0,VE1
etag: "55ce2a027cb59b529866b90c37a711cc"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK vpt.js Show response
static.vidazoo.com/basev/ 39 KB
11 KB 43ms
43ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/vpt.js
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/widgets/widget.js?widgetId=5deb0617e7293d0004afc801&gdpr=0&widgetPosition=vidazoo-player-div
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 44916faf81f9600a9a872c6fe78824348b929755b1bf1a97ef68076f77d563c2

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 12:12:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 09:23:51 GMT
ETag: "1580203431"
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control: max-age=76317
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length: 10175
X-HW: 1580731910.dop011.wa1.shc,1580731921.dop011.wa1.t,1580731921.cds002.wa1.c

GET
H/1.1 200
OK css
server.vidazoo.com/widgets/5deb0617e7293d0004afc801/ 0
421 B 321ms
110ms Stylesheet
text/css 54.224.165.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://server.vidazoo.com/widgets/5deb0617e7293d0004afc801/css?widgetId=5deb0617e7293d0004afc801&gdpr=0&widgetPosition=vidazoo-player-div
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/widgets/widget.js?widgetId=5deb0617e7293d0004afc801&gdpr=0&widgetPosition=vidazoo-player-div
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.165.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-165-8.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 12:12:01 GMT
Via: 1.1 vegur
Server: Cowboy
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6DEE 53 KB
16 KB 31ms
31ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

76ece7717e62eed8809e2a21aacd89e529e37f2141669448a62acd31c3a16005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "417 / 690 of 1000 / last-modified: 1580409148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16246
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:01 GMT

GET
H2 200 d
runwaff.com/ Frame 5D79 0
0 53ms
53ms Document
text/html 143.204.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94297&cb=4556901580731921737
Requested by: Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: runwaff.com
:scheme: https
:path: /d?i=u1dvjpo9e55sy80hm5&a=3191181510d1c5163e53c1097b6d94297&cb=4556901580731921737
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ww3.read7deadlysins.com/
accept-encoding: gzip, deflate, br
cookie: SSID=c8323f8c104317e71e3e1b8df39f35b3af70a369
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: S4xh-g7IS286wAxtVGTmfnD_D_nT2BDMhA9he4w_KlJMkaNigWpavQ==

GET
H2 200 d
runwaff.com/ Frame 4021 0
0 55ms
55ms Document
text/html 143.204.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=69a1ae274eff659621cc5da174992f8b7&cb=7623571580731921738
Requested by: Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: runwaff.com
:scheme: https
:path: /d?i=u1dvjpo9e55sy80hm5&a=69a1ae274eff659621cc5da174992f8b7&cb=7623571580731921738
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ww3.read7deadlysins.com/
accept-encoding: gzip, deflate, br
cookie: SSID=c8323f8c104317e71e3e1b8df39f35b3af70a369
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 311
date: Mon, 03 Feb 2020 12:12:01 GMT
x-cache: Miss from cloudfront
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: bUjAlfd91VoHrw1FMgnRDQYagVXLgxOstRUHDqqQaJKjl5vHsbn6iA==

GET
H2 200 d
runwaff.com/ Frame EE8B 0
0 53ms
53ms Document
text/html 143.204.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed9&cb=3449031580731921740
Requested by: Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: runwaff.com
:scheme: https
:path: /d?i=u1dvjpo9e55sy80hm5&a=6a61c97338f087e01f469fd41bde18ed9&cb=3449031580731921740
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ww3.read7deadlysins.com/
accept-encoding: gzip, deflate, br
cookie: SSID=c8323f8c104317e71e3e1b8df39f35b3af70a369
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 388
date: Mon, 03 Feb 2020 12:12:01 GMT
x-cache: Miss from cloudfront
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: HdOwoBDJU4zBUh37kHf_naorLFSPubWleLowDEVDqEc7ze6tkJhEKg==

GET
H2 200 d
runwaff.com/ Frame 1297 0
0 53ms
53ms Document
text/html 143.204.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=6488641580731921741
Requested by: Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: runwaff.com
:scheme: https
:path: /d?i=u1dvjpo9e55sy80hm5&a=1a0c8985ce32a33755c3d97ef8fe86d19&cb=6488641580731921741
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ww3.read7deadlysins.com/
accept-encoding: gzip, deflate, br
cookie: SSID=c8323f8c104317e71e3e1b8df39f35b3af70a369
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 356
date: Mon, 03 Feb 2020 12:12:01 GMT
x-cache: Miss from cloudfront
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: XetLYLGLqMDxXC8OlfgfKTh0LB2NTXuN01eHPg-i8Uo99siWqXoWAQ==

GET
H2 200 d
runwaff.com/ Frame 4474 0
0 51ms
50ms Document
text/html 143.204.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://runwaff.com/d?i=u1dvjpo9e55sy80hm5&a=c45f858cb8b4b094b8b6229bad96a54e1&cb=1558391580731921742
Requested by: Host: runwaff.com
URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: runwaff.com
:scheme: https
:path: /d?i=u1dvjpo9e55sy80hm5&a=c45f858cb8b4b094b8b6229bad96a54e1&cb=1558391580731921742
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ww3.read7deadlysins.com/
accept-encoding: gzip, deflate, br
cookie: SSID=c8323f8c104317e71e3e1b8df39f35b3af70a369
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 506
date: Mon, 03 Feb 2020 12:12:01 GMT
x-cache: Miss from cloudfront
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: T219Gjo81hfsGBNOe3M727Q79Bok5xiw-4o2ISshKoVymkdTszSGXA==

GET
H2 200 / Show response
biltag.bilsyndication.com/jsv1/1580617146/ 221 KB
54 KB 28ms
27ms Script
application/javascript 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=

Requested by

Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=87216b358402869b1c0e66facfc9ae3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579445c822dd86284d81ac5e0a805266a799d48ca7bb2b3aea66ab1b0b3ae0be

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 114744
cf-polished: origSize=227285
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-sv: 157.114
cache-control: public, max-age=16070400
cf-ray: 55f44f8efbc0c2b8-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 1411
date: Mon, 03 Feb 2020 11:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Mon, 03 Feb 2020 13:48:30 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1162102197&t=pageview&_s=1&dl=https%3A%2F%2Fww3.read7deadlysins.com%2F&ul=en-us&de=UTF-8&dt=Read%20Nanatsu%20no%20taizai%2F7%20Deadly%20Sins%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-149279885-2&cid=2128567909.1580731922&jid=664430359&_gid=1633374615.1580731922&gjid=1616008708&_v=j80&z=1138902298

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-149279885-2&cid=2128567909.1580731922&jid=664430359&_gid=1633374615.1580731922&gjid=1616008708&_v=j80&z=1138902298

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 03 Feb 2020 12:12:01 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 12:12:01 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-149279885-2&cid=2128567909.1580731922&jid=664430359&_gid=1633374615.1580731922&gjid=1616008708&_v=j80&z=1138902298
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 6DEE 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=ww3.read7deadlysins.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6DEE 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ww3.read7deadlysins.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6DEE 167 KB
61 KB 31ms
30ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js?21065315

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62184
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:01 GMT

GET
H2 200 cmp.min.css
cmp.bilsyndication.com/static/delivery/ 14 KB
3 KB 15ms
14ms Stylesheet
text/css 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.bilsyndication.com/static/delivery/cmp.min.css
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1536829
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
pragma: public
last-modified: Tue, 14 Jan 2020 16:49:30 GMT
server: cloudflare
etag: W/"5e1df11a-36a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 55f44f8f4c7fc2b8-FRA
expires: Fri, 14 Feb 2020 02:17:05 GMT

GET
H2 200 cmp_en.js Show response
cmp.bilsyndication.com/js/ 160 KB
31 KB 18ms
18ms Script
application/javascript 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.bilsyndication.com/js/cmp_en.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1533743
cf-polished: origSize=275470
status: 200
cf-bgj: minify
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
pragma: public
last-modified: Thu, 16 Jan 2020 18:08:39 GMT
server: cloudflare
etag: W/"5e20a6a7-4340e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 55f44f8f4c81c2b8-FRA
expires: Sat, 15 Feb 2020 18:09:37 GMT

GET
H2 200 prebid-v3.5.0.js Show response
assets.bilsyndication.com/prebid/default/ 270 KB
80 KB 35ms
15ms Script
application/javascript 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/prebid/default/prebid-v3.5.0.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f31c510671d39465c3f4e2bfed0ee21baed5da7435201e46ac57dd566677e3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288818
cf-polished: origSize=276614
cf-ray: 55f44f8f7d1dc2b8-FRA
status: 200
cf-bgj: minify
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 31 Jan 2020 03:58:16 GMT
server: cloudflare
etag: W/"5e33a5d8-43886"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow
expires: Fri, 31 Jan 2020 04:28:23 GMT

GET
H2 200 viPlayer_v28.js Show response
assets.bilsyndication.com/plugins/vlPlayer/ 11 KB
4 KB 41ms
21ms Script
application/javascript 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bilsyndication.com/plugins/vlPlayer/viPlayer_v28.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7b6866f148be34fe36ae389d823f29f31d345dbd3b59a532fc6dad37663dc5

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 575382
status: 200
last-modified: Fri, 27 Dec 2019 20:10:04 GMT
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"5e06651c-2bfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 55f44f8f7d1ac2b8-FRA
expires: Mon, 27 Jan 2020 20:52:19 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 270 KB
92 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

771039077e9b36c298c447b69c945d203959d3c90aee59a4827e1e94eb67afff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93695
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:01 GMT

GET
H2 200 sf_host.min.js Show response
assets.bilsyndication.com/plugins/safeframe/src/js/ 38 KB
16 KB 35ms
16ms Script
application/javascript 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bilsyndication.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 535176
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=16070400
cf-ray: 55f44f8f7d1cc2b8-FRA
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Tue, 28 Jan 2020 08:02:25 GMT

GET
H2

200

impimg.gif
pre.glotgrx.com/
Redirect Chain

https://flx907.lporirxe.com/flp/impimg.php?qid=03032313f573032313f5730393&cid=907&p=&s=read7deadlysins.com&x=&nci=&adtg=&nai=&si=2044&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(M...
https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=read7deadlysins.com&x=&nci=&adtg=&nai=&si=2044&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh...

26 B
537 B

28ms
10ms

Image
image/gif

2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=read7deadlysins.com&x=&nci=&adtg=&nai=&si=2044&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&lat=&lon=&flsrc=1
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
cf-cache-status: HIT
age: 6576
status: 200
content-type: image/gif
content-length: 26
x-amz-id-2: VSWUh3/eOBMG3i/G+VX08mQzi8STOT35dN9nTHefmjZne0dTb68AeDEfMW2/8xMJqj45JYwyz7o=
last-modified: Wed, 01 Nov 2017 15:37:36 GMT
server: cloudflare
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 478DD43D83E25825
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 55f44f8fdfc7e00b-FRA
expires: Mon, 03 Feb 2020 14:12:01 GMT

Redirect headers

date: Mon, 03 Feb 2020 12:12:01 GMT
server: cloudflare
location: https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=read7deadlysins.com&x=&nci=&adtg=&nai=&si=2044&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&lat=&lon=&flsrc=1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 301
cache-control: max-age=3600
cf-ray: 55f44f8f8c02beb5-FRA
expires: Mon, 03 Feb 2020 13:12:01 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 93 KB
17 KB 7ms
7ms XHR
application/json 2600:9000:2057:4600:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: cmp.bilsyndication.com
URL: https://cmp.bilsyndication.com/js/cmp_en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4600:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65e6427f490a96c4a8b363d5f70ce70cc29164e2753d3843d38be63ac5235c0a

Request headers

Referer: https://ww3.read7deadlysins.com/
Origin: https://ww3.read7deadlysins.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Jan 2020 16:29:00 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 330182
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 30 Jan 2020 16:00:30 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: _S6gJy.jMlUF8_y25uPP970yGsIjDDI2
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: gdQbHDKmTJhyWGZo4htMj-okG2IH4WLrtfGmdUTZZMF5hwtUbVUaYw==

GET
H2 200 pxl.jpg
runwaff.com/ 597 B
830 B 53ms
52ms Image
image/jpeg 143.204.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runwaff.com/pxl.jpg?i=u1dvjpo9e55sy80hm5&s=2054&p=https%3A%2F%2Fww3.read7deadlysins.com%2F&h=2798681580731921860
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-43.fra53.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: 7aCNglWxdl0JLhH8aESXlCo1PSq3uem9kp9JpYfjPVkWxcrog16yaA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 40ms
24ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200203

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.5.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bf7c626df70b5ec32f516814993766b202f545c5f02d40d51d07eb021ed1500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww3.read7deadlysins.com/
Origin: https://ww3.read7deadlysins.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"539-VlX+Y4ZVkX8oBNwppWly1mrVUFU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 55f44f8ff86d64eb-FRA

GET
H2 200 /
logs.bilsyndication.com/sub/ 0
240 B 355ms
10ms Image
image/jpeg 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.bilsyndication.com/sub/?d=read7deadlysins.com&h=ww3.read7deadlysins.com
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:02 GMT
cf-cache-status: HIT
cf-bgj: imgq:85
server: cloudflare
age: 1401127
cf-polished: status=cannot_optimize
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55f44f920cd7c2b8-FRA
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0

GET
H2 200 yes.svg
cmp.bilsyndication.com/static/delivery/btns0/ 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmp.bilsyndication.com/static/delivery/btns0/yes.svg
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1536828
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
pragma: public
last-modified: Tue, 14 Jan 2020 16:51:16 GMT
server: cloudflare
etag: W/"5e1df184-91f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 55f44f902ed3c2b8-FRA
expires: Sat, 15 Feb 2020 03:56:15 GMT

GET
H/1.1 200
OK js Show response
server.vidazoo.com/widgets/5deb0617e7293d0004afc801/ 13 KB
13 KB 110ms
110ms Script
text/javascript 54.224.165.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://server.vidazoo.com/widgets/5deb0617e7293d0004afc801/js?widgetId=5deb0617e7293d0004afc801&gdpr=0&widgetPosition=vidazoo-player-div
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/widgets/widget.js?widgetId=5deb0617e7293d0004afc801&gdpr=0&widgetPosition=vidazoo-player-div
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.165.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-165-8.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 7eee942b80796b0358edd5ff471fa1165ce35729097bf73ea92089279ac9fd45

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 12:12:02 GMT
Via: 1.1 vegur
Server: Cowboy
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length: 12974

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6DEE 45 KB
11 KB 320ms
320ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2351283855704680&correlator=1365465479674710&output=ldjh&impl=fifs&adsid=NT&eid=21065315%2C20194813%2C21062415%2C21064549%2C21065113%2C21065317&vrg=2020012701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200203&iu_parts=21671350435%2C300x250-read7deadlysins.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&cdm=ww3.read7deadlysins.com&bc=31&abxe=1&lmt=1580731922&dt=1580731922355&dlt=1580731921734&idt=107&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=1067&adys=334&adks=2676277701&ucis=b8zz8w7wt542&ifi=1&ifk=1085813594&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fww3.read7deadlysins.com%2F&top=https%3A%2F%2Fww3.read7deadlysins.com%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=2128567909.1580731922&ga_sid=1580731922&ga_hid=69527998&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

1f7ff9cc98444280b9c63ea81d34c46fda3fd1cd6ecc174a5b8fd311ea8cc1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/
Origin: https://ww3.read7deadlysins.com

Response headers

date: Mon, 03 Feb 2020 12:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10782
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ww3.read7deadlysins.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6DEE 66 KB
24 KB 31ms
31ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24916
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:02 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6DEE 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js?21065315
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 6DEE 20 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6430
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7150
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 10:24:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e98551560828916"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 10:24:52 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame FBA4 200 KB
55 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6714
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 10:20:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 10:20:08 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame FBA4 15 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243597
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb81b23fc83ce453"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:05 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame FBA4 91 KB
27 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6719
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 10:20:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 10:20:03 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame FBA4 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220824
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 22:51:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5821fa2b275b35ee"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 22:51:38 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame FBA4 46 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 243562
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95a2cb227bce10b6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FBA4 5 KB
696 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 12:12:02 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 12:12:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FBA4 5 KB
650 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js?21065315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 12:12:02 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 12:12:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:02 GMT

GET
DATA 200
OK truncated
/ Frame FBA4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17ed352d138793adf61748dece40ef182e619ff1e70d3bf3c6ee34b5e701a144

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4897828751109714875/ Frame FBA4 18 KB
19 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4897828751109714875/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qmWIovlV_EpKqkSI8ojxlajWFlPXw

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516e342e3e6b752232dc27e75291a780ef3428dd03091079ac59b04bd65eb155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 23:10:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jan 2020 10:31:07 GMT
server: sffe
age: 997273
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 18940
x-xss-protection: 0
expires: Thu, 21 Jan 2021 23:10:49 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4937278019047921131/ Frame FBA4 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4937278019047921131/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qkUXq_LsaXDV1Osm_xCtIuIjZnQ6Q

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ac8a8284a3f9ec8b5e65e000bd16f2aca0af4fc37e3dab955979f3908889cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 10:13:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jan 2020 10:31:06 GMT
server: sffe
age: 1043936
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5153
x-xss-protection: 0
expires: Thu, 21 Jan 2021 10:13:06 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FBA4 0
0 35ms
34ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJUqTEg44XvzjGJTwgAfhxIbQCuyYqpJboovK3PwK_MG1q64BEAEg1ubFWGC56L6A1AGgAdmbnv0DyAEGqQKHiGjX35hnPuACAKgDAcgDCqoE2wFP0Ih2MY4X9YHmEZxqTzvwSx8xkhYF72ldRTDRV3SHLLjdme0WEP_nJ_e6jH6CCWSvX_gRnEf5S0MVyd65ErcalE_jv2_an-PM6T0kLnIssjpn7Sfny_2js9_2NHDFFwwQwhY__Ofh10ufCfuRcGOKeQW8k1P2avU0Ga3VgDtQG8UwmQ9v1MtomChPpBySlptm2Z1aUvMwqM18m0iZEhRBb8QoJUTdvgbHElpaJiskcDqZXkkOcNt5ydgwmbTZ0WQ-woJJCXl9OvZT8dIqwHUheYQIeLrBvTm87x3ABMy4pP7bAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAeP5OECqAeOzhuoB9XJG6gHk9gbqAe6BqgH8tkbqAemvhuoB-zVG9gHAfIHBBDe1gHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUxOTE4NTgzMTE0MTMyNDiACgPICwHYEw0&sigh=52xoXbEpuEk&template_id=492&tpd=AGWhJmv55lMhCzri6X5GQEpQ5xp-_SAjwv2jLrbpob3cU5Wj8A
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBA4 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 11:08:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 3784
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 04 Feb 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FBA4 295 B
368 B 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 11:55:20 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 1002
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 04 Feb 2020 11:55:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame FBA4 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://ww3.read7deadlysins.com

Response headers

date: Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 174990
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 11:35:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame FBA4 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://ww3.read7deadlysins.com

Response headers

date: Fri, 17 Jan 2020 17:18:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1450387
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sat, 16 Jan 2021 17:18:55 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame FBA4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 Feb 2020 12:12:02 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FBA4 42 B
116 B 27ms
27ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstBYxGuKRoygo1Noh6cJmU-S2NOMYnbOEbGPyoYNnhkvdoBFBwojuBln6Jpm5uNEdiba62NeF7Q8K81VIMBCUuinaCkA0Dzhq86GxxRdOOoqxlUUbcTdThLmKxiQ&sai=AMfl-YTINna4ZCK0Be1yF7ehjKyuwyXXdJP_NFXORVUerAg6zo6WxcDkkVqUapssKBTgY_tO-rKbYNRTLGjFzQxpCxWZqUL3HNz-9Juy-dgQ&sig=Cg0ArKJSzJbmtJeGNwQ7EAE&id=ampim&o=1067,334&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=117&tls=1118&g=100&h=100&tt=1118&r=v&adk=2676277701&avms=ampa

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 12:12:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 24ms
24ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ww3.read7deadlysins.com/
Origin: https://ww3.read7deadlysins.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 12:12:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ww3.read7deadlysins.com

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 150A 74 KB
28 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-17

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce84cb79cbacbc65c02af4baee62c491242f5717a676703406ff596115de6844

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:05 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28431
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 605F 74 KB
28 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-10

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1580617146/?q=87216b358402869b1c0e66facfc9ae3c&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

459c99eb7ada1dc54c88ddaec934982bc91007f3fe13c7af48262074a40a2fbd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:05 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28430
x-xss-protection: 0
expires: Mon, 03 Feb 2020 12:12:05 GMT

GET
H2 200 vi-logo.svg
assets.bilsyndication.com/media/icon/ 11 KB
3 KB 11ms
11ms Image
image/svg+xml 2606:4700:10::6814:ed10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/media/icon/vi-logo.svg
Requested by: Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ed10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 12:12:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
age: 1344449
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=16070400
cf-ray: 55f44fa92acfc2b8-FRA
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 150A 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 1415
date: Mon, 03 Feb 2020 11:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Mon, 03 Feb 2020 13:48:30 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 150A 35 B
112 B 13ms
13ms Image
image/gif 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=602835915&t=pageview&_s=1&dl=https%3A%2F%2Fww3.read7deadlysins.com%2F&ul=en-us&de=UTF-8&dt=Nobid_Outstream_read7deadlysins.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=read7deadlysins.com&cm=Nobid_Outstream&cc=Default&_u=IEBAAUAB~&jid=1575686385&gjid=535041220&cid=1314817498.1580731926&tid=UA-128776493-17&_gid=136788129.1580731926&_r=1&gtm=2ou1m0&z=545596068

Requested by

Host: ww3.read7deadlysins.com
URL: https://ww3.read7deadlysins.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww3.read7deadlysins.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 12:12:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 35E8 0
0 89ms
39ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.5.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://ww3.read7deadlysins.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://ww3.read7deadlysins.com/

Response headers

Last-Modified: Wed, 22 Jan 2020 11:16:09 GMT
ETag: "13006b6-973d-59cb8a6c84de0"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14478
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=141675
Expires: Wed, 05 Feb 2020 03:33:24 GMT
Date: Mon, 03 Feb 2020 12:12:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ww8.tokyoghoulre.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22g1Uy_Tcty%22%7D%2C%22C340989%22%3A%7B%22page%22%3A1%2C%22time%22%3A1580731922675%7D%7D
.read7deadlysins.com/	1970-01-19 07:05:31	Name: _gat_gtag_UA_128776493_17 Value: 1
.read7deadlysins.com/	1970-01-19 07:06:58	Name: _gid Value: GA1.2.136788129.1580731926
.read7deadlysins.com/	1970-01-20 00:36:43	Name: _ga Value: GA1.2.1314817498.1580731926
ww3.read7deadlysins.com/	1970-01-19 15:51:07	Name: _pubcid Value: a4428074-e5fe-420f-9324-a8c2f818f876
.read7deadlysins.com/	1970-01-20 00:36:43	Name: __gads Value: ID=02f3d1620bc778d2:T=1580731922:S=ALNI_MamB-8A8uSaePRsv6XL1Urp1hSWfg

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://runwaff.com/t.js?i=u1dvjpo9e55sy80hm5&cb=7544561580731921620(Line 34) Message: %c [object HTMLImageElement]
console-api	warning	URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.5.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	error	URL: https://static.vidazoo.com/basev/widgets/widget.js?widgetId=5deb0617e7293d0004afc801&gdpr=0&widgetPosition=vidazoo-player-div(Line 33) Message: %cVIDAZOO WIDGET color: darkorange;background-color: blue; TypeError: Cannot read property 'getBoundingClientRect' of null
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://ww3.read7deadlysins.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.be
adservice.google.com
assets.bilsyndication.com
biltag.bilsyndication.com
cdn.ampproject.org
cdn.jsdelivr.net
cmp.bilsyndication.com
flx907.lporirxe.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
i.imgur.com
imasdk.googleapis.com
logs.bilsyndication.com
pagead2.googlesyndication.com
pre.glotgrx.com
runwaff.com
securepubads.g.doubleclick.net
server.vidazoo.com
services.bilsyndication.com
static.vidazoo.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vendorlist.consensu.org
ww3.read7deadlysins.com
ww8.tokyoghoulre.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
143.204.214.43
151.101.12.193
185.64.189.112
216.58.206.2
23.210.249.92
2600:9000:2057:4600:1:af78:4c0:93a1
2606:4700:10::6814:ed10
2606:4700:3034::6812:3677
2606:4700:3037::6818:7fc7
2606:4700::6810:4036
2606:4700::6810:5914
2606:4700::6812:9be1
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:814::200a
2a00:1450:4001:816::2004
2a00:1450:4001:819::2002
2a00:1450:4001:819::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:820::2001
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9c
54.224.165.8
69.16.175.10
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
162eaee62eb9c97924a1b8a991f01364cc21b515c75de25810219c5396bd0bb0
172eeb23555ea463a8e0041e20529e58f201caa115881598a5502018fe49f03b
17ed352d138793adf61748dece40ef182e619ff1e70d3bf3c6ee34b5e701a144
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
19d00e3bae7c4f99e5e8b03852de086b7581348b8fa5a4adcd52d245555ea80f
1f7ff9cc98444280b9c63ea81d34c46fda3fd1cd6ecc174a5b8fd311ea8cc1b7
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ebc579d2a5ea97acdb56edfb0e2a98e4d41f4f3db179fc1847bd50251d2251e
416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d
42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9
43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0
44916faf81f9600a9a872c6fe78824348b929755b1bf1a97ef68076f77d563c2
459c99eb7ada1dc54c88ddaec934982bc91007f3fe13c7af48262074a40a2fbd
516e342e3e6b752232dc27e75291a780ef3428dd03091079ac59b04bd65eb155
52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd
579445c822dd86284d81ac5e0a805266a799d48ca7bb2b3aea66ab1b0b3ae0be
5794ffdbe70a971704983ecda1b3a3085ae5f66915881e3379d556afc8dd7467
5ac8a8284a3f9ec8b5e65e000bd16f2aca0af4fc37e3dab955979f3908889cce
5b9a618f63dcd663db0f118adbde3edb6bb3cc3c3da562633488804d503b8887
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
65e6427f490a96c4a8b363d5f70ce70cc29164e2753d3843d38be63ac5235c0a
6a7b6866f148be34fe36ae389d823f29f31d345dbd3b59a532fc6dad37663dc5
6bf7c626df70b5ec32f516814993766b202f545c5f02d40d51d07eb021ed1500
76ece7717e62eed8809e2a21aacd89e529e37f2141669448a62acd31c3a16005
771039077e9b36c298c447b69c945d203959d3c90aee59a4827e1e94eb67afff
7eee942b80796b0358edd5ff471fa1165ce35729097bf73ea92089279ac9fd45
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866c919e279c032ffd8b9b2713332921d6d606ee61d68ea35142d73abb9171ff
a733719e0ba21dbd1a691a459642d9037d594d70b0026b25836b6f75b290e5f0
a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803
cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4
ce84cb79cbacbc65c02af4baee62c491242f5717a676703406ff596115de6844
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d003cea6a2f6c404b32f55e258618f6ba4b5f3c6d16a6497f452f8f8cb4cd5db
d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240
dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31c510671d39465c3f4e2bfed0ee21baed5da7435201e46ac57dd566677e3cc

ww3.read7deadlysins.com Open in urlscan Pro 2606:4700:3037::6818:7fc7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

72 %IPv6

20 Domains

31 Subdomains

24 IPs

5 Countries

1016 kBTransfer

2525 kBSize

6 Cookies

42 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ww3.read7deadlysins.com Open in urlscan Pro
2606:4700:3037::6818:7fc7 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

72 %
IPv6

20
Domains

31
Subdomains

24
IPs

5
Countries

1016 kB
Transfer

2525 kB
Size

6
Cookies

64 HTTP transactions
1 data transactions