urlscan.io logo urlscan.io
SecurityTrails logo

areturnersmagicshouldbespecial.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://areturnersmagicshouldbespecial.com/
Submission: On November 29 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is areturnersmagicshouldbespecial.com.
TLS certificate: Issued by WE1 on November 25th 2024. Valid for: 3 months.
This is the only time areturnersmagicshouldbespecial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 188.114.97.3 13335 (CLOUDFLAR...)
1 172.217.23.106 15169 (GOOGLE)
1 216.58.206.40 15169 (GOOGLE)
1 172.217.18.3 15169 (GOOGLE)
1 172.67.179.156 13335 (CLOUDFLAR...)
1 216.239.32.36 15169 (GOOGLE)
15 7
10    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
areturnersmagicshouldbespecial.com
1    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net
fonts.googleapis.com
1    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f8.1e100.net
www.googletagmanager.com
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
1    172.67.179.156 (United States)

ASN13335 (CLOUDFLARENET, US)
imgs-2.2xstorage.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Domain Requested by
10 areturnersmagicshouldbespecial.com areturnersmagicshouldbespecial.com
1 region1.google-analytics.com www.googletagmanager.com
1 imgs-2.2xstorage.com areturnersmagicshouldbespecial.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com areturnersmagicshouldbespecial.com
1 fonts.googleapis.com areturnersmagicshouldbespecial.com
15 6

This site contains links to these domains. Also see Links.

Domain
mangakakalot.gg
Subject Issuer Validity Valid
areturnersmagicshouldbespecial.com
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
2xstorage.com
WE1		 2024-10-24 -
2025-01-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://areturnersmagicshouldbespecial.com/
Frame ID: 4A4D96F2F818E4285741F83E036EAC87
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Read A Returner's Magic Should Be Special Online For Free | Latest Updates

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1043 kB
Transfer

1705 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
areturnersmagicshouldbespecial.com/ 		157 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561021461795364094601e9510afbbf616c93d8c010cd25d5e3920e32b316719

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8ea33932cbf66686-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 29 Nov 2024 14:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uhOZ4IR9ZvxBhWZH0eXYSa1iTjS%2FFZY1Y4GlImLP2aH7IxBc9zbR3mM1RTxbHUFhseAIIKAmoT86MNk5L%2FCXNoCxXcuIoDF4W9FYRl6qYkN6dSMm5qOgmuA847luSqdtI8XTMmw%2BODqE3VMEm4BFIjISbZZs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=14021&min_rtt=13852&rtt_var=2368&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4182&recv_bytes=4500&delivery_rate=712&cwnd=12000&unsent_bytes=0&cid=5ccc3f9e27587101&ts=2383&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
styles.css
areturnersmagicshouldbespecial.com/css/ 		317 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/css/styles.css
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d73c697f4ce9b2fc9cad3f85832aa7451e69551c2ad7672f8ebefb1871bea538

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"673b0ceb-4f202"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPosZmdGTURd9xD05t%2F42JIMVvpP9%2BnAaRPqJiuyB0iAQCRktqdmBW84J5u%2BblPV6BoX0CFYLiMJjF2hZPN7HcRygnYZalQM3CUC%2FfjQILAel8XrHPFusVSF386pC%2Fh4rpnCyb%2BgEHE64Bo7ah4MtCziyYZ3"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea339424cf06686-AMS
expires
Sat, 30 Nov 2024 02:17:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49247&min_rtt=13852&rtt_var=28587&sent=61&recv=28&lost=0&retrans=1&sent_bytes=57230&recv_bytes=7013&delivery_rate=496249&cwnd=30000&unsent_bytes=0&cid=5ccc3f9e27587101&ts=2648&x=1", cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 14:17:51 GMT
content-type
text/css
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext&display=swap
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
137ad97d93003c04542538183e9f7aff539d12821d7e218eab3e23940dd091f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 14:17:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 14:17:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
areturnersmagicshouldbespecial.com/js/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/js/jquery.min.js
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"673b0ceb-15601"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mu6SGVB3GUPIyuOo0xu15Vi%2BbV6eeAv7iqBOZ34of7yYFgZ30%2BO3Vm09rldPPiWvsCrGmieYUFKBMNEaKl%2FLTKEtCi4LoidddYH97hMoFj4%2BhPAM2Z1P7eO4VGj3SiiP7XB0CR7HzmoO5KRbHhAPOAhk6ChR"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea339424cf26686-AMS
expires
Sat, 30 Nov 2024 02:17:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73776&min_rtt=13852&rtt_var=25587&sent=31&recv=22&lost=0&retrans=1&sent_bytes=21524&recv_bytes=6755&delivery_rate=48419&cwnd=15600&unsent_bytes=0&cid=5ccc3f9e27587101&ts=2609&x=1", cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 14:17:51 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
customscripts.js
areturnersmagicshouldbespecial.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/js/customscripts.js
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb54a733ed6286bed8b2540d1a07b77a1a7b86e31dea07075deaef341589c0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"673b0ceb-85d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQfHF0mq0aJgcVBLRt61WvumnkpG6Tcg6Gnm%2F9N45MUSFPm6wKVWp7cIfuDvRou78A1%2Bfl2KMQ0mRDIhUlzJamudEZJMHk5WfcmGIlwA%2FhXyGipLEJSdUopHS4oznJeipswh4K4FrzvRLKZCxq7t9hOVMnaj"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea33943be686686-AMS
expires
Sat, 30 Nov 2024 02:17:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16489&min_rtt=13378&rtt_var=3696&sent=130&recv=62&lost=0&retrans=1&sent_bytes=133847&recv_bytes=9344&delivery_rate=1281248&cwnd=37200&unsent_bytes=0&cid=5ccc3f9e27587101&ts=2850&x=1", cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		322 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NQXXHHRNMC
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a4d610a0f6eeb39dd6955f0f0c5cd9c7a864fd741076f32976edb858d7fc8471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 29 Nov 2024 14:17:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109591
x-xss-protection
0
server
Google Tag Manager
chapter-search.js
areturnersmagicshouldbespecial.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/js/chapter-search.js
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c43144e5f31e6e81f2673a706189c7991d0ff52d28fdb0c62acd80c2b9330f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"673b0ceb-491"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wh6rPvU7JUjwALoqqv0nSTyyAe3dJZVxsmx5DWOpuAvrq%2FficVU5JGvKszSBQD2UQWxdg1Mb5moseqlg4qQk9YQpDAUASk6i7H97nK4fjFCH2LgPSFkCFSGw9BKno%2FEwTigRxk8%2Fnip%2BHuO1s4ShcIYBuYx"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea33944cfa16686-AMS
expires
Sat, 30 Nov 2024 02:17:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16139&min_rtt=13378&rtt_var=3472&sent=135&recv=67&lost=0&retrans=1&sent_bytes=135375&recv_bytes=13052&delivery_rate=11518&cwnd=37200&unsent_bytes=0&cid=5ccc3f9e27587101&ts=3001&x=1", cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
lazyload.min.js
areturnersmagicshouldbespecial.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/js/lazyload.min.js
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f3dec8f33332100f7800db8970d61e7d34f89257e0b6c841616e08d7b3d015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"673b0ceb-1ed3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrRoaxTT%2BSUaU%2B2gT9%2FbIUJ9wvRxdVHQV4L9BlcNwfdml%2BIVno1z7bAW7aWJ3KLjbAbt0PkjkVUyFyqZv2kd3s444Uf64az5BSVpxbTTOjUtJlh0fePmi4N1CXmZb9%2FlHpsud3pCIMNVyjIdCjYTS6JoHd4F"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea33944dfb36686-AMS
expires
Sat, 30 Nov 2024 02:17:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16139&min_rtt=13378&rtt_var=3472&sent=136&recv=67&lost=0&retrans=1&sent_bytes=136568&recv_bytes=13052&delivery_rate=11518&cwnd=37200&unsent_bytes=0&cid=5ccc3f9e27587101&ts=3019&x=1", cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://areturnersmagicshouldbespecial.com
Referer
https://fonts.googleapis.com/

Response headers

age
186569
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 10:28:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 10:28:23 GMT
last-modified
Wed, 01 May 2024 20:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48336
x-xss-protection
0
server
sffe
fa-regular-400.woff2
areturnersmagicshouldbespecial.com/fonts/ 		388 KB
389 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/fonts/fa-regular-400.woff2
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://areturnersmagicshouldbespecial.com
Referer
https://areturnersmagicshouldbespecial.com/css/styles.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673b0ceb-60f8c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2B74CuSkuPitGTwV8bu44j2hZ42QWJScgstqrdCAqGWBeEy2SUTcYxRsJnRw63w%2BhOI1S1np5dQ%2Bx2DwwOK3BWmqOXssEuYjWckV%2BKDngzKCSu%2Foo1X8jtCixtqnUTzIhhBfQ90iYCbN7pfo6v02PDDZX8I0"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea33945381f6686-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15853&min_rtt=13378&rtt_var=2469&sent=173&recv=70&lost=0&retrans=1&sent_bytes=177504&recv_bytes=14098&delivery_rate=43496&cwnd=37200&unsent_bytes=0&cid=5ccc3f9e27587101&ts=3195&x=1", cfHdrFlush;dur=11
content-length
397196
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
font/woff2
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
fa-solid-900.woff2
areturnersmagicshouldbespecial.com/fonts/ 		318 KB
319 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/fonts/fa-solid-900.woff2
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://areturnersmagicshouldbespecial.com
Referer
https://areturnersmagicshouldbespecial.com/css/styles.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673b0ceb-4f7d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5ezne3jZXHuDJ5NcoUyu6bLMYAz8zd1pI%2F6%2BusioI0U7ZW%2Fff2rB0SuuCZ0EO7URD1YuYr2faByvKxtfMSWbt8q7%2BCLYkFjSUClZ5HCMN%2BndGhssQln0zXifypKa%2FdQBJpP3Aojgz%2BwscSGYpRjN%2B9BhIKL"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea3394538216686-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15853&min_rtt=13378&rtt_var=2469&sent=141&recv=70&lost=0&retrans=1&sent_bytes=140304&recv_bytes=14098&delivery_rate=43496&cwnd=37200&unsent_bytes=0&cid=5ccc3f9e27587101&ts=3191&x=1", cfHdrFlush;dur=0
content-length
325592
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
font/woff2
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
background.webp
areturnersmagicshouldbespecial.com/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://areturnersmagicshouldbespecial.com/images/background.webp
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3bf9ed763ae084e19730f6273fcd5175313943107518ff98f2aea9ddd7a882

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"673b0ceb-86e2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQwmxNq9eO%2FHRB4zPNhtrWRcM2FHbRYFim9RNljtYyqYYetr6I93Kd4X0QxaOx8%2BSuKcPtH7TnVK3doMd87x4cl%2FF9DXtcQNaXpEu1gATkgkQkyu8qQ4ESr%2B43nY%2FwuF1UPnXmLg115tgaFWN3HIgNfvbbSm"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea33945a88f6686-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15853&min_rtt=13378&rtt_var=2469&sent=168&recv=70&lost=0&retrans=1&sent_bytes=172464&recv_bytes=14098&delivery_rate=43496&cwnd=37200&unsent_bytes=0&cid=5ccc3f9e27587101&ts=3192&x=1", cfHdrFlush;dur=0
content-length
34530
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
image/webp
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare
a-returner-s-magic-should-be-special.webp
imgs-2.2xstorage.com//thumb/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs-2.2xstorage.com//thumb/a-returner-s-magic-should-be-special.webp
Requested by
Host: areturnersmagicshouldbespecial.com
URL: https://areturnersmagicshouldbespecial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b286659369881bb23e0367a83f52cd1f3017396ffc83d51b13fdcafb9ae565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cf-cache-status
HIT
etag
"4b08e9199ff97b87700ff0cbeeb3e5df"
age
815
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1ZFvjQyCW0g%2BkQLwsthYpZ8icwWbHk6cwh4UAvk%2Bw1qllzrqx687qcjL2zJP2ln9udOy2FqO7Ojra1Tb%2BtU%2BAEWWve%2BfW%2F9Kg2n330F5FO8sMeXC3yfBo2r8O6KufrZUEHLa8k3vA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13303&min_rtt=13155&rtt_var=2891&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4158&recv_bytes=4436&delivery_rate=44240&cwnd=12000&unsent_bytes=0&cid=d066a48e5eaa19e7&ts=34&x=1", cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
image/webp
last-modified
Wed, 30 Oct 2024 10:23:45 GMT
vary
Origin, Accept-Encoding
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
180C756A9D98F258
x-ratelimit-remaining
18758
accept-ranges
bytes
content-length
14582
x-xss-protection
1; mode=block
x-ratelimit-limit
18758
cf-ray
8ea33945ddd10bbc-AMS
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NQXXHHRNMC&gtm=45je4bk0v9200825524za200&_p=1732889872125&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1088045155.1732889873&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732889872&sct=1&seg=0&dl=https%3A%2F%2Fareturnersmagicshouldbespecial.com%2F&dt=Read%20A%20Returner%27s%20Magic%20Should%20Be%20Special%20Online%20For%20Free%20%7C%20Latest%20Updates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3368
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NQXXHHRNMC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://areturnersmagicshouldbespecial.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
text/plain
server
Golfe2
icon-32x32.jpg
areturnersmagicshouldbespecial.com/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://areturnersmagicshouldbespecial.com/images/icon-32x32.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d9e035e0472f388a4d5ab369575ef0d9f5379ca214c8a6672ce3965d06aff7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://areturnersmagicshouldbespecial.com/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"673b0ceb-580"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bf%2BmbBg%2FK24%2Bm95qDbTi9G5l1H2T4wbTnseaw4wvtts1sinhkSBMFeBcjYQRYmTbDDdXWrNC%2B%2BRyJoZ4GwhcZhRXoT%2Fv9%2BKXyXz7F0IUilLzptIRWjimV2M81Ox%2F8WZsiTt1pwjlAU7px8m5vpC2Ww4J4k36"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea33947dab26686-AMS
expires
Sun, 29 Dec 2024 14:17:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19985&min_rtt=13038&rtt_var=2061&sent=813&recv=145&lost=9&retrans=10&sent_bytes=926550&recv_bytes=18484&delivery_rate=494185&cwnd=165480&unsent_bytes=0&cid=5ccc3f9e27587101&ts=3497&x=1", cfHdrFlush;dur=0
date
Fri, 29 Nov 2024 14:17:52 GMT
content-type
image/jpeg
last-modified
Mon, 18 Nov 2024 09:46:19 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| jQuery function| gtag object| dataLayer object| lazyLoadOptions function| LazyLoad object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
areturnersmagicshouldbespecial.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImNYYjdGZkR1TTk4K01YT2kySEZxWnc9PSIsInZhbHVlIjoiaDN2Mkp2ekwwREV4ZnFxREhWRlBSNnZRVEdQRlRmRGFObnJrMUdneEZnalU3VWJYTU9ZSEgyYXdsVWE2dTN1V1k1S2RBS1RrbUY0Y1NhUGZTd1JlSHM1UGlXQmdFbjR2VHZLRzQ2R0FrTWZvUGg5L2Q0aFJGM21Mc29hOUJFMTIiLCJtYWMiOiJhYzc5MWU3MTIyN2NhNTkxMmZhMTI4Y2E2MjkwYjU1ODI0ODZkYTMwNDk0NDc2ZmU1NDQwMTc5ZDdjMzhlZTBjIiwidGFnIjoiIn0%3D
areturnersmagicshouldbespecial.com/ Name: laravel_session
Value: eyJpdiI6Imh5T0tKaWQyVmFlclFEY2RiL1RlYWc9PSIsInZhbHVlIjoiVWJCalRncXdGU1FWKzRjNHkySU13QlQvREx2Wm5xc1BHeVpYTml5Zm54aVlzV3NuUGxDbEd3T09YVjIwUWxoK2ZYem55S20vVURPSXNGWTM4cndhRTY3RlNXclQ5SkNLSVEvTWxOcldtc1gwUndmRjBvMDVTSVNrN2orNjdJdXkiLCJtYWMiOiI3ZjhiMWI0YjU2ZmY3ZDVmYmNjOTM2Y2U0YWVhNGIxMzE4NjkzNDU1N2U5NDdkYjY2OWE5MGNkZjE2MTRmNmExIiwidGFnIjoiIn0%3D
.areturnersmagicshouldbespecial.com/ Name: _ga_NQXXHHRNMC
Value: GS1.1.1732889872.1.0.1732889872.0.0.0
.areturnersmagicshouldbespecial.com/ Name: _ga
Value: GA1.1.1088045155.1732889873

1 Console Messages

Source Level URL
Text
security warning URL: https://areturnersmagicshouldbespecial.com/
Message:
Mixed Content: The page at 'https://areturnersmagicshouldbespecial.com/' was loaded over HTTPS, but requested an insecure element 'http://areturnersmagicshouldbespecial.com/images/background.webp'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html