www.amazon.co.uk Open in urlscan Pro
2600:9000:275b:b000:15:c9dc:594:5061  Public Scan

Submitted URL: https://novelsextra.com/
Effective URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4...
Submission: On July 14 via api from KR — Scanned from GB

Summary

This website contacted 14 IPs in 4 countries across 15 domains to perform 60 HTTP transactions. The main IP is 2600:9000:275b:b000:15:c9dc:594:5061, located in United States and belongs to AMAZON-02, US. The main domain is www.amazon.co.uk. The Cisco Umbrella rank of the primary domain is 10418.
TLS certificate: Issued by DigiCert Global CA G2 on May 7th 2024. Valid for: a year.
This is the only time www.amazon.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.126.56.212 16509 (AMAZON-02)
1 3 172.240.108.84 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 194.63.143.61 50113 (SUPERSERV...)
2 2 35.201.76.231 396982 (GOOGLE-CL...)
1 1 34.95.127.121 396982 (GOOGLE-CL...)
1 2600:9000:275... 16509 (AMAZON-02)
21 2600:9000:225... 16509 (AMAZON-02)
1 52.210.25.121 16509 (AMAZON-02)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
60 14
Apex Domain
Subdomains
Transfer
21 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 425
570 KB
19 novelsextra.com
novelsextra.com
990 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4795
onesignal.com — Cisco Umbrella Rank: 1596
img.onesignal.com — Cisco Umbrella Rank: 8126
95 KB
3 ancestortrotsoothe.com
ancestortrotsoothe.com — Cisco Umbrella Rank: 92740
21 KB
2 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 801
50 KB
2 amazon.co.uk
www.amazon.co.uk — Cisco Umbrella Rank: 10418
fls-eu.amazon.co.uk — Cisco Umbrella Rank: 14355
90 KB
2 pxf.io
primevideo-eu.pxf.io
1 KB
2 theheroreturns.com
theheroreturns.com
1 recordedthereby.com
recordedthereby.com — Cisco Umbrella Rank: 15168
28 KB
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 5856
573 B
1 16zoqtq3eowz.top
16zoqtq3eowz.top — Cisco Umbrella Rank: 150014
330 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 14569
302 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 followingpartlyindicator.com
followingpartlyindicator.com — Cisco Umbrella Rank: 947127
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
1 KB
60 15
Domain Requested by
21 m.media-amazon.com www.amazon.co.uk
19 novelsextra.com novelsextra.com
3 onesignal.com cdn.onesignal.com
3 ancestortrotsoothe.com 1 redirects followingpartlyindicator.com
novelsextra.com
2 images-na.ssl-images-amazon.com www.amazon.co.uk
2 primevideo-eu.pxf.io 2 redirects
2 theheroreturns.com novelsextra.com
2 cdn.onesignal.com novelsextra.com
cdn.onesignal.com
1 fls-eu.amazon.co.uk www.amazon.co.uk
1 recordedthereby.com ancestortrotsoothe.com
1 www.amazon.co.uk novelsextra.com
1 www.ojrq.net 1 redirects
1 16zoqtq3eowz.top 1 redirects
1 img.onesignal.com novelsextra.com
1 proftrafficcounter.com followingpartlyindicator.com
1 fonts.gstatic.com fonts.googleapis.com
1 followingpartlyindicator.com novelsextra.com
1 fonts.googleapis.com novelsextra.com
60 18

This site contains no links.

Subject Issuer Validity Valid
novelsextra.com
GTS CA 1P5
2024-05-26 -
2024-08-24
3 months crt.sh
upload.video.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
onesignal.com
GTS CA 1P5
2024-05-31 -
2024-08-29
3 months crt.sh
theheroreturns.com
WE1
2024-07-03 -
2024-10-01
3 months crt.sh
followingpartlyindicator.com
R3
2024-05-24 -
2024-08-22
3 months crt.sh
*.gstatic.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M03
2023-11-21 -
2024-12-19
a year crt.sh
ancestortrotsoothe.com
R10
2024-06-30 -
2024-09-28
3 months crt.sh
www.amazon.co.uk
DigiCert Global CA G2
2024-05-07 -
2025-04-26
a year crt.sh
recordedthereby.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2024-01-05 -
2024-12-08
a year crt.sh
fls-eu.amazon.com
Amazon RSA 2048 M03
2023-12-25 -
2025-01-23
a year crt.sh
m.media-amazon.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-03 -
2025-07-05
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Frame ID: A6C03C51623CE58DCC6E36C4B97A87D1
Requests: 58 HTTP requests in this frame

Frame: https://theheroreturns.com/manga.html
Frame ID: 4BB7029A94D6910D11DB5AF1F55B1B76
Requests: 1 HTTP requests in this frame

Frame: https://theheroreturns.com/synopsis.html
Frame ID: BD6DD83C0C9062EF9200D8B2B3D02F67
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://novelsextra.com/ Page URL
  2. https://16zoqtq3eowz.top/mc/477385/138626/index.php?subId1=18230067&subId2=3e0e855091f75f2a23438f5271... HTTP 302
    https://primevideo-eu.pxf.io/c/1289618/1978462/20021?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e815ae HTTP 302
    https://www.ojrq.net/p/?return=https%3A%2F%2Fprimevideo-eu.pxf.io%2Fc%2F1289618%2F1978462%2F20021... HTTP 302
    https://primevideo-eu.pxf.io/c/1289618/1978462/20021?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e81... HTTP 301
    https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

14
IPs

4
Countries

1901 kB
Transfer

5452 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://novelsextra.com/ Page URL
  2. https://16zoqtq3eowz.top/mc/477385/138626/index.php?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e815ae HTTP 302
    https://primevideo-eu.pxf.io/c/1289618/1978462/20021?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e815ae HTTP 302
    https://www.ojrq.net/p/?return=https%3A%2F%2Fprimevideo-eu.pxf.io%2Fc%2F1289618%2F1978462%2F20021%3FsubId1%3D18230067%26subId2%3D3e0e855091f75f2a23438f5271e815ae%26level%3D1%26srcref%3Dhttps%253A%252F%252Fnovelsextra.com%252F&cid=20021&tpsync=yes&auth=57882843c2b1c1d3 HTTP 302
    https://primevideo-eu.pxf.io/c/1289618/1978462/20021?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e815ae&level=1&srcref=https%3A%2F%2Fnovelsextra.com%2F&brwsr=4d4b9d55-41bd-11ef-8aa6-43eb755ed24d&brwsrsig=QwJRMLytbX2ORiMVVm1jAXokwRHS%3Ay HTTP 301
    https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://ancestortrotsoothe.com/watch.1189394942084.js?key=ec9b5319629d364a3e7c455d3430cbd1&kw=%5B%22the%22%2C%22novel%E2%80%99s%22%2C%22extra%22%2C%22manga%22%2C%22online%22%2C%22-%22%2C%22all%22%2C%22chapters%22%5D&refer=https%3A%2F%2Fnovelsextra.com%2F&tz=1&dev=r&res=14.31&uuid=64202fc1-f7be-4dd2-b5f9-f65347ce215e%3A1%3A1 HTTP 307
  • https://ancestortrotsoothe.com/watch.1189394942084.js?dev=r&key=ec9b5319629d364a3e7c455d3430cbd1&kw=%5B%22the%22%2C%22novel%E2%80%99s%22%2C%22extra%22%2C%22manga%22%2C%22online%22%2C%22-%22%2C%22all%22%2C%22chapters%22%5D&pst=1720946735&refer=https%3A%2F%2Fnovelsextra.com%2F&res=14.31&rmtc=t&shu=75739d8d3e95d374b71364588627cf6b84dcb47497c596cebac811e48c3973c4b1d5fb942a8880591635cc91f06f8338329911026cc0aa79743748f59108d2b9b5c407df986edb91ee481228665beec8aaf8788e15c7f205d8c746&tz=1&uuid=64202fc1-f7be-4dd2-b5f9-f65347ce215e%3A1%3A1

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
novelsextra.com/
143 KB
42 KB
Document
General
Full URL
https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
397b66717fee3e3c8046488e481b2827d3db24a5dd15dbc4979ed3c64da42403
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
null
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
8a303b485cbd419b-LHR
content-encoding
br
content-security-policy
report-uri https://thebeginningaftertheend.online
content-type
text/html; charset=UTF-8
date
Sun, 14 Jul 2024 08:44:34 GMT
expect-ct
max-age=7776000, enforce
expires
Sun, 14 Jul 2024 08:44:34 GMT
last-modified
Sun, 14 Jul 2024 04:34:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aFDorZy8GE0AyUN0T2R4oZpgSbw0xgFyYM0lvCPj3f%2FHKuoP8lRrzGtroLvMFPcxVXTjF2MrlhupvYai1mLUZ9c5VpW67ruBKBjlKsjzCoTlA%2FeqUz%2BVlK%2FilVRbo7fGIyXE0mp6CsKXmjIqHfg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-security-policy
img-src *; media-src * data:;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
fontawesome.min.css
novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/
161 KB
38 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/fontawesome.min.css
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:12:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
text/css
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8gFqPscOofBLNIoiYy0C1mRIG7N09yQyA8e5qxFGbZxXv6h63gRU2UEJsD62%2BpzeHw9wrg5Fl4TFsGGMY4eTkZ0Gf%2BGNcp%2FVXt6a6AE7oO1sgCO4%2FWJkbn0R1NZkiUV4JHOtyn73%2FtKJZAk9Mo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b491db3419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
brands.min.css
novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/
18 KB
5 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/brands.min.css
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
639686ad0cfdc6a7f751fcdbd4ab4f6a29a15395792a745dfcec6c965e572339
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:12:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
text/css
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQLuU47SvjZ%2Bx93iRHzAlpyJGgvHytYkYbka%2BwYdLmn%2BY5V4M%2FwIOOCqsw9shoeUNtMZKd3jyhUMn2gHN8t8rvTo0uji44Zyc9NL%2FGU8ODcXJSjR67XLEZ1yXi2U5MDkImzxLTTRGwXrTe56BKs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b491dba419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
regular.min.css
novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/
534 B
1 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/regular.min.css
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ee1e2611af1828a330ec300c7bb7c19e5bf3df378b46ef361ce42587378fcd
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:12:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
text/css
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltkfz9Z6kLSi4eCoN8EpXSFaibHJoIGRz4yn5Aj95OyfXbDTI5FTNWAhdTY68iJ7a32b0opbhL53seXR4zn%2F2lmOO8tkcdQLTorKNl6mZDpxP7TgbHS5eTVvoxpokEWQsWjN4iUypjef8Jt9n%2Fw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b492dc0419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
solid.min.css
novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/
526 B
1 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/solid.min.css
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f2570bc2e8b08cbcb970aef4727a675139b424a95970c3ce3fca048165b5b8
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Mon, 14 Jul 2025 07:36:07 GMT
date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
4106
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
292
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:12:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=klSMOjB71iigr%2BDj7%2FVEVjMMyfIck7sPhL1OxGLexbORZ11uxMtdYCnpYTqEGD55G60UExwQncIoMFa%2BFPzZ19bkefpgWc5eJPnblZQ0ZcMtWBkKZPlgK1hjin1DINJF4o6YQX1qSb9IMqSllcg%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
accept-ranges
bytes
cf-ray
8a303b492dc3419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
style.min.css
novelsextra.com/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 11 Jul 2025 17:59:53 GMT
date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
225881
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14991
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Apr 2024 19:15:36 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bu%2BW2xloDkoJLiXDdDtHaCsPqDzJatA3vy1JdOPTuZwYFlz65s6n9wTrxB2AJeZYnvLbJv8D%2F%2FEGWiCjfmf9uZ0rCrhHro5yucJuY4B2HAynmfUcmV39sPleoHkv7%2BTgICwSOWOMk0lp7Vz3qpE%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
accept-ranges
bytes
cf-ray
8a303b492dc4419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
manga-display.css
novelsextra.com/wp-content/plugins/Recommendation-Host/includes/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-content/plugins/Recommendation-Host/includes/css/manga-display.css?ver=6.5.5
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26716463b0eed0bcbe95a27a24358c355d51d511d039100a4b27cd0e43579004
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Jul 2025 02:39:52 GMT
date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
885882
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
585
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 05 Mar 2024 03:49:15 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7tlSE%2Biodkexc24IIOJJi15hXyGfmRMDgpgP3%2F0%2BkdOp606c7S7vCxlPOtN4RealW4uks39p1PtPPSCnXZRADUwR2NHkgjFiEuKFledeX2U%2FlwEWzHpdDq%2BkuDW3RrcW8YvTk45JoY91dZ%2BBV2Q%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
accept-ranges
bytes
cf-ray
8a303b492dc6419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
style.css
novelsextra.com/wp-content/themes/ifenzi-v2/
27 KB
8 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/style.css?ver=6.5.5
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f41453813e720d4e3c1c00107b0b23ea7b24ef0cde3f2750a2eeadf9e868661
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Wed, 25 Jun 2025 07:02:52 GMT
date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
1647702
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7247
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 26 Nov 2023 23:25:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=onMRg9e%2B3JNtlFYgs3%2FE9WXslqqmbctw%2FyNReYLXv4GPZPFbCjfwEli6tq7cRO%2Fzz2lHDNSYi26B6gkVnrC%2FM47g6VHQZ0BOLDtf4imSnDnjv5oxv0gKAGXBu%2FyQT7agn%2B6g4jjASfFSY2pvmmY%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
accept-ranges
bytes
cf-ray
8a303b492dc7419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
report-form.css
novelsextra.com/wp-content/themes/ifenzi-v2/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/css/report-form.css?ver=1.0
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feeafd2aff5e309b7c1b82d38d823d3c716a4efc1e788f5685a9ecb1834fe83c
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:12:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
text/css
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D0aUrcM3Cl90s2%2Fbupmv9Lv4gi8TM2q295X5wRVCLUZxQzk8ynFY31Wc8bJb5i8KiFfGmaRN7CMOrwtkBC6ue2ApAAI37d1yFe9tzK%2F7d69fQENRqFeHLXL675XvQXUfYZHtk8elb5I9QA9K1uc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b492dc9419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext&display=swap
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4fc2d920e0cd1e978754d27abe44b86f86091d649ef98e4cc9545b7a4ac50b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jul 2024 08:44:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 08:44:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jul 2024 08:44:34 GMT
jquery.min.js
novelsextra.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://novelsextra.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 04 Jul 2025 02:39:52 GMT
date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
885882
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
30368
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Apr 2024 19:15:36 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qp%2F9gxNHrA9Xeab3nPa8hPibtUyP95uB3lqObfslFwsUV8mGoip3hZBvd%2FefEctjIIsHUZ6IY7sz8QeureioclJBsGr%2FmRdLJ9aFrHWlFhVUHS9he%2BEqdw%2FU4TEgtYUVbokIPp4%2FCnqE4zROyiI%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
accept-ranges
bytes
cf-ray
8a303b492dcd419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
jquery-migrate.min.js
novelsextra.com/wp-includes/js/jquery/
13 KB
6 KB
Script
General
Full URL
https://novelsextra.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Apr 2024 19:15:36 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsXFfwZItbW98n0EG1r7EqtdJFC%2BK5TOC7FUY7lQ4MnQbYlYhmqwdA2ASE%2Bz%2B%2BM1tyH7IVGhPuP5capDFCdMb3x7whhDpWzdFreh3YBXSrh0AnRO7wKqhtM%2BpbEjZ3j%2FT1SvY%2BwXb%2BpGH3rue8g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b492dce419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
customscripts.js
novelsextra.com/wp-content/themes/ifenzi-v2/js/
2 KB
2 KB
Script
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/js/customscripts.js?ver=6.5.5
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb54a733ed6286bed8b2540d1a07b77a1a7b86e31dea07075deaef341589c0d
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Wed, 25 Jun 2025 07:02:52 GMT
date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
1647702
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
692
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:14:16 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
public, max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vx6emkV4HbJED2FFW51Dxbuaw1%2F0%2BLhiNpViC3Wo4eMNCD6bmcRtem4MqjGP8GDWhSWft9f2pd1zy90av3dUmo6kdE%2BEqjWS096gGZlsu%2FG1VtygA8CSN0T1Ab5pGH%2FdOpzbtSPfpQE4AjlYGEc%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
accept-ranges
bytes
cf-ray
8a303b492dd1419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
novelextraCover02.webp
novelsextra.com/wp-content/uploads/2024/01/
83 KB
84 KB
Image
General
Full URL
https://novelsextra.com/wp-content/uploads/2024/01/novelextraCover02.webp
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e36475eb5307046ec69242ca8b9f7839b5c5bf3ad74f385ebba57564a899f0a
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
85172
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 20 Jan 2024 20:23:22 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
image/webp
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmlnq%2FlaNaHvrODVWSTnvkDNgIhAYMUIwBr%2FFJbFVEQzZ4fOHRetXCxhHWZDDE6rPG2htKx4cEI%2FaZRFyKgXYhVTMB%2BgBJEgD61iQ66gIqjfOWofMIL72QznOOw6CnlfUNTl4a7FEsGDlo50Quc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a303b493de0419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
chapter-search.js
novelsextra.com/wp-content/themes/ifenzi-v2/js/
1 KB
1 KB
Script
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/js/chapter-search.js
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c43144e5f31e6e81f2673a706189c7991d0ff52d28fdb0c62acd80c2b9330f
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:14:16 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wFV2e%2B8LxMSMhR2PMgLwkRbg5WFv611iAM5pkbBg6fnQ37Vmosm4JGN5m%2BtwHIquEk7Jop%2BCtqfafFWgR4SkTR1x4dEVCpHIHHXUoNK%2FkVCLe9nOlJHVKFOhiTCCC%2BBL6hB7f4S%2F2bwpM%2FMki4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b493de9419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
manga-display.js
novelsextra.com/wp-content/plugins/Recommendation-Host/includes/js/
1009 B
1 KB
Script
General
Full URL
https://novelsextra.com/wp-content/plugins/Recommendation-Host/includes/js/manga-display.js?ver=1.0
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ee6c97c16b58d3da64a42eee1bf4efc254b09480032983d9e2326027ee9385
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 05 Mar 2024 03:49:15 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fL%2B%2FKRx0rp%2FPabzyp6sDQ4eAJ70Y4Dg4ztZF1DNt2zmTMQ1ej5IEYdZ323TR0VmTyRSRIqLj8vxT5821crm8uCWcO%2BElovlui%2FxhoSo067SC4IikTcsKLfGbhAew94Iyo2jIAIXv7MZzq6rzOFY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b49de96419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
report.js
novelsextra.com/wp-content/themes/ifenzi-v2/js/
3 KB
2 KB
Script
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/js/report.js
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ded1c09a15986e76a93d230b9313b3b74632b5b54726da4b9f5074f9dc6c1fc
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886295
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 28 Jan 2024 01:14:50 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnXjEaOV5u%2BCnp10CTjhCrOElkC0eAe6l8GjwS1EmqkAv5M195HOcOsiBpC%2FGWTgxsD9uSgnfWMYLtUCHkex686ZOf4ObHkCT35JEgd4bcfv1CfoVm9XYMFTy8mK2TtV1LyKA10GW0BH3fUzwzA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
cf-ray
8a303b49de9a419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:34 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2124
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a303b4c9e81d17c-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 08:44:34 GMT
manga.html
theheroreturns.com/ Frame 4BB7
0
0
Document
General
Full URL
https://theheroreturns.com/manga.html
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Rocket/3.7.5
Resource Hash

Request headers

Referer
https://novelsextra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, public
cf-cache-status
DYNAMIC
cf-ray
8a303b4b8ab403b9-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Jul 2024 08:44:34 GMT
expires
Sun, 14 Jul 2024 08:44:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6W8SacRqJ%2BHlgYI%2FI6B%2FceuxQNnCVX%2FQ0j%2F%2BcoMZIhRVr%2B7td1QFvyvwKE6LNaMJqidFKvweIdtiKCh1eY4InB4I%2Be%2B75RtnPkJ6S4QcFJwFlyE0KlgRKM2CKflGr%2BF1FQzCAN6d29YvkI0JR1U8mYM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
WP Rocket/3.7.5
invoke.js
followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/
31 KB
12 KB
Script
General
Full URL
https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
b4e97151030ff2fae48e0e31196e1082454fdd9c41c0ccbfa57e57f5c99303e6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sun, 14 Jul 2024 08:44:34 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
ac36545bb64b04c8ba25bdb715c08f41
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Nouveau-projet-1.webp
novelsextra.com/wp-content/uploads/2024/01/
42 KB
43 KB
Image
General
Full URL
https://novelsextra.com/wp-content/uploads/2024/01/Nouveau-projet-1.webp
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673d6bc1b214c38253db3cf6628b18a43c795f74d1b9118dc6f5f5d84855bbd5
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Nov 2024 02:39:54 GMT
date
Sun, 14 Jul 2024 08:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
885880
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
42728
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 20 Jan 2024 20:23:19 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
max-age=10368000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ov870NZ4g7qpfJjHk5aeJEPHfiP8BIdTAhWNjX6az14n7fI2YmzvId5ywpR0M95gk3Egm4xljE%2Fun6yKHmWelLjw%2BD2tbSQ4E99cd2yLNe%2BKciwO90itV2cul6QKyIY4MRqPJeDGSJIQehmihZw%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
accept-ranges
bytes
cf-ray
8a303b4a8f9d419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://novelsextra.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:38:46 GMT
x-content-type-options
nosniff
age
428748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:38:46 GMT
stats
proftrafficcounter.com/
40 B
302 B
XHR
General
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: followingpartlyindicator.com
URL: https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.56.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-212.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
da7c5c7733549db99002dcd7f21c5dd7052c8af49f815cf1692257c79c4dd9f7

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://novelsextra.com
date
Sun, 14 Jul 2024 08:44:35 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
daa4f27ebe1044544aa87cc04fa942da.js
ancestortrotsoothe.com/da/a4/f2/
44 KB
16 KB
Script
General
Full URL
https://ancestortrotsoothe.com/da/a4/f2/daa4f27ebe1044544aa87cc04fa942da.js
Requested by
Host: followingpartlyindicator.com
URL: https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Jul 2024 08:44:35 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
5f961ce1330124c46ab3940d2e7071bc
Expires
Thu, 01 Jan 1970 00:00:01 GMT
synopsis.html
theheroreturns.com/ Frame BD6D
0
0
Document
General
Full URL
https://theheroreturns.com/synopsis.html
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Rocket/3.7.5
Resource Hash

Request headers

Referer
https://novelsextra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, public
cf-cache-status
DYNAMIC
cf-ray
8a303b4f2fa903b9-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Jul 2024 08:44:35 GMT
expires
Sun, 14 Jul 2024 08:44:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBXLblGXZ0VSpDtNdPb%2F2dlNBk9y1SNN4PIFeqT%2BB9ZSfVNU8UDlTmwvAfI9Oab87k9nJUSmlzodoZJ1GvR55nKquygTnuC%2FivSpWHCJp5zUV1eKYLafemzAJ1%2BFdp0%2Fe38jB7Gg8podEtXOL53JS%2BA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
WP Rocket/3.7.5
fa-regular-400.woff2
novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/
388 KB
389 KB
Font
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/fa-regular-400.woff2
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/regular.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/regular.min.css
Origin
https://novelsextra.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sun, 10 Nov 2024 06:09:29 GMT
date
Sun, 14 Jul 2024 08:44:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
95706
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:12:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
null
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
max-age=10368000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xtNNQ4M10i4TDRwFrC4nCSgZV0OQBlJBs0N1Zj%2BtkjQSAJgdOo%2FISx9x5sU%2F9c82EJxwwUzXP5SKiV7J54K17%2BnQJI5TmcL4cth%2BJ%2B1ZKy5nAXPbZ%2FVwhTY0cTRITfKMwHXGV2pGWBLAH8QAr8%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
cf-ray
8a303b4f4f1a419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
fa-solid-900.woff2
novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/
318 KB
319 KB
Font
General
Full URL
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/webfonts/fa-solid-900.woff2
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/solid.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b7e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410
Security Headers
Name Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/wp-content/themes/ifenzi-v2/fonts/aws/css/solid.min.css
Origin
https://novelsextra.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
report-uri https://thebeginningaftertheend.online
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1886296
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
325592
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 09 Nov 2023 16:12:20 GMT
server
cloudflare
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
font/woff2
access-control-allow-origin
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1e05lMfaru%2F4yLYfe%2FH1adGWgTPBImrwTQuzvlRzSF2BQE1byA%2FfPO8qxuy%2FT%2FmZeIQXclbMM6c0hLnB%2FjtWFxMbrHy3o66WcED26DPN5LLw1opcNJ8H6dW8iY0Qmhx0ENOs60aNNDhPF1poDY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
permissions-policy
accelerometer=(), autoplay=(), camera=(), fullscreen=*, geolocation=(self), gyroscope=(), microphone=(), payment=*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a303b4f4f1e419b-LHR
access-control-allow-headers
Content-Type, Authorization
x-content-security-policy
img-src *; media-src * data:;
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:35 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2126
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a303b4f4949d17c-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 17 Jul 2024 08:44:35 GMT
web
onesignal.com/api/v1/sync/9371b3a2-27fc-4d97-bc83-3028e7e3e340/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/9371b3a2-27fc-4d97-bc83-3028e7e3e340/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c60b0a008f2af362b45562752d06bb9c4cf9d44aa1a5c32e5031af235ec34b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
00147f2b-f96f-4b5b-9770-a74ec9436d94
x-runtime
0.031252
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9c60b0a008f2af362b45562752d06bb9"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8a303b505a1ad17c-LHR
access-control-allow-headers
SDK-Version
expires
Sun, 14 Jul 2024 09:44:35 GMT
watch.1189394942084.js
ancestortrotsoothe.com/
Redirect Chain
  • https://ancestortrotsoothe.com/watch.1189394942084.js?key=ec9b5319629d364a3e7c455d3430cbd1&kw=%5B%22the%22%2C%22novel%E2%80%99s%22%2C%22extra%22%2C%22manga%22%2C%22online%22%2C%22-%22%2C%22all%22%2...
  • https://ancestortrotsoothe.com/watch.1189394942084.js?dev=r&key=ec9b5319629d364a3e7c455d3430cbd1&kw=%5B%22the%22%2C%22novel%E2%80%99s%22%2C%22extra%22%2C%22manga%22%2C%22online%22%2C%22-%22%2C%22al...
1 KB
2 KB
XHR
General
Full URL
https://ancestortrotsoothe.com/watch.1189394942084.js?dev=r&key=ec9b5319629d364a3e7c455d3430cbd1&kw=%5B%22the%22%2C%22novel%E2%80%99s%22%2C%22extra%22%2C%22manga%22%2C%22online%22%2C%22-%22%2C%22all%22%2C%22chapters%22%5D&pst=1720946735&refer=https%3A%2F%2Fnovelsextra.com%2F&res=14.31&rmtc=t&shu=75739d8d3e95d374b71364588627cf6b84dcb47497c596cebac811e48c3973c4b1d5fb942a8880591635cc91f06f8338329911026cc0aa79743748f59108d2b9b5c407df986edb91ee481228665beec8aaf8788e15c7f205d8c746&tz=1&uuid=64202fc1-f7be-4dd2-b5f9-f65347ce215e%3A1%3A1
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
HTTP/1.1
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 14 Jul 2024 08:44:35 GMT
Custom-Referer
https://novelsextra.com
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Request-ID
93e1fdd0f695421ce4db398422d39e9d
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://novelsextra.com
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Sun, 14 Jul 2024 08:44:35 GMT
Custom-Referer
https://novelsextra.com
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
0b61c99d31ff6ce31aa8a157dc778211
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://novelsextra.com
Location
https://ancestortrotsoothe.com/watch.1189394942084.js?dev=r&key=ec9b5319629d364a3e7c455d3430cbd1&kw=%5B%22the%22%2C%22novel%E2%80%99s%22%2C%22extra%22%2C%22manga%22%2C%22online%22%2C%22-%22%2C%22all%22%2C%22chapters%22%5D&pst=1720946735&refer=https%3A%2F%2Fnovelsextra.com%2F&res=14.31&rmtc=t&shu=75739d8d3e95d374b71364588627cf6b84dcb47497c596cebac811e48c3973c4b1d5fb942a8880591635cc91f06f8338329911026cc0aa79743748f59108d2b9b5c407df986edb91ee481228665beec8aaf8788e15c7f205d8c746&tz=1&uuid=64202fc1-f7be-4dd2-b5f9-f65347ce215e%3A1%3A1
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:35 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2132
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8a303b525c29d17c-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 13 Aug 2024 08:44:35 GMT
icon
onesignal.com/api/v1/apps/9371b3a2-27fc-4d97-bc83-3028e7e3e340/
264 B
801 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/9371b3a2-27fc-4d97-bc83-3028e7e3e340/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f52be67ddb64d8883291b1d8b2cc87c4b6417c5b5fd4359f5543e28702e2b36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d78dddc3-b6f1-4f91-bb9c-f2e3794a7688
x-runtime
0.012036
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7f52be67ddb64d8883291b1d8b2cc87c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
8a303b535d1363b0-LHR
access-control-allow-headers
SDK-Version
1R01xsBBScaIjXlGk6bw_Nouveau-projet.jpg
img.onesignal.com/permanent/1850ca83-a77e-486a-8501-910e6566d316/
11 KB
12 KB
Image
General
Full URL
https://img.onesignal.com/permanent/1850ca83-a77e-486a-8501-910e6566d316/1R01xsBBScaIjXlGk6bw_Nouveau-projet.jpg
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4c0ac686df6bd6e39bd30397b9d44c1d61b3e642bdcbe4a8700761dd37ee97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Sun, 14 Jul 2024 08:44:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=14160, status=vary_header_present
x-guploader-uploadid
ACJd0NppTd2tfZ_WWdjf2MbnMXxzil_8DSeZicqHvpyg_azr4D50fDC_v6cAEAi798OTXS7eqtk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
11309
pragma
no-cache
cf-bgj
imgq:85,h2pri
last-modified
Sun, 28 Jan 2024 01:18:49 GMT
server
cloudflare
etag
"-CIiP8P30/oMDEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1706404729325448
content-type
image/jpeg
x-goog-hash
crc32c=9Exi3w==, md5=/54xl/a8p08UMy4rRTB/XA==
cache-control
public, max-age=2678400
x-goog-stored-content-length
14160
accept-ranges
bytes
cf-ray
8a303b53fe57d17c-LHR
expires
Wed, 14 Aug 2024 08:44:35 GMT
Primary Request /
www.amazon.co.uk/gp/video/primesignup/
Redirect Chain
  • https://16zoqtq3eowz.top/mc/477385/138626/index.php?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e815ae
  • https://primevideo-eu.pxf.io/c/1289618/1978462/20021?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e815ae
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fprimevideo-eu.pxf.io%2Fc%2F1289618%2F1978462%2F20021%3FsubId1%3D18230067%26subId2%3D3e0e855091f75f2a23438f5271e815ae%26level%3D1%26srcref%3Dhttps%253A%2...
  • https://primevideo-eu.pxf.io/c/1289618/1978462/20021?subId1=18230067&subId2=3e0e855091f75f2a23438f5271e815ae&level=1&srcref=https%3A%2F%2Fnovelsextra.com%2F&brwsr=4d4b9d55-41bd-11ef-8aa6-43eb755ed2...
  • https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
275 KB
89 KB
Document
General
Full URL
https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Requested by
Host: novelsextra.com
URL: https://novelsextra.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:b000:15:c9dc:594:5061 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0d2d5ffeb36bae770da66ccc0cf5de7dfae09cee18d8e150e69926df94887dae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://novelsextra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
ect,rtt,downlink,device-memory,sec-ch-device-memory,viewport-width,sec-ch-viewport-width,dpr,sec-ch-dpr,sec-ch-ua-platform,sec-ch-ua-platform-version
accept-ch-lifetime
86400
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-language
en-GB
content-security-policy
upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
content-security-policy-report-only
default-src 'self' blob: https: data: mediastream: 'unsafe-eval' 'unsafe-inline';report-uri https://metrics.media-amazon.com/
content-type
text/html;charset=UTF-8
date
Sun, 14 Jul 2024 08:44:37 GMT
server
Server
strict-transport-security
max-age=47474747; includeSubDomains; preload
vary
Content-Type,Accept-Encoding,User-Agent
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-amz-cf-id
KGB8pdam_BbFQMLov7yymVQ52TKSMOy73dO3RnFUfh0JFAj-VPC2ug==
x-amz-cf-pop
FRA60-P7
x-amz-rid
X21Z3JP3WAR40JM59H13
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1;

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
date
Sun, 14 Jul 2024 08:44:37 GMT
expires
Sun, 14 Jul 2024 08:44:37 GMT
location
https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma
no-cache
timing-allow-origin
*
via
1.1 google
sfp.js
recordedthereby.com/
83 KB
28 KB
Script
General
Full URL
https://recordedthereby.com/sfp.js
Requested by
Host: ancestortrotsoothe.com
URL: https://ancestortrotsoothe.com/da/a4/f2/daa4f27ebe1044544aa87cc04fa942da.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://novelsextra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:36 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
0f26fbbe7db85a050dcb9c3e3b1701c9
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoW5XwfLadNlD5lAFzWgQmW%2By%2FadDXPznidfgIHcvFOgIJ4uqOb9Zd8cWX0worO1u0xC1DwE2TZCMGFhWXnFyG3pYG3w3X5qrbPcLx9jcKC2BNGDwymvRe2rTeYoJi%2BmvHa%2BxsaNmotoQQ6aOkeDNqHF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, private, no-cache
cf-ray
8a303b563f5f886b-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
11EIQ5IGqaL._RC%7C01e5ncglxyL.css,01lF2n-pPaL.css,41SwWPpN5yL.css,31+Z83i6adL.css,01IWMurvs8L.css,01ToTiqCP7L.css,01qPl4hxayL.css,01ITNc8rK9L.css,413Vvv3GONL.css,11TIuySqr6L.css,01Rw4F+QU6L.css,11j...
m.media-amazon.com/images/I/
192 KB
24 KB
Stylesheet
General
Full URL
https://m.media-amazon.com/images/I/11EIQ5IGqaL._RC%7C01e5ncglxyL.css,01lF2n-pPaL.css,41SwWPpN5yL.css,31+Z83i6adL.css,01IWMurvs8L.css,01ToTiqCP7L.css,01qPl4hxayL.css,01ITNc8rK9L.css,413Vvv3GONL.css,11TIuySqr6L.css,01Rw4F+QU6L.css,11j54vTBQxL.css,01pbKJp5dbL.css,01IdKcBuAdL.css,01y-XAlI+2L.css,213SZJ8Z+PL.css,01oDR3IULNL.css,51qPa7JG96L.css,01XPHJk60-L.css,01dmkcyJuIL.css,01B9+-hVWxL.css,21Ol27dM9tL.css,11JRZ3s9niL.css,21wA+jAxKjL.css,11U8GXfhueL.css,01CFUgsA-YL.css,316CD+csp-L.css,116t+WD27UL.css,11uWFHlOmWL.css,11v8YDG4ifL.css,11otOAnaYoL.css,01FwL+mJQOL.css,11NDsgnHEZL.css,21RE+gQIxcL.css,11CLXYZ6DRL.css,012f1fcyibL.css,21w-O41p+SL.css,11XH+76vMZL.css,11hvENnYNUL.css,11FRI-QT39L.css,01890+Vwk8L.css,01864Lq457L.css,01cbS3UK11L.css,21F85am0yFL.css,01ySiGRmxlL.css,016Sx2kF1+L.css_.css?AUIClients/AmazonUI
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f46d11748b2b4e6accb7748fde9f16192aa26b0a323b475d8822e4a11327ffb7

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 17:14:37 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
2323446
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-637,/images/I/11EIQ5IGqaL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-637 /images/I/11EIQ5IGqaL
last-modified
Thu, 04 Jun 2020 16:54:02 GMT
server
Server
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
a46b318d-ca79-47c5-9ded-de4f2dd0178f
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
IwJVedCrpyus5pY_ynV4yTIwoXXlsBEp28IuKgvDhyAfGTz6t0-pkg==
expires
Sun, 05 Jun 2044 17:14:37 GMT
01EPRPxdqPL.css
m.media-amazon.com/images/I/
391 B
770 B
Stylesheet
General
Full URL
https://m.media-amazon.com/images/I/01EPRPxdqPL.css?AUIClients/PRIVCONAssets-spConsentBanner
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1300782362b833c5eb89c7bb2c6044ed7ad1f8dffa8b63fac4d6ece0f885396b

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:22 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
17180317
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-848,/images/I/01EPRPxdqPL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-848 /images/I/01EPRPxdqPL
last-modified
Tue, 07 Nov 2023 23:02:47 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
59802fa3-0265-4d39-a4c0-ce90baf961b8
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
SP8SjUAIHPfY_KsOxk5MzhIjjq3t49E7BaZEtLMlLGMpEl3bcEyXbg==
expires
Mon, 21 Dec 2043 12:58:22 GMT
11J1WJh9jNL.js
m.media-amazon.com/images/I/
0
0

91xzWVRy5TL.js
m.media-amazon.com/images/I/
865 KB
92 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/91xzWVRy5TL.js?DVWebNode_commons
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f18c3d77b7f315bf185d593e49691cf28bda7072afc1a2fe72f65a252f5743e4

Request headers

Referer
https://www.amazon.co.uk/
Origin
https://www.amazon.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 20:34:25 GMT
content-encoding
br
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
216613
x-cache
Hit from cloudfront
edge-cache-tag
x-cache-762,/images/I/91xzWVRy5TL
x-nginx-cache-status
MISS
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-762 /images/I/91xzWVRy5TL
last-modified
Thu, 11 Jul 2024 17:54:13 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
4d046bf6-0601-4830-9332-8dd980520bf5
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
PA3E2Kn6LENduD895QT_iA-gVkgi9ByZXQqgbavBkYdlel-6JZWDxA==
expires
Wed, 06 Jul 2044 20:34:25 GMT
817pFhkFyVL.css
m.media-amazon.com/images/I/
286 KB
40 KB
Stylesheet
General
Full URL
https://m.media-amazon.com/images/I/817pFhkFyVL.css?DVWebNode_commons
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f21b63a5c8f2b84fd16c026c03df49ad51ddab31376cec3d154ca21d1eae125c

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 15:44:40 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
405847
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-433,/images/I/817pFhkFyVL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-433 /images/I/817pFhkFyVL
last-modified
Tue, 09 Jul 2024 14:35:58 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
232f78e3-e77a-4874-8f9d-438a7c6eea8e
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
wSg78ssbEDG4_OedUl4T7-id3M_h-Cp1-F9h1KD8CMJvjGVQDo7OcA==
expires
Mon, 04 Jul 2044 15:44:40 GMT
81N04m0jR+L.js
m.media-amazon.com/images/I/
281 KB
68 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/81N04m0jR+L.js?DVWebNode_vendors
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
907fe4d277802fd9a757daf69a321a8a211cc769184ee2503c6fa1cfe78fad51

Request headers

Referer
https://www.amazon.co.uk/
Origin
https://www.amazon.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 18:48:45 GMT
content-encoding
br
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
222954
x-cache
Hit from cloudfront
edge-cache-tag
x-cache-542,/images/I/81N04m0jR+L
x-nginx-cache-status
MISS
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-542 /images/I/81N04m0jR+L
last-modified
Thu, 11 Jul 2024 15:00:56 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
ef4647b3-6009-4d20-a438-013d39cf4522
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
LJYTrB5hsA7HyQC18ocND43i_Nsfkv9I7bxj0MHWJLk1LckcS0RzqA==
expires
Wed, 06 Jul 2044 18:48:45 GMT
51LZrx2pf6L.js
m.media-amazon.com/images/I/
42 KB
9 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/51LZrx2pf6L.js?DVWebNode_payment-state-msg
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4b86800d7ae4a185ed1f3d19bdcc7d0b5bec067582370804437878cb37b7af32

Request headers

Referer
https://www.amazon.co.uk/
Origin
https://www.amazon.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 18:16:19 GMT
content-encoding
br
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
311299
x-cache
Hit from cloudfront
edge-cache-tag
x-cache-709,/images/I/51LZrx2pf6L
x-nginx-cache-status
MISS
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-709 /images/I/51LZrx2pf6L
last-modified
Wed, 10 Jul 2024 14:33:34 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
d10f3b80-d18a-4662-a74c-d05b68f80698
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
VWO8ncYlGXUMdqfWx25BNHDBoxb-Id2imJ4625rDgfsftcpteEzOIQ==
expires
Tue, 05 Jul 2044 18:16:19 GMT
11wcPeBbWbL.css
m.media-amazon.com/images/I/
3 KB
2 KB
Stylesheet
General
Full URL
https://m.media-amazon.com/images/I/11wcPeBbWbL.css?DVWebNode_payment-state-msg
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8d8f9ffd4792aa30035f4a125232ebe9e5ad834a3944caed026bdc489fae21c4

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 19:23:24 GMT
content-encoding
gzip
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
15590969
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-440,/images/I/11wcPeBbWbL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-440 /images/I/11wcPeBbWbL
last-modified
Fri, 24 Feb 2023 17:23:43 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
c8c45c6e-db8d-4b0d-8636-410471d1ac44
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
ukPlRajGAQZywvSjqRtycVAXn2xYbEZ8xk1V3brIgF52Q7lGhcEfpQ==
expires
Sun, 11 Oct 2043 19:23:24 GMT
41CKlVA1IkL.css
m.media-amazon.com/images/I/
27 KB
5 KB
Stylesheet
General
Full URL
https://m.media-amazon.com/images/I/41CKlVA1IkL.css?dvpa-web-widgets-ui
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
25b57862d21ba113ea5b136d1f3d3af27095b2255daeb1654dc71ca55818f1b1

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:05:07 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
24453571
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-616,/images/I/41CKlVA1IkL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-616 /images/I/41CKlVA1IkL
last-modified
Mon, 18 Jul 2022 21:22:17 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
1c1882d5-ee71-4204-8d66-3d66cfce6858
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
3nQ5JetQ5Mj7aJdVDgMmBD3hQBtjOtHg5MagkFmhcAk1pFyrT2M96w==
expires
Thu, 24 Sep 2043 13:39:07 GMT
81KlOzxCw3L.css
m.media-amazon.com/images/I/
259 KB
22 KB
Stylesheet
General
Full URL
https://m.media-amazon.com/images/I/81KlOzxCw3L.css?dvpa-web-widgets-custom-components
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
159e9a859c4518fb4ef3feafb5231d8a89a1eadb5fe27075679ff8ce5bb2474a

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:43:48 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
432010
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-557,/images/I/81KlOzxCw3L
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-557 /images/I/81KlOzxCw3L
last-modified
Mon, 08 Jul 2024 15:50:54 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
1c53103c-cb30-4d2f-b967-a94e1059d561
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
rUVwvuEGjXg98SeukreZ58o0afIzTaKaGyB2HLNM5stnBdrtiwjpOg==
expires
Mon, 04 Jul 2044 08:43:48 GMT
01WuNEczEEL.css
m.media-amazon.com/images/I/
2 KB
1 KB
Stylesheet
General
Full URL
https://m.media-amazon.com/images/I/01WuNEczEEL.css?dvpa-web-widgets-footer
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2424596b2374975e6178a971c625338706ca14d0687572a1a0dea8e464eef4a7

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 14:03:51 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
5678196
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-519,/images/I/01WuNEczEEL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-519 /images/I/01WuNEczEEL
last-modified
Thu, 09 May 2024 12:48:50 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
3b0c03b1-38ce-4534-9c39-9f1bc4cce752
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
Ly_SUDS3cuMAvggUIAlTbLUZedBhF6R4kKoMQYFYYZC-nhMc8UlowQ==
expires
Wed, 04 May 2044 14:03:51 GMT
71er6ighcOL.js
m.media-amazon.com/images/I/
187 KB
53 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/71er6ighcOL.js?dvpa-web-widgets-common-libs
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4ecceb9c9050877187a86ef81b154c9405bb1175e727be47117f3f8c1b9e95a9

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 01:06:23 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
19175382
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-919,/images/I/71er6ighcOL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA60-P2",cdn-rid;desc="bnyT3ho1LeYDAwijnpLPtRYgXPRB4FjDdZMzxcPoV4XazXlIxZauTQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3,provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-919 /images/I/71er6ighcOL
last-modified
Mon, 03 Aug 2020 16:21:17 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
6314a569-1d17-4463-867f-70be0d87f608
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
bnyT3ho1LeYDAwijnpLPtRYgXPRB4FjDdZMzxcPoV4XazXlIxZauTQ==
expires
Mon, 30 Nov 2043 01:06:23 GMT
41cm85WNwyL.js
m.media-amazon.com/images/I/
21 KB
6 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/41cm85WNwyL.js?dvpa-web-widgets-utils
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
140fc465694d1053e66020eb96cca227acc01c26bc959d08dd35d581ed8ad1dd

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 09:15:42 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
14175818
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-545,/images/I/41cm85WNwyL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-545 /images/I/41cm85WNwyL
last-modified
Sat, 05 Feb 2022 06:38:31 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
2d9aea33-9798-4b91-889f-61ba5ff1a89c
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
cOdJZv4Wo-Rark7d6L2IiCLa5OTx1vbdue8hgV_FIcvLAhcsYsIKCw==
expires
Mon, 21 Dec 2043 09:15:42 GMT
813fwhXAuDL.js
m.media-amazon.com/images/I/
362 KB
83 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/813fwhXAuDL.js?dvpa-web-widgets-ui
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
41bc97c59ffbfb16a460ce08d93ae7c44c0dff1852fddb642dccce6396c26f7e

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 11:23:48 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
13123247
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-343,/images/I/813fwhXAuDL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-343 /images/I/813fwhXAuDL
last-modified
Mon, 12 Feb 2024 22:51:51 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
e0dfba5e-3aee-48cf-8594-7fbc78511eff
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
y_T0YCzN7m-nuoqpMgfJfAXzK77mi0U1MBLbuvJ7HUo-Mi0ojEG1OA==
expires
Mon, 08 Feb 2044 11:23:48 GMT
41RjTA0hp7L.js
m.media-amazon.com/images/I/
17 KB
6 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/41RjTA0hp7L.js?dvpa-web-widgets-widget-framework
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4e68c4d11049779e8397c6c920a40bb173551f20ef226dfac3b67774843e120d

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 08:05:06 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
24453572
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-295,/images/I/41RjTA0hp7L
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA60-P2",cdn-rid;desc="lYlNQNFX6fuABheyoBMt0ITzEgMJw72cgg8JpgrFZGZqe_cPFAviNg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2,provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-295 /images/I/41RjTA0hp7L
last-modified
Wed, 03 Mar 2021 06:56:48 GMT
server
Server
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
0ce2f575-9ef7-439b-9170-d0ad90223bb0
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
lYlNQNFX6fuABheyoBMt0ITzEgMJw72cgg8JpgrFZGZqe_cPFAviNg==
expires
Wed, 23 Sep 2043 09:46:06 GMT
815AYV5VOBL.js
m.media-amazon.com/images/I/
509 KB
113 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/815AYV5VOBL.js?dvpa-web-widgets-custom-components
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b8af423d3e2607404d7ef2d97306f5f3d21dcba4ca016ae5d468b479f229ad82

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:43:36 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
345662
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-177,/images/I/815AYV5VOBL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-177 /images/I/815AYV5VOBL
last-modified
Wed, 10 Jul 2024 08:18:05 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
0987c509-8dfa-408f-b860-c1c32100c61c
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
9mFbzm29SNUOPqMX_c0rRlQ2SyMPBT0y4e9NTGO5zJE_hTVySiTL5A==
expires
Tue, 05 Jul 2044 08:43:36 GMT
41J-chR6LCL.js
m.media-amazon.com/images/I/
22 KB
7 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/41J-chR6LCL.js?dvpa-web-widgets-csm-marker
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c8918c5af93273527289aa9810bd8e482acfb647696a2681d96f8ee9a3389c62

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 14:45:30 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
25552748
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-084,/images/I/41J-chR6LCL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-084 /images/I/41J-chR6LCL
last-modified
Thu, 20 May 2021 18:42:32 GMT
server
Server
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
3399e29d-f78f-4a00-b814-c59e20dc6094
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
bzb-UYn1r96KanCt_wkXQ2cpmByuNnzXBpjFu3EZeiMibtxmr9xn8A==
expires
Sun, 06 Sep 2043 14:33:36 GMT
31JXKm7pEbL.js
m.media-amazon.com/images/I/
11 KB
4 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/31JXKm7pEbL.js?dvpa-web-widgets-footer
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5c1d76162ed9fc3d722e0ac775d845050f65e8ed5c887cef4809463a70cb2699

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 14:03:52 GMT
content-encoding
br
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
5678196
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-268,/images/I/31JXKm7pEbL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-268 /images/I/31JXKm7pEbL
last-modified
Thu, 09 May 2024 12:48:50 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
03f4bd7d-2738-4f69-beff-c52de9714803
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
I5aW_EFU4E7U8o4sp7Gq2JdHmXhkSX6TxleejifWiHbC8MltBtPSZg==
expires
Wed, 04 May 2044 14:03:52 GMT
A1F83G8C2ARO7P:260-9511336-2731567:X21Z3JP3WAR40JM59H13$uedata=s:%2Frd%2Fuedata%3Fstaticb%26id%3DX21Z3JP3WAR40JM59H13:0
fls-eu.amazon.co.uk/1/batch/1/OP/
43 B
151 B
Image
General
Full URL
https://fls-eu.amazon.co.uk/1/batch/1/OP/A1F83G8C2ARO7P:260-9511336-2731567:X21Z3JP3WAR40JM59H13$uedata=s:%2Frd%2Fuedata%3Fstaticb%26id%3DX21Z3JP3WAR40JM59H13:0
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.25.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-25-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:39 GMT
x-amzn-requestid
fecb7a74-fe95-4cec-8c93-af083bc1becb
content-length
43
content-type
image/gif
PV_Logo_rebrand-278x85.png
m.media-amazon.com/images/G/02/digital/video/New_MLP/
5 KB
6 KB
Image
General
Full URL
https://m.media-amazon.com/images/G/02/digital/video/New_MLP/PV_Logo_rebrand-278x85.png
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8ea94063f8a27898b14761aa19b7831cb2327a84bad7e863dd3afebc9636df96

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 07:06:46 GMT
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
5874
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-239,/images/G/02/digital/video/New_MLP/PV_Logo_rebrand-278x85
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
content-length
5616
surrogate-key
x-cache-239 /images/G/02/digital/video/New_MLP/PV_Logo_rebrand-278x85
last-modified
Wed, 07 Nov 2018 09:14:08 GMT
server
Server
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
31c3b782-f413-4225-b8f5-f065129a50d0
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
MBggRWFfS4QZjSzLsLsG3nXzeiWJRsnXRnuBUwL3ADHkVZX2nt12Fg==
expires
Mon, 15 Jul 2024 05:14:31 GMT
PV_Benefits_Devices_UPDATED.png
images-na.ssl-images-amazon.com/images/G/01/digital/video/Magellan_MLP/
22 KB
23 KB
Image
General
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/digital/video/Magellan_MLP/PV_Benefits_Devices_UPDATED.png
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Server /
Resource Hash
ed4364011dde10d64691a19e6e81cb2bd1aa69cb2fe04c0b738462502a87a295

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:38 GMT
akamai-cache-status
Hit from child
akamai-grn
0.9d7d1302.1720946678.1eb95417
x-cache
Hit from akamai
x-nginx-cache-status
HIT
server-timing
provider;desc="ak"
alt-svc
h3=":443"; ma=93600
content-length
22792
surrogate-key
x-cache-464 /images/G/01/digital/video/Magellan_MLP/PV_Benefits_Devices_UPDATED
last-modified
Mon, 25 Feb 2019 18:49:07 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
peer-cache
Hit
cache-control
public, max-age=71108
x-amz-ir-id
35a79406-e007-40db-938a-9b4c3f9b515b
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
expires
Mon, 15 Jul 2024 04:29:46 GMT
PV_Benefits_Download_UPDATED._CB453406143_.png
m.media-amazon.com/images/G/01/digital/video/Magellan_MLP/
23 KB
24 KB
Image
General
Full URL
https://m.media-amazon.com/images/G/01/digital/video/Magellan_MLP/PV_Benefits_Download_UPDATED._CB453406143_.png
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8bf0941908f614fab1668dfcf729c251a02698b7d991d525b23f8352c9681073

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:24:20 GMT
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
age
1406
x-amz-cf-pop
FRA60-P2
edge-cache-tag
x-cache-280,/images/G/01/digital/video/Magellan_MLP/PV_Benefits_Download_UPDATED
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA60-P2",cdn-rid;desc="zw422OoZ9Asi1osyAxHA6RvG81QCOwrxR5uPw_wk-RE9VeSFKjcn-A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1,provider;desc="cf"
alt-svc
h3=":443"; ma=86400
content-length
23298
surrogate-key
x-cache-280 /images/G/01/digital/video/Magellan_MLP/PV_Benefits_Download_UPDATED
last-modified
Mon, 25 Feb 2019 18:49:55 GMT
server
Server
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
x-amz-ir-id
9815c488-ca44-412a-a92b-67e740177b7b
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
zw422OoZ9Asi1osyAxHA6RvG81QCOwrxR5uPw_wk-RE9VeSFKjcn-A==
expires
Sun, 14 Jul 2024 09:16:46 GMT
PV_Benefits_X-Ray_UPDATED.png
images-na.ssl-images-amazon.com/images/G/01/digital/video/Magellan_MLP/
26 KB
27 KB
Image
General
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/digital/video/Magellan_MLP/PV_Benefits_X-Ray_UPDATED.png
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Server /
Resource Hash
e9336e35f43bb3e50c31f1c3bcbd482eb8f5bc5551e8e827f10741f98d210f7e

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 08:44:38 GMT
akamai-cache-status
Hit from child
akamai-grn
0.9d7d1302.1720946678.1eb95418
x-cache
Hit from akamai
x-nginx-cache-status
HIT
server-timing
provider;desc="ak"
alt-svc
h3=":443"; ma=93600
content-length
27015
surrogate-key
x-cache-775 /images/G/01/digital/video/Magellan_MLP/PV_Benefits_X-Ray_UPDATED
last-modified
Mon, 25 Feb 2019 19:47:02 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
peer-cache
Hit
cache-control
public, max-age=71108
x-amz-ir-id
ece756a7-e623-45f2-9a84-d9f6b946145d
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
expires
Mon, 15 Jul 2024 04:29:46 GMT
web_footer_logo._CB462908456_.png
m.media-amazon.com/images/G/02/digital/video/acquisition/
2 KB
3 KB
Image
General
Full URL
https://m.media-amazon.com/images/G/02/digital/video/acquisition/web_footer_logo._CB462908456_.png
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2253273998b8c0baefa391f704275047a658afe5a85544352f5ea95bb9df63aa

Request headers

Referer
https://www.amazon.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:18:23 GMT
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
27480375
edge-cache-tag
x-cache-415,/images/G/02/digital/video/acquisition/web_footer_logo
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
content-length
2184
surrogate-key
x-cache-415 /images/G/02/digital/video/acquisition/web_footer_logo
last-modified
Tue, 05 Mar 2019 22:29:40 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
0fb1acdd-9ab8-495e-8199-f263fbdbf494
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
ajIKtWuBWV0iN1kvXoobB8JcGrAEbWzFDUoBFZEy8QxuLwOTdpWXMA==
expires
Wed, 26 Aug 2043 07:18:23 GMT
21qmf02pSPL.js
m.media-amazon.com/images/I/
4 KB
2 KB
Script
General
Full URL
https://m.media-amazon.com/images/I/21qmf02pSPL.js?AUIClients/PRIVCONAssets-spConsentBanner
Requested by
Host: www.amazon.co.uk
URL: https://www.amazon.co.uk/gp/video/primesignup/?irclickid=4d4b9d55N41bd11ef8aa643eb755ed24&ref=dvm_ass_acm_xx_mf_s_imp_4d4b9d55N41bd11ef8aa643eb755ed24&irgwc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c109d476b0597dc3f4b08e37e60176bdf761b4bc5c62cccc49c7fe214c4b67a0

Request headers

Referer
https://www.amazon.co.uk/
Origin
https://www.amazon.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Apr 2024 21:56:54 GMT
content-encoding
br
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
6432465
x-cache
Hit from cloudfront
edge-cache-tag
x-cache-095,/images/I/21qmf02pSPL
x-nginx-cache-status
MISS
server-timing
cdn-cache-hit,cdn-pop;desc="FRA60-P2",cdn-hit-layer;desc="EDGE",provider;desc="cf",cdn-rid;desc="CubsKfRGsVZ_-K50HeZ1dgYxCsrqqr2l0kGxLuWzWWlRXnntYXVCCw==",cdn-downstream-fbl=1
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-095 /images/I/21qmf02pSPL
last-modified
Mon, 29 Apr 2024 22:34:45 GMT
server
Server
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
83aa301d-f9b1-471e-95b9-2afa7ffdbf5e
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
CubsKfRGsVZ_-K50HeZ1dgYxCsrqqr2l0kGxLuWzWWlRXnntYXVCCw==
expires
Mon, 25 Apr 2044 21:56:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
m.media-amazon.com
URL
https://m.media-amazon.com/images/I/11J1WJh9jNL.js?AUIClients/PRIVCONAssets-stub

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| aPageStart number| ue_t0 object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_sn string| ue_furl string| ue_surl number| ue_fcsn number| ue_urt string| ue_rpl_ns number| ue_ddq string| ue_fpf number| ue_sbuimp number| ue_lpsi string| ue_lob number| ue_swi function| ue_viz number| ue_hoe number| ue_ihb object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop function| _pSetI function| _sw function| _pd function| mix_d function| xcp_d function| mixTimeout object| mix_csa_map function| mix_csa_internal function| mix_csa_internal_key function| mix_csa_event function| mix_csa string| __privcon_consent_banner_type

19 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: FiSBeJTIKdYuCq6dLpV9vRpIKuQdRXyB2mx59zzzD.A-1720946674-1.0.1.1-09Kd3ztU__dS.zTHc66aZJERo2JtqVu3r9Te5VZijWzh48h_D7OwyBAXTbBpl3eZv4Nt92Kwg.KUwtQabXv8jw
proftrafficcounter.com/ Name: uid_id2
Value: 64202fc1-f7be-4dd2-b5f9-f65347ce215e:1:1
novelsextra.com/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 64202fc1-f7be-4dd2-b5f9-f65347ce215e%3A1%3A1
ancestortrotsoothe.com/ Name: u_pl
Value: 18230067
ancestortrotsoothe.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODIzMDA2NywiayI6ImVjOWI1MzE5NjI5ZDM2NGEzZTdjNDU1ZDM0MzBjYmQxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTg0NzgzLCJwaWQiOjY2NTQ5MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1aWZtcjI2MHAxIiwiY3BrcyI6eyIyOCI6ImZmNTlmMTA4ZTMwNmMzMDYzNjQzYmFhZmVmNmE2ZDE4IiwiMjkiOiJkYWE0ZjI3ZWJlMTA0NDU0NGFhODdjYzA0ZmE5NDJkYSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjQ3ODQyMTQ0LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEzMzQ2OCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjc3LCJjIjoiR0IiLCJuIjoiVW5pdGVkIEtpbmdkb20ifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCcml0aXNoIFRlbGVjb21tdW5pY2F0aW9ucyBQTEMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25vdmVsc2V4dHJhLmNvbS8iLCJhciI6W119fQ.9T3TqgJZ4hwFymkwE4h64ikrHes2rOXYQq5NhF7iEkM
ancestortrotsoothe.com/ Name: uid_id2
Value: 64202fc1-f7be-4dd2-b5f9-f65347ce215e:1:1
ancestortrotsoothe.com/ Name: iprc048d3a8d7de135c88ba72f68af743890
Value: 5391586
ancestortrotsoothe.com/ Name: pdhtkv
Value: true
ancestortrotsoothe.com/ Name: uncs
Value: 1
ancestortrotsoothe.com/ Name: pdhtkv5
Value: true
ancestortrotsoothe.com/ Name: uncs5
Value: 1
novelsextra.com/ Name: sb_main_daa4f27ebe1044544aa87cc04fa942da
Value: 1
novelsextra.com/ Name: sb_idelay_daa4f27ebe1044544aa87cc04fa942da
Value: 1
.ojrq.net/ Name: brwsr
Value: 4d4b9d55-41bd-11ef-8aa6-43eb755ed24d
.pxf.io/ Name: brwsr
Value: 4d4b9d55-41bd-11ef-8aa6-43eb755ed24d
primevideo-eu.pxf.io/ Name: irld
Value: LSj3xE-S8dwx2QJsSPrXf01yRX9wym3yNMUeuzNLSTpSGDQKA
.amazon.co.uk/ Name: session-id
Value: 260-9511336-2731567
.amazon.co.uk/ Name: session-id-time
Value: 2082787201l
.amazon.co.uk/ Name: i18n-prefs
Value: GBP

3 Console Messages

Source Level URL
Text
javascript warning URL: https://novelsextra.com/(Line 577)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://novelsextra.com/(Line 577)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://novelsextra.com/
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri https://thebeginningaftertheend.online
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy img-src *; media-src * data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16zoqtq3eowz.top
ancestortrotsoothe.com
cdn.onesignal.com
fls-eu.amazon.co.uk
followingpartlyindicator.com
fonts.googleapis.com
fonts.gstatic.com
images-na.ssl-images-amazon.com
img.onesignal.com
m.media-amazon.com
novelsextra.com
onesignal.com
primevideo-eu.pxf.io
proftrafficcounter.com
recordedthereby.com
theheroreturns.com
www.amazon.co.uk
www.ojrq.net
m.media-amazon.com
172.240.108.84
192.243.59.20
194.63.143.61
2600:9000:2250:fc00:1d:d7f6:39d3:d9e1
2600:9000:275b:b000:15:c9dc:594:5061
2606:4700:3037::ac43:b7e3
2606:4700::6810:a091
2606:4700::6811:6fdf
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a02:26f0:480:f::213:7edd
2a06:98c1:3121::3
3.126.56.212
34.95.127.121
35.201.76.231
52.210.25.121
0d2d5ffeb36bae770da66ccc0cf5de7dfae09cee18d8e150e69926df94887dae
1300782362b833c5eb89c7bb2c6044ed7ad1f8dffa8b63fac4d6ece0f885396b
140fc465694d1053e66020eb96cca227acc01c26bc959d08dd35d581ed8ad1dd
159e9a859c4518fb4ef3feafb5231d8a89a1eadb5fe27075679ff8ce5bb2474a
2253273998b8c0baefa391f704275047a658afe5a85544352f5ea95bb9df63aa
2424596b2374975e6178a971c625338706ca14d0687572a1a0dea8e464eef4a7
25b57862d21ba113ea5b136d1f3d3af27095b2255daeb1654dc71ca55818f1b1
25ee6c97c16b58d3da64a42eee1bf4efc254b09480032983d9e2326027ee9385
26716463b0eed0bcbe95a27a24358c355d51d511d039100a4b27cd0e43579004
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
36c43144e5f31e6e81f2673a706189c7991d0ff52d28fdb0c62acd80c2b9330f
397b66717fee3e3c8046488e481b2827d3db24a5dd15dbc4979ed3c64da42403
3f41453813e720d4e3c1c00107b0b23ea7b24ef0cde3f2750a2eeadf9e868661
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41bc97c59ffbfb16a460ce08d93ae7c44c0dff1852fddb642dccce6396c26f7e
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4b86800d7ae4a185ed1f3d19bdcc7d0b5bec067582370804437878cb37b7af32
4e68c4d11049779e8397c6c920a40bb173551f20ef226dfac3b67774843e120d
4ecceb9c9050877187a86ef81b154c9405bb1175e727be47117f3f8c1b9e95a9
4fc2d920e0cd1e978754d27abe44b86f86091d649ef98e4cc9545b7a4ac50b45
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56ee1e2611af1828a330ec300c7bb7c19e5bf3df378b46ef361ce42587378fcd
5c1d76162ed9fc3d722e0ac775d845050f65e8ed5c887cef4809463a70cb2699
639686ad0cfdc6a7f751fcdbd4ab4f6a29a15395792a745dfcec6c965e572339
673d6bc1b214c38253db3cf6628b18a43c795f74d1b9118dc6f5f5d84855bbd5
6e36475eb5307046ec69242ca8b9f7839b5c5bf3ad74f385ebba57564a899f0a
7f52be67ddb64d8883291b1d8b2cc87c4b6417c5b5fd4359f5543e28702e2b36
85f2570bc2e8b08cbcb970aef4727a675139b424a95970c3ce3fca048165b5b8
8bf0941908f614fab1668dfcf729c251a02698b7d991d525b23f8352c9681073
8d8f9ffd4792aa30035f4a125232ebe9e5ad834a3944caed026bdc489fae21c4
8ea94063f8a27898b14761aa19b7831cb2327a84bad7e863dd3afebc9636df96
907fe4d277802fd9a757daf69a321a8a211cc769184ee2503c6fa1cfe78fad51
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9c60b0a008f2af362b45562752d06bb9c4cf9d44aa1a5c32e5031af235ec34b3
9ded1c09a15986e76a93d230b9313b3b74632b5b54726da4b9f5074f9dc6c1fc
9fb54a733ed6286bed8b2540d1a07b77a1a7b86e31dea07075deaef341589c0d
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410
ac4c0ac686df6bd6e39bd30397b9d44c1d61b3e642bdcbe4a8700761dd37ee97
b4e97151030ff2fae48e0e31196e1082454fdd9c41c0ccbfa57e57f5c99303e6
b8af423d3e2607404d7ef2d97306f5f3d21dcba4ca016ae5d468b479f229ad82
c109d476b0597dc3f4b08e37e60176bdf761b4bc5c62cccc49c7fe214c4b67a0
c8918c5af93273527289aa9810bd8e482acfb647696a2681d96f8ee9a3389c62
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
da7c5c7733549db99002dcd7f21c5dd7052c8af49f815cf1692257c79c4dd9f7
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e8b1756a3cf17e337c77c2a0786fa23c662bea5ebaef5f55a389ee7022044a7f
e9336e35f43bb3e50c31f1c3bcbd482eb8f5bc5551e8e827f10741f98d210f7e
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed4364011dde10d64691a19e6e81cb2bd1aa69cb2fe04c0b738462502a87a295
f18c3d77b7f315bf185d593e49691cf28bda7072afc1a2fe72f65a252f5743e4
f21b63a5c8f2b84fd16c026c03df49ad51ddab31376cec3d154ca21d1eae125c
f46d11748b2b4e6accb7748fde9f16192aa26b0a323b475d8822e4a11327ffb7
feeafd2aff5e309b7c1b82d38d823d3c716a4efc1e788f5685a9ecb1834fe83c