urlscan.io logo urlscan.io
SecurityTrails logo

www.blog.blog.secure.animax.to Open in urlscan Pro
185.178.208.179  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.blog.blog.secure.animax.to/
Submission: On June 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 38 HTTP transactions. The main IP is 185.178.208.179, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is www.blog.blog.secure.animax.to.
TLS certificate: Issued by R3 on June 3rd 2021. Valid for: 3 months.
This is the only time www.blog.blog.secure.animax.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    185.178.208.179 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
www.blog.blog.secure.animax.to
6    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    158.69.54.123 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns519222.ip-158-69-54.net
www.fastcounter.de
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
16 www.fastcounter.de www.blog.blog.secure.animax.to
www.fastcounter.de
6 pagead2.googlesyndication.com www.blog.blog.secure.animax.to
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com www.blog.blog.secure.animax.to
1 www.blog.blog.secure.animax.to
38 12

This site contains links to these domains. Also see Links.

Domain
www.fastcounter.de
Subject Issuer Validity Valid
blog.blog.secure.animax.to
R3		 2021-06-03 -
2021-09-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.fastcounter.de
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.blog.blog.secure.animax.to/
Frame ID: 2CBCAA03651C135F37D7D44DAFAF2641
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: F542425755BDE9C2E43B4D5B2BAE5458
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9307550705373567&output=html&adk=1812271804&adf=3025194257&lmt=1622696202&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.blog.blog.secure.animax.to%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622696202089&bpp=540&bdt=78&idt=651&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3695025858473&frm=20&pv=2&ga_vid=370820631.1622696203&ga_sid=1622696203&ga_hid=1623808417&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060839&oid=3&pvsid=1222096799872224&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=675
Frame ID: C6E1EE91AC75E4FBD93A3F8AA20EFFE1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A471FD66A698A905A2140BAF622370CE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C45B111B342EE3845433B344E111C19E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

97 %
HTTPS

77 %
IPv6

10
Domains

12
Subdomains

14
IPs

4
Countries

577 kB
Transfer

910 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.blog.blog.secure.animax.to/ 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.179 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
f490c34af858a830917b28c87def671619ce7572c3acf839a8e0e76ef883a602
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:method
GET
:authority
www.blog.blog.secure.animax.to
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
ddos-guard
content-security-policy
upgrade-insecure-requests;
set-cookie
__ddg1=MgvSbMbxuvOsEzsPs5jL; Domain=.animax.to; HttpOnly; Path=/; Expires=Fri, 03-Jun-2022 04:56:39 GMT PHPSESSID=a489de9ae0946eba6ee1f0cbc28a20c1; path=/
date
Thu, 03 Jun 2021 04:56:41 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd233c705ebb6129045b560c19e9bf225d7463f4c96236e2adbc162d4e53fec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48423
x-xss-protection
0
server
cafe
etag
14961557847784475286
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 04:56:42 GMT
css
fonts.googleapis.com/ 		10 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300,600
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd618f046c2bae673dc4a831bce22b29c1b3c16a118a74b102ccc6343eb3539b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 04:56:42 GMT
server
ESF
date
Thu, 03 Jun 2021 04:56:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 04:56:42 GMT
fc_style.css
www.fastcounter.de/CIncludes/css/ 		33 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/CIncludes/css/fc_style.css
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
4bf3137b26f1fb75b45743b5bb2700940f9889cd758e49cd03f22930b6c2b703

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Fri, 25 May 2018 12:19:57 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"5b07ff6d-84b1"
content-length
33969
content-type
text/css
jquery_combine.js
www.fastcounter.de/CIncludes/js/ 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/CIncludes/js/jquery_combine.js
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
a32e823e52c7166335ed4200e4c83bb15de8d108132d6a0242d2afaaec86b4ad

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Wed, 23 May 2018 06:09:07 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"5b050583-182d1"
content-length
99025
content-type
application/javascript
besucherzaehler-statistik.png
www.fastcounter.de/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/img/besucherzaehler-statistik.png
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
561845f65145aeacc00e8dec573617891dd1f1d2bc445eadd6717191f679318f

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Tue, 09 Sep 2014 14:37:45 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"540f10b9-4e55"
content-length
20053
content-type
image/png
jquery.5stars.min.js
www.fastcounter.de/CIncludes/votes/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/CIncludes/votes/js/jquery.5stars.min.js
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
b3dc679b4a4827fd5ec5b23f02de9f19d22a8b36c0d28943716d6ad95957095f

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Mon, 22 Sep 2014 14:53:56 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"54203804-273c"
content-length
10044
content-type
application/javascript
kostenloser-besucherzaehler-monatsuebersicht.png
www.fastcounter.de/img/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/img/kostenloser-besucherzaehler-monatsuebersicht.png
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
03b4f467947bba6145c12cb6d23bc146043fe1eedda0374b85f963f3bbd6aa9e

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Sat, 08 Nov 2014 11:19:54 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"545dfc5a-9067"
content-length
36967
content-type
image/png
besucherzaehler-referrer.jpg
www.fastcounter.de/img/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/img/besucherzaehler-referrer.jpg
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
69f2367b3407f419bad5a941e9efa1e9c4c428656514da58a7ac37c38ef80d6a

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Tue, 09 Sep 2014 14:37:45 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"540f10b9-89cf"
content-length
35279
content-type
image/jpeg
besucherzaehler-ueberblick.jpg
www.fastcounter.de/img/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/img/besucherzaehler-ueberblick.jpg
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
c94389b25c623d2e78f0a535d89e83fe1f4faf90d9e0dbbad0ba92eda076182a

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Tue, 09 Sep 2014 14:37:45 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"540f10b9-843d"
content-length
33853
content-type
image/jpeg
besucherzaehler-browser.jpg
www.fastcounter.de/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/img/besucherzaehler-browser.jpg
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
4dd08a3db8e1efe42c71c8bc50c9b74b4e25b4174c59616d19dcba9fa0713424

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Tue, 09 Sep 2014 14:37:45 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"540f10b9-8921"
content-length
35105
content-type
image/jpeg
fastcounter_combine.js
www.fastcounter.de/CIncludes/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/CIncludes/js/fastcounter_combine.js
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
845c716be9227a353b0136cd350cedb923daa356dd9cc7dd8e9a7b6a4e4bb42f

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Fri, 02 Apr 2021 09:25:47 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"6066e31b-2bf1"
content-length
11249
content-type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/ 		233 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87751
x-xss-protection
0
server
cafe
etag
1549945764410104263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 04:56:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame F542 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210525/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.blog.blog.secure.animax.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.blog.blog.secure.animax.to/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 03 Jun 2021 01:47:40 GMT
expires
Thu, 17 Jun 2021 01:47:40 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
11342
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
logo-fastcounter.png
www.fastcounter.de/CIncludes/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/CIncludes/img/logo-fastcounter.png
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/CIncludes/css/fc_style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
fc644081e4391b06456a84951ed46f963fbd36f3df13f17aafb4eed988702bda

Request headers

Referer
https://www.fastcounter.de/CIncludes/css/fc_style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Tue, 09 Sep 2014 14:37:31 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"540f10ab-aaa"
content-length
2730
content-type
image/png
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.blog.blog.secure.animax.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:32:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
109449
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:32:33 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.blog.blog.secure.animax.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 01:46:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
age
184191
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
expires
Wed, 01 Jun 2022 01:46:51 GMT
sprite_counter.png
www.fastcounter.de/CIncludes/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/CIncludes/img/sprite_counter.png
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/CIncludes/css/fc_style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
1ce1030b5f55fce8bb98104541136e48d4f71c087d3b2dac1ea23a5aeffe84f3

Request headers

Referer
https://www.fastcounter.de/CIncludes/css/fc_style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Thu, 01 Dec 2016 11:10:20 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"5840051c-411"
content-length
1041
content-type
image/png
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.blog.blog.secure.animax.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 13:41:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:24 GMT
server
sffe
age
141287
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
expires
Wed, 01 Jun 2022 13:41:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.blog.blog.secure.animax.to&callback=_gfp_s_&client=ca-pub-9307550705373567
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
07c264f5eba35ae5d553e531fac9db0bb357e226afe91a0e70a10d5a3777592b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.blog.blog.secure.animax.to%2F&tn=DIV&id=branding&ign=false
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 04:56:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.blog.blog.secure.animax.to
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.blog.blog.secure.animax.to
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 04:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C6E1 		603 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9307550705373567&output=html&adk=1812271804&adf=3025194257&lmt=1622696202&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.blog.blog.secure.animax.to%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622696202089&bpp=540&bdt=78&idt=651&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3695025858473&frm=20&pv=2&ga_vid=370820631.1622696203&ga_sid=1622696203&ga_hid=1623808417&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060839&oid=3&pvsid=1222096799872224&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=675
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9307550705373567&output=html&adk=1812271804&adf=3025194257&lmt=1622696202&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.blog.blog.secure.animax.to%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622696202089&bpp=540&bdt=78&idt=651&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3695025858473&frm=20&pv=2&ga_vid=370820631.1622696203&ga_sid=1622696203&ga_hid=1623808417&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060839&oid=3&pvsid=1222096799872224&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=675
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.blog.blog.secure.animax.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.blog.blog.secure.animax.to/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 04:56:42 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Jun-2021 05:11:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656037121142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28114
x-xss-protection
0
expires
Thu, 03 Jun 2021 04:56:42 GMT
fcount.php
www.fastcounter.de/ 		1 KB
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/fcount.php?rnd=80244434076
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
16baadb748e01288d0f32cb997a7ffe214ffbd5e4addb7f15f95f74c34d4ceed

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 04:56:42 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx/1.14.2
content-encoding
gzip
content-type
text/html; charset=UTF-8
skin.png
www.fastcounter.de/CIncludes/votes/skins/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/CIncludes/votes/skins/skin.png
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
af0fe6cdfc7c220afcf14c6e8cf23fdb8add06035e36ffb748d4cbe4bb0e647e

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:42 GMT
last-modified
Sat, 08 Nov 2014 11:18:47 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"545dfc17-798"
content-length
1944
content-type
image/png
memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.blog.blog.secure.animax.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:13:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:37 GMT
server
sffe
age
171792
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13916
x-xss-protection
0
expires
Wed, 01 Jun 2022 05:13:30 GMT
fcounter.php
www.fastcounter.de/ 		547 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/fcounter.php?test=1&rnd=77577156&s=blue&id=1&l=en-US&u=&w=1600&h=1200
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcount.php?rnd=80244434076
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
a36aeaeb32c5381f3e777d443375b361fd7f04c57c8e8c1577368593a3db6419

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 04:56:43 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.14.2
content-type
text/javascript;charset=UTF-8
content-length
547
expires
Thu, 19 Nov 1981 08:52:00 GMT
manager.php
www.fastcounter.de/CIncludes/votes/admin/php/ 		0
0
manager.php
www.fastcounter.de/CIncludes/votes/admin/php/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/CIncludes/votes/admin/php/manager.php?id=1&ref=https%3A%2F%2Fwww.blog.blog.secure.animax.to%2F&rnd=897_675
Protocol
H2
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.blog.blog.secure.animax.to
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.14.2
date
Thu, 03 Jun 2021 04:56:43 GMT
content-type
text/html; charset=UTF-8
content-encoding
gzip
fastcounter-banner-blue.gif
www.fastcounter.de/CIncludes/img/ 		167 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/CIncludes/img/fastcounter-banner-blue.gif
Requested by
Host: www.blog.blog.secure.animax.to
URL: https://www.blog.blog.secure.animax.to/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.54.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns519222.ip-158-69-54.net
Software
nginx/1.14.2 /
Resource Hash
49c00329105dd730de5d442cf5304a43e5fe4a0e98891775e4f4364c07d74bcd

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:43 GMT
last-modified
Tue, 09 Sep 2014 14:37:31 GMT
server
nginx/1.14.2
accept-ranges
bytes
etag
"540f10ab-a7"
content-length
167
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210525&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2e1c210c2aba83d650f98ff9c3428576919b53b47d7cb394d0092d74643ff93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 04:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7714
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9307550705373567&plah=www.blog.blog.secure.animax.to&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 04:56:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A471 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.blog.blog.secure.animax.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.blog.blog.secure.animax.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 00:59:14 GMT
expires
Fri, 03 Jun 2022 00:59:14 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
14249
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C45B 		783 B
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
84bdcb608756d4f75a9a0774b40a9515428bd0e7137527abbac4dc28df0b589e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a9N3mJPDQBRioOQqZJTjJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.blog.blog.secure.animax.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.blog.blog.secure.animax.to/

Response headers

expires
Thu, 03 Jun 2021 04:56:43 GMT
date
Thu, 03 Jun 2021 04:56:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-a9N3mJPDQBRioOQqZJTjJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
pagead2.googlesyndication.com/bg/ Frame A471 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 09:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
70689
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Thu, 02 Jun 2022 09:18:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210525&jk=1222096799872224&bg=!srGlsfXNAAaMan2LjGo7ACkAdvg8Wjx66tK-yRlIOl9iXQwLjHwNIz2jRZ1CMAn5lOo-XYSe71yIHwIAAABvUgAAAAtoAQcKADYTW2cuYF25FsD0aTkV3pNA6ZbdTexblG7iZ2gaRW3cv2WrUtNvcNPjovLo7nIBDaYtueJe6tOZAkxAZIsMIPR8txwS1JxYYlR_9XTQYa4sPOvPp2d1BBNPfG-d6Xlz5xa1gLlPOkP2H3lF3_kvJDSHr4KJgoUlWL9D3NTh_496Zu4eyZSHEp0TR_j-MVtYJ304DBQCQdYGsR5LX0TtZ6Nq_X8B1Fg3RksAiWf25vdU344lkP_rXyMpgw0LrIGyDX4U6roaJw4TDGEHPedJlag_cvEWIgBizYgKunWCu1GhteZfjsrBS3BB_JYT9wHhFcuX2AGPSKwJTwZLjIB1nLZwjoEa4-DQVyHP4E7nblQdzheyC_xqEeGxo56ucT64_1hfu05m5w72XqnNUv922GgMiIiGfEPqwbcBlO5CIT5-WU6KkYQkbkSNTvh_5El31SLDnhq87cZgcKtOofVEQxd6DQxwevWmXzZ4_A9Hk1O9EeKvvnPTNexvvAS4WAJG4rur06DpEt6TKvR8o1Oo8-PqJWia93U_qgOFXaP4i2LdfC0trxcmDX-Ny3mDd4H4PmHMF22Je3YSptyjPq3L4Zr8VkBvlefXDuGsTGzT-Iqs8hTqyY1QgXz2VcTxg4WJm14HRSGftiJrCiApPxAYG22mUig84qkMCTOMWxMTqN3HnHQJKNKuKQB_MLhY5lX9r6V8m38jEUq6748sw7ikiKh6jmEeF-QVoqvB0nUt4q40CmFmWE_iKgSHTid78XZgobHbqq1k8foXkQfpl3exSRc7tW452X_1OUR45KBkjehfaNhuPSw1JEtFnDxGVWKW6Yk1xiwG0f_uiOyq4CuH1AQJIX34TdY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blog.blog.secure.animax.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 04:56:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.fastcounter.de
URL
https://www.fastcounter.de/CIncludes/votes/admin/php/manager.php?id=1&ref=https%3A%2F%2Fwww.blog.blog.secure.animax.to%2F&rnd=897_675

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint function| $ function| jQuery object| page function| google_spfd number| google_unique_id object| google_sv_map string| cntr_txt1 string| cntr_txt2 string| cntr_txt3 string| cntr_txt4 string| cntr_txt5 string| cntr_txt6 string| cntr_txt7 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| changeStyle function| show_btn_nxt_cntr function| refresh_cntr_form function| setRequest function| interpretRequest string| color number| cntrid object| scrollReveal number| fcr object| _fcc boolean| _overidden undefined| settings_string function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| cid object| style object| fjs object| st object| fci object| GoogleGcLKhOms

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.blog.blog.secure.animax.to
www.fastcounter.de
www.google.com
www.googletagservices.com
www.fastcounter.de
142.250.181.226
158.69.54.123
185.178.208.179
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03b4f467947bba6145c12cb6d23bc146043fe1eedda0374b85f963f3bbd6aa9e
07c264f5eba35ae5d553e531fac9db0bb357e226afe91a0e70a10d5a3777592b
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
16baadb748e01288d0f32cb997a7ffe214ffbd5e4addb7f15f95f74c34d4ceed
1ce1030b5f55fce8bb98104541136e48d4f71c087d3b2dac1ea23a5aeffe84f3
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
49c00329105dd730de5d442cf5304a43e5fe4a0e98891775e4f4364c07d74bcd
4bf3137b26f1fb75b45743b5bb2700940f9889cd758e49cd03f22930b6c2b703
4dd08a3db8e1efe42c71c8bc50c9b74b4e25b4174c59616d19dcba9fa0713424
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
561845f65145aeacc00e8dec573617891dd1f1d2bc445eadd6717191f679318f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69f2367b3407f419bad5a941e9efa1e9c4c428656514da58a7ac37c38ef80d6a
7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04
845c716be9227a353b0136cd350cedb923daa356dd9cc7dd8e9a7b6a4e4bb42f
84bdcb608756d4f75a9a0774b40a9515428bd0e7137527abbac4dc28df0b589e
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a32e823e52c7166335ed4200e4c83bb15de8d108132d6a0242d2afaaec86b4ad
a36aeaeb32c5381f3e777d443375b361fd7f04c57c8e8c1577368593a3db6419
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af0fe6cdfc7c220afcf14c6e8cf23fdb8add06035e36ffb748d4cbe4bb0e647e
b3dc679b4a4827fd5ec5b23f02de9f19d22a8b36c0d28943716d6ad95957095f
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c2e1c210c2aba83d650f98ff9c3428576919b53b47d7cb394d0092d74643ff93
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c94389b25c623d2e78f0a535d89e83fe1f4faf90d9e0dbbad0ba92eda076182a
cd618f046c2bae673dc4a831bce22b29c1b3c16a118a74b102ccc6343eb3539b
dd233c705ebb6129045b560c19e9bf225d7463f4c96236e2adbc162d4e53fec1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f490c34af858a830917b28c87def671619ce7572c3acf839a8e0e76ef883a602
fc644081e4391b06456a84951ed46f963fbd36f3df13f17aafb4eed988702bda
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43