www.easycounter.com Open in urlscan Pro
52.1.22.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Submission: On January 13 via manual (January 13th 2024, 4:20:37 pm UTC) from BR — Scanned from DE

Summary HTTP 117 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 117 HTTP transactions. The main IP is 52.1.22.171, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.easycounter.com. The Cisco Umbrella rank of the primary domain is 471254.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.

This is the only time www.easycounter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.1.22.171 52.1.22.171	14618 (AMAZON-AES) (AMAZON-AES)
30	2606:4700:20:... 2606:4700:20::681a:913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3 15	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3 3	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.70 142.250.185.70	() ()
1	2a00:1450:400... 2a00:1450:4001:80b::2004	() ()
117	15

2 52.1.22.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-22-171.compute-1.amazonaws.com

www.easycounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:20::681a:913 (United States)

ASN13335 (CLOUDFLARENET, US)

thumbnail.easycounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.easycounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.easycounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.100 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (None, ) 1 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	452 KB
32	easycounter.com www.easycounter.com — Cisco Umbrella Rank: 471254 thumbnail.easycounter.com static.easycounter.com api.easycounter.com out.easycounter.com Failed	297 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	252 KB
17	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net	194 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	7 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	912 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	248 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
117	10

	Domain	Requested by
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
12	www.gstatic.com	googleads.g.doubleclick.net
12	static.easycounter.com	www.easycounter.com static.easycounter.com
11	pagead2.googlesyndication.com	www.easycounter.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	thumbnail.easycounter.com
8	api.easycounter.com	www.easycounter.com
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	www.easycounter.com googleads.g.doubleclick.net
6	www.googleadservices.com	www.easycounter.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	1 redirects
2	www.easycounter.com	www.easycounter.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.easycounter.com
0	out.easycounter.com Failed
117	17

This site contains links to these domains. Also see Links.

Domain
out.easycounter.com
updates.easycounter.com
whois.easycounter.com
server.easycounter.com
review.easycounter.com

Subject Issuer	Validity	Valid
easycounter.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Frame ID: C00BEBB8342D91EB01F2A9A3B6EE95EB
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 5353771252EEB17ACDF065F5A1FBCCD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=2197185067&adk=2341290475&adf=2665281147&pi=t.ma~as.2197185067&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833829&bpp=3&bdt=1415&idt=284&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=186490900451&frm=20&pv=2&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: 61087586A60BE8BF285E872DDABE15D0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=3673918269&adk=1785446650&adf=51825310&pi=t.ma~as.3673918269&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1418&idt=301&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303
Frame ID: 99035E36FD872F8B790A9FE904EFB435
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=5150651467&adk=3963706882&adf=113926574&pi=t.ma~as.5150651467&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1417&idt=304&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=306
Frame ID: 012AB0EAC37F26DAEC4099C6070C5505
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&adk=1812271804&adf=3025194257&lmt=1705162834&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833845&bpp=1&bdt=1431&idt=294&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C960x90%2C960x90&nras=1&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=300
Frame ID: 969337219CFD75C93909BD389AE43A59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F8D7A72973B351EA226F20E7136BFD84
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: E5F2E27ABDC1507D10FD1CA958B1441F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF985BAAA84EEF3AE3E0FF35DF72FF4A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E0179416DBCE21FD1673ED119B0B0DEC
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4AE11F2F9FFB9BAF2EB975F1E3C806F9
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: EA08E1F9A06BAD6965B6BF32D3B5238A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: C8162C0FE8D558F61E0B5D15F99F2C30
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: 4A8DFB8912B023A2B14071004C3C70CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: 66D775CB9D73F4C544CBD6E2A5F7C4BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2B229A7CD43C5002A6970B4D9092A690
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB4E6F95FA47F8B827E3B70B8A3C9EC8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sofiahalbofanimeworld.blogspot.com: sofiahalbof anime world

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

117
Requests

96 %
HTTPS

73 %
IPv6

10
Domains

17
Subdomains

15
IPs

2
Countries

1554 kB
Transfer

4070 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://out.easycounter.com/external/sofiahalbofanimeworld.blogspot.com?pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Title: Visit sofiahalbofanimeworld.blogspot.com

Search URL Search Domain Scan URL

URL: http://out.easycounter.com/external/blogspot.com
Title: Blogspot.com

Search URL Search Domain Scan URL

URL: https://updates.easycounter.com/sofiahalbofanimeworld.blogspot.com
Title: Sofiahalbofanimeworld.blogspot.com metadata updates

Search URL Search Domain Scan URL

URL: https://whois.easycounter.com/blogspot.com
Title: Blogspot.com whois history

Search URL Search Domain Scan URL

URL: https://server.easycounter.com/sofiahalbofanimeworld.blogspot.com
Title: Sofiahalbofanimeworld.blogspot.com server history

Search URL Search Domain Scan URL

URL: https://review.easycounter.com/sofiahalbofanimeworld.blogspot.com-report
Title: Sofiahalbofanimeworld.blogspot.com reviews

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=C9a9OUriiZfz3Euvz_tMPysSAiA_V7ISXdYeaxPqNEtnZHhABIN-ZyS1glfqOgqAHoAGQ7bjjAsgBAakCNEniKnwnCj6oAwHIA8sEqgSkAk_Q4bD_-W7ic4kJ24ty6QzQRKt0jyb8Bl6nJWKe2wNFMg2nAWurZXGiR492uXDKgFvuyFGUjvS3uameaPIICAEJT_WeLoJb93Kfm13xpDKuuqPb75mFbbYMuN0_xXv_QkwaxPwTQLC0_xLqurZzITqNNAw4i4_XA8s21l5XIkhAbc2hvza5RilLkmAPtWEpILjkJu6EXcDC42K6qzVVjKhDopvkHehxR_MnxBfGKuc7C6ZKerRKNOAJgf5D5RVFCZ76FtKZ8PeWwZVClH7Ltl-YzLnRC9JS3512dzGoBEvvzObjE5JB38-ICQYGwbEF0cFBXsy8yHVEwwYz-ugE_fkHg5iFATJWEA1ebIhDmV-3BLA4P_4e6SJMiNsz_dwD05Wnnu7ABKuiiovLBIgFrMv89U2SBQQIBBgBkgUECAUYBIAH2JLHnAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD2zQ_SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLiSk8ji2oMDmgnIAWh0dHBzOi8vc3RvcmUuc3RlYW1wb3dlcmVkLmNvbS9hcHAvMjQyNjk2MC8_dXRtX3NvdXJjZT1nb29nbGVhZHdvcmRzX3dlYiZ1dG1fY2FtcGFpZ249SFFfU1dfREVfR0FfQlJfUEMtU1RFQU1fR0ROXzI0MDEwOSZ1dG1fbWVkaXVtPTI0MDEwOV9BbGxfQU9fQWxsX1NURUFNLWxhdW5jaF9ERSZ1dG1fY29udGVudD1BTExfSFFfU3RlYW1fTGF1bmNoaW5ngAoByAsB2BMKiBQG0BUBmBYBgBcBshccChoIABIUcHViLTU5NTQ0NjUzNDg0NTIzOTAYAA&sigh=iTi-XueP0Us&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_VcY4ILnijO9BOO951akZRctSJhRhNaEjiTsocZ_TXvaYO-oG37lt_uLWCpuBRmtUl_L4mQ2GhZAa4E_oiqTWl_CGStSpfdLyQxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212411292402607820923%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22745420432%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228997485501095351473%22}&andc=true

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://googleads.g.doubleclick.net/pagead/adview?ai=C5p_mUriiZc36Esj__tMP8foOo4SToXXRvuj35BHqnbmN30EQASDfmcktYJX6joKgB6AB3fCqwCrIAQGoAwHIA8sEqgSmAk_QvWNPLsJI8jp9nYANVizr3ijQYk0ILKUfhC6E53Pk4w1xpPEfbEK5uLtta6JaNVUDvDdTtlndVOIgbB_Co_JJHSiYjZ0ct38Sf_34BtiX74Z1NCB8wiA2tS5H3JiWL4IIRh5ldzSho5Bs_6QFiMQrHLtwIoK7CZuh0M8dHCOgzwMX0qjkY3R3TNSL66NlkuhZiHQZDmwB-LQIB3jiiE4lTnv-I4PigzB6mylPDP410o18wF3-VCu7YM7aoDHdBDhGISnha3Ek4_Shp5cVbIZhhhlP8jlqJJXmSRdnyBwrGI4do7gJh8qazAI5JAQn8_z6JmGNR_Hvd_fU8QX5BhEk_-9RaN93XZR3h14ye0VeunCjOgXYiddeU0-5SO0gIqdyn9-qZsAEh6_-q78EiAWS0PG6TZIFBAgEGAGSBQQIBRgEgAfdqPufBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKHWGNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYnpmTyOLagwOaCZABaHR0cHM6Ly9wZGZpeGVycy5jb20vZG93bmxvYWRQYWdlLmh0bWw_Y2FtcGFpZ25faWQ9MjA3OTMwMjY1NzgmYWRncm91cF9pZD0xNTQ0NDI2MzUxNDMmcGxhY2VtZW50X2lkPXd3dy5lYXN5Y291bnRlci5jb20mY3JlYXRpdmVfaWQ9NjgxNDcwODkxNDM3gAoByAsB2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTU5NTQ0NjUzNDg0NTIzOTAYAA&sigh=h3XccLuDgOQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_-1AI0X6azEil7TTwk6MRLBIJDI1bjNctqUE6wy7OVWKS1rSHX8DlsRKZGUl_vte8RL7xqr7mofeASgIBTvy2-IPkcGYyef0x6WcYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211271439033482665880%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221248692203228464865%22}&andc=true

Request Chain 93

https://googleads.g.doubleclick.net/pagead/adview?ai=CSqV6UriiZbr2Errt_tMPkqyooA3ZtYDCaveD-LacEO-EiOrlLxABIN-ZyS1glfqOgqAHoAGVtq-eA8gBAagDAcgDywSqBKQCT9DV__lOWiBImmPUhZXgZ-oNPsRyK4q6SOYkFAeSwEOm812BycBkEnU_6Xp5kHX1YSTXlLuwcNC0UGXTVzxwdystxE_sMyq8r24iMaHgbBmMPlHClYj0BqFvawoQiYiUeMs1IgRGR3S-jJPc9obxK_E5XTv-IcUBGQIeSXYz-L_o9eqZ9eA_7oROkCCBCn7242mJlgANJg8-W1KIXaL1qA8IBbb-GRveSSLewQVE2K9ZmIrWJe3cD63iA7F53Rgr5I8N2WzPjEaSPRffznUTbKyA-89eet-FT_HlfdurWlgpc6AUheq0pEWg1jbVtpwf_-Bdd4907FQaBW4i2RVqlbYPLcSo3lSZm3XHVxdviI4_-rtOsnCmJi9QSRvcbN-ZzHgbRsAE0cr8w_8DiAW5hpvwA5IFBAgEGAGSBQQIBRgEgAfTydBhqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4s4t0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliukZPI4tqDA5oJWWh0dHBzOi8vd3d3LmF2YXN0LmNvbS9kZS1kZS9scC1wcGMtZnJlZS1hdj9mdWxsX3RyU3JjPW1tbV9hdmFfdHN0XzAwN18wMTdfZSZnY2xzcmM9YXcuZHMmgAoByAsB2BMMiBQJ0BUBmBYBgBcBshccChoIABIUcHViLTU5NTQ0NjUzNDg0NTIzOTAYAA&sigh=LlwfHw2JB8I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_pcKlDV0GNvZ5M9Q-t4A5PXAJGO6TOLwKrcyjM2d5YHVZrkQ6G157fZi0K07P2rWrPWFltLTsvqANON99I2N3jrK0oA8ybjAlnBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229964615142477074181%22,%22debug_reporting%22:true,%22destination%22:%22https://avast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22868997909%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223059092339861841841%22}&andc=true

Request Chain 94

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1328734928;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CJG25Mni2oMDFaem_QcdxwwGXA;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1328734928;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

117 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request sofiahalbofanimeworld.blogspot.com Show response
www.easycounter.com/report/ 89 KB
20 KB 1236ms
617ms Document
text/html 52.1.22.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.22.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-22-171.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: 9ab43a4b32763b836e9a809a69066d81e0bba922bbf9d87313114a6492e1aad5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 13 Jan 2024 16:20:31 GMT
Link: <https://thumbnail.easycounter.com/thumbnails/300x180/s/sofiahalbofanimeworld.blogspot.com.png>; rel=preload; as=image
Referrer-Policy: origin-when-cross-origin
Server: nginx/1.14.2
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent

GET
H2 200 sofiahalbofanimeworld.blogspot.com.png
thumbnail.easycounter.com/thumbnails/300x180/s/ 11 KB
12 KB 553ms
462ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/s/sofiahalbofanimeworld.blogspot.com.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c416236a3f5ad4ecb8ade32d5a217054ddaf8f83bf8fd04b4fe18d1f7ee43e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 87FKSVWJCYZD2V7Q
cf-polished: origFmt=png, origSize=13851
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="sofiahalbofanimeworld.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11656
x-amz-id-2: 43pDeEqquvQ8Z+Fb0WyleU9bX+ZLSNrMxHPErAbqOzDyh98elsnkt0Bc1DL2T/qeSxdj1Zq0h2E=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 18 Aug 2023 14:27:17 GMT
server: cloudflare
etag: "e82f23516e1a45f78efe5c0f4dfa0149"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFrC5Ni8ZRXG%2B00G4%2BqTCFTrAbjqa4%2BPRyUPQh5hCVvBUzGvIYfEMcFukPUrczyJ6lkKi7boV9nI8FlBAVFiGpNAKMZFpLwCsDRukLOrM3WCVwcPI66TFeReaM6MdyBfswuaC7v7bRvmChs%2BMaDWZIbMAueUpOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef79798e018ff-FRA
expires: Sat, 27 Jan 2024 16:19:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 1276ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67044ca99716481b5df2a30f20a7cea2cb94f041d3917a04f772bc2860ee8805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51431
x-xss-protection: 0
server: cafe
etag: 1690602677351238424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 13 Jan 2024 16:20:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 126ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic,900,900italic&subset=latin,cyrillic-ext&display=swap

Requested by

Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 16:20:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:20:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
892 B 120ms
44ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Mono&subset=latin,cyrillic&display=swap

Requested by

Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf58aae3faf3c465e103e765c8826fd478dba7c5148ea3078d169a6ea84cb655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 16:20:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:20:32 GMT

GET
H2 200 royalslider.css
static.easycounter.com/js/royalslider/ 3 KB
1 KB 142ms
52ms Stylesheet
text/css 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.easycounter.com/js/royalslider/royalslider.css
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d099b3ce272a0ffaaef27852b6761b07cafc4ea7e62fd9be65d49bf04d9ac3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301748
cf-polished: origSize=4151
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Jun 2019 09:36:24 GMT
server: cloudflare
etag: W/"5d15df98-1037"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ltD5%2FYrdSExJp5r52F0WUg6fxXsjy41v0RcFRDOKtl7HMDmjKrXJhlcCaP0aHGt2qm3HHZ78E%2FZW1%2BHFxvDCqfKhxOhj1hrzi1ugWyIvv0%2BOQ9vgLQokGJ9Nfw9doVooG%2BGHM1LjRdkttbWH4FuJnh%2By8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 844ef7976dd73627-FRA
expires: Sat, 27 Jan 2024 05:55:10 GMT

GET
H2 200 rs-default.css
static.easycounter.com/js/royalslider/skins/default/ 7 KB
2 KB 144ms
54ms Stylesheet
text/css 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.easycounter.com/js/royalslider/skins/default/rs-default.css
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a33c9c01d5f673d80a70d22fd637a9687c7d8212a5717df82877999150c1df62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1337532
cf-polished: origSize=9235
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Jun 2019 09:36:24 GMT
server: cloudflare
etag: W/"5d15df98-2413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKaZrVzOfwrgujiASJFQ8Vej%2BhWaQmF0VJapOq3fc9i1755p9Bm6kTNQkMxTPkE3QaU8a75xDJgv4Nuuz2yULlRJpu95j6Xib5GZn03A0IsCvIHsf0h09uz2fixryAocf5lsDkQ5lB8NHBRxzHJdUFoLwO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 844ef7976ddc3627-FRA
expires: Sat, 27 Jan 2024 10:25:18 GMT

GET
H2 200 logo.png
static.easycounter.com/img/ 834 B
1 KB 143ms
55ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/img/logo.png
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b87eaf810cbfd22319a73d89f3935943c76e26d1e211ee28e045f03bb6f4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386148
cf-polished: origFmt=png, origSize=3029
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 834
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:23 GMT
server: cloudflare
etag: "5d15df97-bd5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtG1mA6IRR%2Bv0e%2FhXtDuTLRsnH%2F%2Ft9u5eb2Diovq%2FLdu4uL6PkFxtFh5vhQOQeNpGR96rTNouTvSpbN%2F1gJdV5uhT3fqo7deVTb1oNhciCIxosdpjWxIZzPv5JMWcHZhfrYoxNxI6Km1oSjCGN%2FYwAjfg3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7976dcf3627-FRA
expires: Mon, 29 Jan 2024 08:37:22 GMT

GET
H2 200 icon_search.png
static.easycounter.com/img/ 258 B
651 B 140ms
53ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/img/icon_search.png
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae56496fe0f665caed5bacfe90607be90a05d2a5af23130430cd73ac9e405572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 461326
cf-polished: origFmt=png, origSize=1282
content-disposition: inline; filename="icon_search.webp"
alt-svc: h3=":443"; ma=86400
content-length: 258
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:23 GMT
server: cloudflare
etag: "5d15df97-502"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDyjCEFudZAXa4%2FYnYdCFQ5bhj2%2FK4Ckf6MBvCFq%2B68GZNlYEHqf1H6I7m6jowEfBA5Lb%2FBK01DG0brRbRUlpEWUKpJi7rXjmOJUaVn4xkHaIzZV2fAdpNdZK0%2Fe%2BCJlw3H4ORovokDCcrAebaWR0rT25PI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7975dc53627-FRA
expires: Sun, 04 Feb 2024 18:57:20 GMT

GET
H2 200 icon_stars.png
static.easycounter.com/img/ 746 B
1 KB 138ms
51ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/img/icon_stars.png
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22427bb5e012139717b63f504dceaa948ba9451e9962ee1b27b6cb8f790badaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43538
cf-polished: origFmt=png, origSize=2123
content-disposition: inline; filename="icon_stars.webp"
alt-svc: h3=":443"; ma=86400
content-length: 746
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:23 GMT
server: cloudflare
etag: "5d15df97-84b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zn%2FmoW8MIkAiKoSDTRadvWB45b1QNvOjULayl%2FN%2BCHgSrVEKi6OH6%2FNIPUYeDdklVxiFNNVGlQSsC5weLYP%2BsdBb9txHPtjO7pObmBizKDbvPVFmV9Af%2BYrdMKjYdIEK31bWjx6GFvi5Pw2bRS8nTPV4Qhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7976dcc3627-FRA
expires: Sun, 04 Feb 2024 20:34:09 GMT

GET
H2 200 us.png
static.easycounter.com/img/flags/ 310 B
688 B 140ms
54ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/img/flags/us.png
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbfea1459f7935adc680c00ada2cc90181e28d5bd250e28118973f5ec9c3fedb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1148232
cf-polished: origFmt=png, origSize=488
content-disposition: inline; filename="us.webp"
alt-svc: h3=":443"; ma=86400
content-length: 310
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:23 GMT
server: cloudflare
etag: "5d15df97-1e8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFWLKHYmC5NuatOywpLk6qnBVf4Lga5RP3xI0KSYlWJizmgaUmOroVEC9V4yDmXVsuXeFe4TLLyL0GJvVfrXvygWhu3Nf4HqPiukakSsyM8ggcC6K02NToy4H9nNpBgimNPjOOv3hehyXomifyNCb9XioDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7976dd33627-FRA
expires: Thu, 25 Jan 2024 08:44:44 GMT

GET
H2 200 icons_yandex_google.png
static.easycounter.com/img/ 4 KB
4 KB 1003ms
1003ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/img/icons_yandex_google.png
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df083c0013c984d742afbe3e4a76694655505fb7b84515956f6dc4a3721a50e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247110
cf-polished: origFmt=png, origSize=6204
content-disposition: inline; filename="icons_yandex_google.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3926
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:23 GMT
server: cloudflare
etag: "5d15df97-183c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtGQiPh8a0qt7yu9jUK4Tn3Wzk4pgOB%2F5a4bOO%2Fa1cptEUF6geesf4ZV6YMbOyygpx6oqU0uYo73vmYmbC8nBc6DGjQTUB3CvvVOTvfSF%2B08UJ%2FNF3RB73dCxSph7mCccBCsIJTh9EKYKkNkZEVlRRe2h6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7986f3a3627-FRA
expires: Thu, 25 Jan 2024 06:18:30 GMT

OPTIONS
H2 204 create
api.easycounter.com/api/hits2/ Frame 0
0 405ms
230ms Preflight
text/plain 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/create?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.easycounter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.easycounter.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844ef7988a0a381a-FRA
content-length: 0
content-type: text/plain charset=UTF-8; charset=utf-8
date: Sat, 13 Jan 2024 16:20:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FnEOlS%2BrjhlWtHlE9rw9ufd0nNxBJTajb4UY%2B3cirH5eOtZd8oD%2FpchU10V3HoLz5qKRPmXLAXL8DwxxBKxOIOjqXYe8B%2FTPC4uk%2BdtgxV2GUmdO%2BfI91gkCUTpH9Ca1o%2BbfUQSiTRbnwvJj%2FVOH6I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 create Show response
api.easycounter.com/api/hits2/ 32 B
379 B 171ms
171ms Fetch
application/json 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/create?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5242d2e5610aa73f78ee0840cb42bb2a742f39cf40df46ca209ea9e19e3bbed3

Request headers

Referer: https://www.easycounter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jan 2024 16:20:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmaKC14qXrXYsKr5yVZPxsGv95v1AcEcb9bM4Fv0j0G46s%2BsXwv6HQmjluKwdhzfliIsmiR2IkY3dKLPCi4fcun%2BnjBCSY6iSJfF3U20RI539RNzeUhcyWZKf8LIRx6YEghHtBjdOnSPkT4FZ5orlqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.easycounter.com
access-control-allow-credentials: true
cf-ray: 844ef799fb83381a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads-tracker.js Show response
static.easycounter.com/js/ 1 KB
911 B 49ms
49ms Script
application/javascript 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.easycounter.com/js/ads-tracker.js
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574647d982140bafdbc9e3273b28407230581c9b6d22fff0bf342d469961e594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 388859
cf-polished: origSize=1413
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 25 Oct 2023 14:14:46 GMT
server: cloudflare
etag: W/"653922d6-585"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8u4EIQhJYw%2FFqPkpuB%2FX%2BcL%2BPSeg16AHi4GeC2kE3pchepedewlFUjWOwgzfZW1jUnusRhDUbP5YLJ6n0iGYSRFywXkBXNHTOl2Vz37%2FIya29Ht9C%2BDHltwpsEFybmExUvd%2FPsrPktn3y2UvHJ1zW2TvZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 844ef7976de23627-FRA
expires: Mon, 29 Jan 2024 08:53:41 GMT

GET
H2 200 optimized_desktop.js Show response
static.easycounter.com/js/domain/ 455 KB
153 KB 57ms
57ms Script
application/javascript 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.easycounter.com/js/domain/optimized_desktop.js
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3deb778f13ce75431e7081f5703e4a4d120271b76a7c81784fc71c4429707d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1244540
cf-polished: origSize=467461
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 25 Oct 2023 14:14:46 GMT
server: cloudflare
etag: W/"653922d6-72205"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4MabYdlOpBC88klraKqCKz5m9NSmuCPoiJwRq3cokE%2FmguHnQmfUbqBp%2FwiXQCjqipTDX3RQfAVC%2Bh1fYUMCHzGAMcIs%2F9UPwEHz3tKTQJUyKAKlTQKL1VpTIkhDceyfhjonGcSk%2F7SCmcJAvYICcWhTjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 844ef7976de63627-FRA
expires: Sat, 27 Jan 2024 11:51:23 GMT

GET
H/1.1 200
OK hits.php
www.easycounter.com/ 43 B
190 B 211ms
211ms Image
image/gif 52.1.22.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.easycounter.com/hits.php?id=3919,6583,3925,6564,3553,5893,5510,5982,7687&r=27675
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.22.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-22-171.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 16:20:32 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 228ms
54ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8770086QN

Requested by

Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c74b60d45660174343ecd4a74f094ee4804bf838aa5366eaa3a6da8392d61b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jan 2024 16:20:32 GMT

GET
H2 200 sprite_social_icons.png
static.easycounter.com/img/ 7 KB
8 KB 228ms
228ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/img/sprite_social_icons.png
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77dbb68084f6873f8ba08cea710b212bc9064f5c1b2256225453436b8478a81c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1169410
cf-polished: origFmt=png, origSize=12021
content-disposition: inline; filename="sprite_social_icons.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7638
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:23 GMT
server: cloudflare
etag: "5d15df97-2ef5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGyQYIw4aeYFOfRVc5dH7lauHBhafJM%2FFoyxC%2Bbb0uOsnFnsEsiv%2Fr43QFjyWwIJJHCGsJo0VEeLb2EBBKOb%2FGBtBUQQt9khGHMqxuWfaDLzTXb4G2gJHQTscFLtI3J7I2VY2dCW0to%2BvUWFRatqJs3YD6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7986f363627-FRA
expires: Mon, 29 Jan 2024 11:56:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 547ms
467ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic,900,900italic&subset=latin,cyrillic-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.easycounter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:28:03 GMT
x-content-type-options: nosniff
age: 427950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:28:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 161ms
81ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic,900,900italic&subset=latin,cyrillic-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.easycounter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:10:29 GMT
x-content-type-options: nosniff
age: 112204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 09:10:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 163ms
83ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic,900,900italic&subset=latin,cyrillic-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.easycounter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 371419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 09:10:14 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 163ms
88ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic,900,900italic&subset=latin,cyrillic-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.easycounter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:16:48 GMT
x-content-type-options: nosniff
age: 446625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 12:16:48 GMT

OPTIONS
H2 204 appendUserdata
api.easycounter.com/api/hits2/ Frame 0
0 135ms
135ms Preflight
text/plain 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/appendUserdata?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.easycounter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.easycounter.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844ef79b0c91381a-FRA
content-length: 0
content-type: text/plain charset=UTF-8; charset=utf-8
date: Sat, 13 Jan 2024 16:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fx%2BcRWtr6VNpypYf6RTdvM9K9ZQmFG39yRNrB7nUSsBhshdzEfmHWfOtRAw%2BoG%2FcBT8v0maIrqi9PoTh3zWJnSSWJk2OGdLv%2FEE%2BE8kL1BY%2FVkZ9K32FncCn8AskaSubi8G7YU3hbmdzAr2a0hPlwyE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 appendUserdata Show response
api.easycounter.com/api/hits2/ 16 B
307 B 186ms
186ms Fetch
application/json 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/appendUserdata?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.easycounter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jan 2024 16:20:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tRDgdmBOZdMwwC6Yvf2Qli8kZ3rWo9y7Xl%2Fr%2F865JDfWFrIIU9%2FIJwLYjS7okoBGmZll1gyMem%2F0H02hFNsuPZhfPcSSkUImsxWyn7ynK1w5HLsPVnxh%2B7avfBGnrBLoibBddmDsptoy5Z5Wdib%2BnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.easycounter.com
access-control-allow-credentials: true
cf-ray: 844ef79bed59381a-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 appendUserdata Show response
api.easycounter.com/api/hits2/ 16 B
524 B 344ms
343ms Fetch
application/json 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/appendUserdata?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.easycounter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jan 2024 16:20:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bk6XtSASMq7d592jF8OtJ6HxuK%2B4WYTim4FnxXcT%2B9k7a87%2BpYve5nXh45e6Bv1%2BUKahCELx34WRluin%2BmlN1zsaJj1sA8kUNFdejV5hMvAsMj1WdAneXngKyxfGyZKgWKuXTiH2aSIAita%2F9KETZkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.easycounter.com
access-control-allow-credentials: true
cf-ray: 844ef79d0d5c1cc3-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 appendUserdata
api.easycounter.com/api/hits2/ Frame 0
0 321ms
320ms Preflight
text/plain 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/appendUserdata?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.easycounter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.easycounter.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844ef79b0c93381a-FRA
content-length: 0
content-type: text/plain charset=UTF-8; charset=utf-8
date: Sat, 13 Jan 2024 16:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOYBg0bcr4ulhFbTkjXl7DUE7eYaKYJWoU7G01yvO1hq53jc2c%2B7Fekewblj%2FHPZdDD%2BDEo4C9jNmWXVsriEIhzOX5wjDdPNTg%2BwgvAeeO5KQpEgQgRHHQwIVbh5sfqhvLcecX1c7%2FNsDMDi4mR5%2FDY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 524ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F8770086QN&gtm=45je41a0v9127092195&_p=1705162832531&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1612354229.1705162833&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705162833&sct=1&seg=0&dl=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&dt=Sofiahalbofanimeworld.blogspot.com%3A%20sofiahalbof%20anime%20world&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2108
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F8770086QN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:20:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.easycounter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5954465348452390&plah=www.easycounter.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5614c3309cfc1dc32a65a9104cb0e6f78592258e114b93dc5ef6af68a973f85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139380
x-xss-protection: 0
server: cafe
etag: 15810078645538244718
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:20:33 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 5353 9 KB
4 KB 617ms
265ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 01:39:14 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 01:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6108 128 KB
44 KB 1719ms
1649ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=2197185067&adk=2341290475&adf=2665281147&pi=t.ma~as.2197185067&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833829&bpp=3&bdt=1415&idt=284&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=186490900451&frm=20&pv=2&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=296

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5954465348452390&plah=www.easycounter.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c776e9c6a1c5fbb9f478b5d9b48143eeac405884cf9651222fcfec25220e372f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44607
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:35 GMT
expires: Sat, 13 Jan 2024 16:20:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9903 125 KB
42 KB 1613ms
1551ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=3673918269&adk=1785446650&adf=51825310&pi=t.ma~as.3673918269&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1418&idt=301&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

506c58dc525def88b7c07a219a2061a3582c6287a8a36a2395ea1e8c3ea67688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43228
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:35 GMT
expires: Sat, 13 Jan 2024 16:20:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 012A 131 KB
43 KB 742ms
683ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=5150651467&adk=3963706882&adf=113926574&pi=t.ma~as.5150651467&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1417&idt=304&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e2522fbfa14851b6e0c091147b7f4e1323fb318cd82de91bfddc6984050314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44292
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:34 GMT
expires: Sat, 13 Jan 2024 16:20:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9693 237 KB
55 KB 887ms
836ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&adk=1812271804&adf=3025194257&lmt=1705162834&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833845&bpp=1&bdt=1431&idt=294&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C960x90%2C960x90&nras=1&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0eecb4b123f3f8e7b541ae0c92b9ed577e7c2047ec297efdc27e4dc84c3878c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55843
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:34 GMT
expires: Sat, 13 Jan 2024 16:20:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 012A 9 KB
4 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=5150651467&adk=3963706882&adf=113926574&pi=t.ma~as.5150651467&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1417&idt=304&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H2 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame 012A 11 KB
5 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 08:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 19:47:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 08:26:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 012A 14 KB
1 KB 46ms
45ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:25:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:20:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 012A 2 KB
903 B 37ms
35ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:28:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 012A 23 KB
9 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 012A 3 KB
1 KB 201ms
200ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 012A 20 KB
9 KB 122ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 012A 205 KB
65 KB 201ms
123ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:20:35 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 012A 37 KB
15 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F8D7 143 B
228 B 743ms
742ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=5150651467&adk=3963706882&adf=113926574&pi=t.ma~as.5150651467&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1417&idt=304&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=306
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 15:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 012A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 797a025a7f1eb221fb56aaf46908e3f96d07d46b034d73adb8113c23c3f2f8c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 012A 33 KB
33 KB 282ms
281ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 403258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 00:19:37 GMT

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 9903 9 KB
4 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=3673918269&adk=1785446650&adf=51825310&pi=t.ma~as.3673918269&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1418&idt=301&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H3 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame 9903 11 KB
5 KB 187ms
186ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 08:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 19:47:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 08:26:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9903 14 KB
1 KB 48ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:31:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:20:35 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 165ms
165ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b357c2876a6308f81bf921f86ad10f957cd9a1c57db3ce4d3e92bc318d82ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56403
x-xss-protection: 0
server: cafe
etag: 967934407519791680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:20:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9903 2 KB
861 B 825ms
824ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:28:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 9903 23 KB
9 KB 826ms
826ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9903 3 KB
1 KB 873ms
873ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9903 20 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9903 205 KB
65 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:20:35 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 9903 37 KB
15 KB 229ms
229ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 6108 9 KB
4 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=2197185067&adk=2341290475&adf=2665281147&pi=t.ma~as.2197185067&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833829&bpp=3&bdt=1415&idt=284&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=186490900451&frm=20&pv=2&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H3 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame 6108 11 KB
5 KB 250ms
250ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 08:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 19:47:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 08:26:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6108 14 KB
1 KB 232ms
232ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:32:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:20:35 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 012A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9a9OUriiZfz3Euvz_tMPysSAiA_V7ISXdYeaxPqNEtnZHhABIN-ZyS1glfqOgqAHoAGQ7bjjAsgBAakCNEniKnwnCj6oAwHIA8sEqgSkAk_Q4bD_-W7ic4kJ24ty6QzQRKt0jyb8Bl6nJWK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212411292402607820923%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window...

0
0

153ms
71ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212411292402607820923%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22745420432%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228997485501095351473%22}&andc=true

Requested by

Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12411292402607820923","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["745420432"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"8997485501095351473"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jan 2024 16:20:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 16:20:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12411292402607820923","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["745420432"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"8997485501095351473"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F8D7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:36 GMT
expires: Sat, 13 Jan 2024 16:20:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js Show response
pagead2.googlesyndication.com/bg/ Frame E5F2 50 KB
19 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 01:20:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6108 2 KB
856 B 1137ms
1137ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:28:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 6108 23 KB
9 KB 1138ms
1138ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6108 3 KB
1 KB 1139ms
1139ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 6108 20 KB
8 KB 807ms
807ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6108 205 KB
65 KB 186ms
186ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:20:36 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 6108 37 KB
15 KB 208ms
208ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF98 143 B
166 B 37ms
36ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=3673918269&adk=1785446650&adf=51825310&pi=t.ma~as.3673918269&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833832&bpp=1&bdt=1418&idt=301&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90&correlator=186490900451&frm=20&pv=1&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 15:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9903 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4058669953ac01489448498dd76d1aedd574bf189027c755954099bfe0b7b98f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF98
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

116ms
116ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:36 GMT
expires: Sat, 13 Jan 2024 16:20:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame E017 9 KB
4 KB 74ms
74ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 03:19:40 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 03:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 423ms
72ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 16:20:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame E017 4 KB
671 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:25:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:20:36 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E017 205 B
229 B 42ms
41ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:30:37 GMT
x-content-type-options: nosniff
age: 96599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 13:30:37 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E017 604 B
628 B 43ms
41ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options: nosniff
age: 93015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame E017 16 KB
7 KB 147ms
146ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 22:18:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame E017 22 KB
9 KB 290ms
289ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 23:16:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4AE1 143 B
166 B 378ms
378ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5954465348452390&output=html&h=90&slotname=2197185067&adk=2341290475&adf=2665281147&pi=t.ma~as.2197185067&w=960&lmt=1705162834&rafmt=12&format=960x90&url=https%3A%2F%2Fwww.easycounter.com%2Freport%2Fsofiahalbofanimeworld.blogspot.com&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705162833829&bpp=3&bdt=1415&idt=284&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=186490900451&frm=20&pv=2&ga_vid=1612354229.1705162833&ga_sid=1705162834&ga_hid=1217112293&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079266%2C31080333%2C31080409%2C44798934%2C44809531%2C95320889%2C95321966&oid=2&pvsid=2617199753180355&tmod=529110567&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=296
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 15:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame EA08 2 KB
480 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 16:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:29:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 16:20:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EA08 2 KB
822 B 77ms
77ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 21:28:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame EA08 23 KB
9 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EA08 3 KB
1 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 11:25:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EA08 20 KB
8 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA08 205 KB
65 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 16:20:36 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame EA08 37 KB
15 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js Show response
pagead2.googlesyndication.com/bg/ Frame C816 50 KB
19 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js

Requested by

Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 01:20:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4AE1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
57ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:36 GMT
expires: Sat, 13 Jan 2024 16:20:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6108 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e4cb9b5dea8258c78790b2634d1be27aa5e0b8e73798bf668708039c87ebf8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9903 33 KB
33 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 403259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 00:19:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 012A 42 B
64 B 226ms
73ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucZv8JJ7ihepkVqZ3_6-sNlaqEe_UruR2kjrlv_allt18g2BOFxgCEf55JMOGJc2FdqMi9cWSwofzCCYXznQ_CVAMK9sBb9UbieJxBHBgRHC19wrjSmTNFGrZ3WwIFX2t0ZletI71DIMvapIi99PZyH_je&sai=AMfl-YSBk9LpSCiQzV6F6nL0_fpsKHZ1zvn83ApeMcjroCvbeOJ1vNuVJmxG48xuuDdUEoPYmyvZKEWRWFEFVN7_pga6NpzsKUhowWDVm_UW3enCsmnHKtv-xTxQBjZKqUh4DdntssmvuuSoWTOHyu-4&sig=Cg0ArKJSzFIVD07YBsugEAE&cid=CAQSTgAvHhf_VcY4ILnijO9BOO951akZRctSJhRhNaEjiTsocZ_TXvaYO-oG37lt_uLWCpuBRmtUl_L4mQ2GhZAa4E_oiqTWl_CGStSpfdLyQxgB&id=lidar2&mcvt=1000&p=0,0,90,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3963706882&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705162834138&rpt=1722&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9903
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5p_mUriiZc36Esj__tMP8foOo4SToXXRvuj35BHqnbmN30EQASDfmcktYJX6joKgB6AB3fCqwCrIAQGoAwHIA8sEqgSmAk_QvWNPLsJI8jp9nYANVizr3ijQYk0ILKUfhC6E53Pk4w1xpPE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211271439033482665880%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:...

0
0

73ms
73ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211271439033482665880%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221248692203228464865%22}&andc=true

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11271439033482665880","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"1248692203228464865"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jan 2024 16:20:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 16:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11271439033482665880","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"1248692203228464865"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A8D 50 KB
19 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 01:20:27 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6108 33 KB
33 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 403260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 00:19:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6108
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSqV6UriiZbr2Errt_tMPkqyooA3ZtYDCaveD-LacEO-EiOrlLxABIN-ZyS1glfqOgqAHoAGVtq-eA8gBAagDAcgDywSqBKQCT9DV__lOWiBImmPUhZXgZ-oNPsRyK4q6SOYkFAeSwEOm812...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229964615142477074181%22,%22debug_reporting%22:true,%22destination%22:%22https://avast.com%22,%22event_report_window%22:%222...

0
0

71ms
71ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229964615142477074181%22,%22debug_reporting%22:true,%22destination%22:%22https://avast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22868997909%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223059092339861841841%22}&andc=true

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9964615142477074181","debug_reporting":true,"destination":"https://avast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["868997909"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"3059092339861841841"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Jan 2024 16:20:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 16:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9964615142477074181","debug_reporting":true,"destination":"https://avast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["868997909"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"3059092339861841841"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

B22807636.328475542;dc_pre=CJG25Mni2oMDFaem_QcdxwwGXA;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1328734928;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/ Frame 6108
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1328734928;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CJG25Mni2oMDFaem_QcdxwwGXA;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1328734928;dc_lat=;dc_rd...

42 B
247 B

55ms
55ms

Image
image/gif

142.250.185.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CJG25Mni2oMDFaem_QcdxwwGXA;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1328734928;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Protocol

Server

142.250.185.70 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 16:20:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CJG25Mni2oMDFaem_QcdxwwGXA;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1328734928;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 appendUserdata
api.easycounter.com/api/hits2/ Frame 0
0 138ms
138ms Preflight
text/plain 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/appendUserdata?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.easycounter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.easycounter.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844ef7b488e11cc3-FRA
content-length: 0
content-type: text/plain charset=UTF-8; charset=utf-8
date: Sat, 13 Jan 2024 16:20:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLbuC0bx9oo7hWR0nLCnfDeqbstr8SvuAxXWA6JadgCoSTuYGsILHP1iDXH5y7U5MCkNzs5VN4QZx6Z7Uz9ijj%2FPWd43JNI1W0%2B4xunumiZqz5epSnfAT37rOVj76ddVfgZ3OnHIdTvNJ0EZvszw41M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 appendUserdata Show response
api.easycounter.com/api/hits2/ 16 B
485 B 315ms
314ms Fetch
application/json 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easycounter.com/api/hits2/appendUserdata?clientId=desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8&pageviewId=desktop-302e3839333934313030203137303531363238333120313536313532393433
Requested by: Host: www.easycounter.com
URL: https://www.easycounter.com/report/sofiahalbofanimeworld.blogspot.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.easycounter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF8aOqcYtGkXTHNcog5uBD%2FfXY82MOsQ0x4QB97cNFAmJcaq9O43LZTNpFVAUn7HnBwGFdEvMZDJC5UijcwcAma%2BfYTRMBEp2ATFdpw%2BUfBEBpp8sPSdemUDna7hamGuj9TNEpiKxFW5GNQf%2FfafQjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.easycounter.com
access-control-allow-credentials: true
cf-ray: 844ef7b65b4a1cc3-FRA
alt-svc: h3=":443"; ma=86400

GET informAdsHit
out.easycounter.com/get/ 0
0

GET
H2 200 bg_shadow_menu.png
static.easycounter.com/img/ 81 B
632 B 45ms
44ms Image
image/png 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/img/bg_shadow_menu.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1dc5e53ab1136aed66ecb90c9a181175ee23ad5c6b56e68da60b59f9d4bb9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475145
cf-polished: origSize=958, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 81
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:23 GMT
server: cloudflare
etag: "5d15df97-3be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyiR41ElN4zVGZ3NJVnH9OZcb2uWuM18Ee9eQDIRYItjdU4wEuA0Jr0%2B3C95fIPpBgcjxpR9mIA%2F9v8GO7mMkk3EHahPH6EAueIhWjknQngy%2FDHIUqy76YfcsuWTR21o2UqHpEqSW97lhp%2BBLG%2FB90ONPyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7b48fac3627-FRA
expires: Sat, 27 Jan 2024 07:24:30 GMT

GET
H2 200 grab.png
static.easycounter.com/js/royalslider/ 92 B
517 B 44ms
44ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.easycounter.com/js/royalslider/grab.png
Requested by: Host: static.easycounter.com
URL: https://static.easycounter.com/js/royalslider/royalslider.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11d39bbd39c0ec43490c1ad7ff1302c4dc83759ebfe914db807aa4f05ca595b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.easycounter.com/js/royalslider/royalslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 296838
cf-polished: origFmt=gif, origSize=99
content-disposition: inline; filename="grab.webp"
alt-svc: h3=":443"; ma=86400
content-length: 92
cf-bgj: imgq:100,h2pri
last-modified: Fri, 28 Jun 2019 09:36:24 GMT
server: cloudflare
etag: "5d15df98-63"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwWBMvAyR6yQvOexVlQpbCYxid7yub0rS8c%2FtzJm5dyreel6Eo4ModclBsEMG5pTwG%2FAO9dlsRg5LBQe%2BXATzcvE%2FhbONVNNyXNGLnuwbTUz0MQDIrL5hctcN3QIIXLW97G%2Brbm%2FdTPS4CS5afHE%2B2L%2BiQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 844ef7b49fc83627-FRA
expires: Thu, 25 Jan 2024 11:21:28 GMT

GET
H2 200 shop.best-tel.it.png
thumbnail.easycounter.com/thumbnails/300x180/s/ 4 KB
4 KB 186ms
183ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/s/shop.best-tel.it.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe821e8d495259540ea320f7430840412d79913fb8c32edaea98de16cc4c0fc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZRS8C3TA4CY57VDJ
cf-polished: origFmt=png, origSize=4976
content-disposition: inline; filename="shop.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4004
x-amz-id-2: CRYOAqqdQnkb6ek+uV/yoGqo9TimU68BnjDmGYlOHWSbUbt0wj/YiTseKaDOb0INivMgP01Wiq8=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 11 Oct 2017 07:47:03 GMT
server: cloudflare
etag: "7fb51b039a1b897920ed8d8892964f0d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSlVqcbOC%2FSHjWswMiXvXVA8Ep1ssh2s4Qocxo52br4AfSE0M2EC6RNfbQ%2BJ9d0cj%2B88v2dfdYlEWuU8TBNnkAti%2FROOF6GG5vFvtRUAJGBkSDNOHAWSq1X6TmJ8JheEDqp6wYGPsoVlu%2BqBmFU3lnkii1De%2Bv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4a9c418ff-FRA
expires: Sat, 27 Jan 2024 16:19:08 GMT

GET
H2 200 top-binary-options-brokers.com.png
thumbnail.easycounter.com/thumbnails/300x180/t/ 6 KB
7 KB 230ms
228ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/t/top-binary-options-brokers.com.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529f1f98e688f506c2c738d6b5aa122f5e148e1e826445ce843ba6732ca55519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N5MD9QMA9PWHW70A
cf-polished: origFmt=png, origSize=7162
content-disposition: inline; filename="top-binary-options-brokers.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6308
x-amz-id-2: VONHgOinBitlcF8Q4rQovkhGrFQLdUFwKdhrrifG3k4q6sfSZp83eVIcLSlZ2IB5sVK+KDp211A=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 13 Aug 2016 13:50:17 GMT
server: cloudflare
etag: "27a571bd1306c24c5160284c9773c311"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aow%2FqfalvCQxqgCh9d1awTcioELpxgImYqAf601ksnUWNS7jCCa9tEZA6sDadnIQ26TaY%2FU7595SMgdvZtyzK1rdnIuRw7Yk%2Fm%2BZy2lYX7uW8KSt4YIZFADP8FyLVTXO4eztwVrs7fuYraOWcVh3yynMn9lTz54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4a9c718ff-FRA
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 johann-sandra.com.png
thumbnail.easycounter.com/thumbnails/300x180/j/ 19 KB
20 KB 187ms
186ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/j/johann-sandra.com.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0c42f20fc18246490f3f103332ecbc0785adc08ea010f67d7939493ff625071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N5MAMZAXCTGKBHK5
cf-polished: origFmt=png, origSize=22555
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="johann-sandra.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19624
x-amz-id-2: sFkBtbmUYGItVPJgXkfvLNHLTBEef4HAxl8qCGHfSSIP5AUdVM4UCzVvkQEbqptly7dt4iVjoB0=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 03 Jun 2023 02:04:52 GMT
server: cloudflare
etag: "82a4b72ff462ff4feeaf284effecc062"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1x1UbVQYsc8hOWJyBJo7jVwr0O0jCD%2BN7s1beSevB9BGnThC5cVCYar3%2BCjzd443vkz052KDrZtivQKuPyTF8sw09y83czQrCio6eDg%2BlpScVQ5amN2Tb62L8SyLbGmyjiOeLEuQ7YC%2FmClD0VVr6TJ2r3%2FfHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4b9c918ff-FRA
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 livesportsnet.net.png
thumbnail.easycounter.com/thumbnails/300x180/l/ 12 KB
12 KB 191ms
189ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/l/livesportsnet.net.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952f37b109cfe363ac90a65050e93142bf72c6b7b98819f37a22be8c8e2e8ade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N5M93DGV27PJKG0K
cf-polished: origFmt=png, origSize=13805
content-disposition: inline; filename="livesportsnet.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12078
x-amz-id-2: r209JTL3NSlkL3UmviXp+3+1NgATm87waIIeXp2u6d94ul19Z63PM1vL8V2T/2QFmP9TpAWT+VU=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Sep 2020 00:34:18 GMT
server: cloudflare
etag: "34e37678a014d601452c58ed9989e632"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDtWVlHd8fFcQ63eT08zutrP%2F2fceF6Hcl%2BLzq34jNguPo17C3gGEFQLxpT1t4GI84glG%2FXVPMj1M%2BRCrufvE%2BiguTQwKhyBoQRL6uDbxM%2FHqrBiuwLJB5NMUr5Xt6ow3G4VkRiBK2gqewgbss%2FpXaSDU3tCljY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4b9cb18ff-FRA
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 armoire.directory-org.com.png
thumbnail.easycounter.com/thumbnails/300x180/a/ 5 KB
6 KB 186ms
185ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/a/armoire.directory-org.com.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd312892aacc27d1c35e192889701c2d04b957af813cbdeb50bb57ac9d264d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N5MEKPN4Z5S9P0KR
cf-polished: origFmt=png, origSize=6686
content-disposition: inline; filename="armoire.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5490
x-amz-id-2: PwnA5EN40XDPa+nAgx8ExFdZDO38m6XjhX4AN95KyrAaSA0D2zDCRbCiYBChAzRhziOzDm3JauY=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 25 Sep 2017 15:10:32 GMT
server: cloudflare
etag: "24fe77d17df1f8c65536ff56ba800856"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G7qPj3GSQYg8r07GN%2F58mBjDnmhgvtESEiZMHLWsxvwqs%2F5wCXVAXp2VrJwDgcVlKPgsn3Br%2BWK3WO53t5imEOvAC2x45vIw5515bkzpC2UjUoGo0lLAJRCsJ1Xi4WcXwQg1B8ET1E2mtNMGbO01ZVVjTYPTQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4b9ce18ff-FRA
expires: Sat, 27 Jan 2024 16:19:43 GMT

GET
H2 200 johnhancocknypensions.com.png
thumbnail.easycounter.com/thumbnails/300x180/j/ 8 KB
9 KB 459ms
458ms Image
image/png 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/j/johnhancocknypensions.com.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d1f09c5e88b27753c4810f923226a82beb2dd9a2e83ead5bb3f21b647cd638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 68ECN3HBW0257JER
alt-svc: h3=":443"; ma=86400
content-length: 8576
x-amz-id-2: 0cJH2FI95+4u1s0AHV2RH7KzggExE2q9tJEdEwBNaipOLsdZ6vMFbueNu4ZhwKXvzf9YjzpN9qw=
last-modified: Tue, 19 Nov 2019 03:37:39 GMT
server: cloudflare
etag: "22049d9be87f164a613089e52a695bfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miy%2BaLzjZo%2BldP8PJ5dq33lCTi4%2B3rrTEDu%2FHqxUVPhK1jLrG0WZt6hwjVrUIQOlOl1sqUkPLwhMoKIkPmsmhalS0vMOMk%2BvRIcWXdhw39xXC4UlykPKQ6IEgSDZK27u58HFzTEEwToExcOiZ3PNhfMgKtx0lL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4b9cf18ff-FRA
expires: Sat, 27 Jan 2024 16:20:37 GMT

GET
H2 200 ansiklopedi.yenimakale.com.png
thumbnail.easycounter.com/thumbnails/300x180/a/ 8 KB
9 KB 408ms
407ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/a/ansiklopedi.yenimakale.com.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4b4865d41ca10b765f29572194d92275002851c9eeb0d3eee63b47f935dd5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DNDJZMZH3FP66TVG
cf-polished: origFmt=png, origSize=8661
content-disposition: inline; filename="ansiklopedi.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8242
x-amz-id-2: cagYLARKPslCnFbmtqVI06H2lvi1NdNl+d0I7IFZC8hFboY1jBK8plDK+SIFbURxaVIk4WP+kDI=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Dec 2021 16:56:08 GMT
server: cloudflare
etag: "ea468a7366ded8fd421053eea652e2d5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjiC4taM%2B40R4hdow5hKoL3Qzk%2BkeOMBnYD1kTDHCYnqyPuchXJDlBlsDuh4fUssPfko0wMWreqWkNdqPVGeWtb1FKYh%2BTEuAQxqICVs38aiEZnbkkwTiMiQ6zM3HSPqTQ6fO7P5BsVQ7Up7UyqVT9Ce13wf1sM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4b9d318ff-FRA
expires: Sat, 27 Jan 2024 16:20:30 GMT

GET
H2 200 iacb.doi.gov.png
thumbnail.easycounter.com/thumbnails/300x180/i/ 13 KB
13 KB 495ms
494ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/i/iacb.doi.gov.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 397e624b5eaa81e5651fa6e38560053564383335a795d2eea5c2aaf8d82f3ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CZTC383N9W1EWG9W
cf-polished: origFmt=png, origSize=15408
content-disposition: inline; filename="iacb.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12996
x-amz-id-2: avSWx95YBd9+qly9lO2RSdLhila9AZChBW6y7Y/aUl9q/hJ/V7wHDUiYRIT4Yt99I6V8Wl7Eiks=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Dec 2022 15:22:49 GMT
server: cloudflare
etag: "6973245427625d418bac07f8f052b7af"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn1yHr3F8u3pFMksrPg3SbCqjzFCIE1jzRyCejl%2BqM6MpoYDdaMlqASykcjwopqJ9PPmyo0CnRpj5YwpfjmqnoIDzxLY2ZGEpHPHYu4gBtAfekDhjgbSh7VCHb8C5RQuSDWU6QOR9gu2Rsc0LTRbUovOGpYMKEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4ea2018ff-FRA
expires: Sat, 27 Jan 2024 16:20:31 GMT

GET
H2 200 vitiboutique.fr.png
thumbnail.easycounter.com/thumbnails/300x180/v/ 8 KB
9 KB 454ms
453ms Image
image/webp 2606:4700:20::681a:913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbnail.easycounter.com/thumbnails/300x180/v/vitiboutique.fr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c164fac4810ad50ef1b6104d5efdebdc4fd4fc4506e0ef153965d0f08d1bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AZ56FATRVKZVD2WG
cf-polished: origFmt=png, origSize=9533
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="vitiboutique.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8486
x-amz-id-2: 6VBSMMX6PbP1ZnUO4RTFxpWu6xGgLSSb38xEkiGzKA0xr8IeWjZF/tZNPg9bgd/RJQDmrioS2YM=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 09 Mar 2023 11:01:07 GMT
server: cloudflare
etag: "ef1a7f50349caf7b350289a0b6e8d4d6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuAKa9QzSa6CTArTOoo9R8GkxxmXnnGEGFzYKmKI1FwKPdKH%2F77JLz38QbMKlv3Ss30Yvrqj7HBTbfrf6QSG69Js5mjcTHnr0bVZvXfMoT164vg%2Bu1hQkWiLF2pFMTCssDPiHMrfXnkzRyQKPHm8spEFPt2RgLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 844ef7b4ea2218ff-FRA
expires: Sat, 27 Jan 2024 16:20:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 90ms
90ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2bbe493e81f84b70d68cf6053ac8505a19ed800a48994c7c9e29bd42abf10c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12324
x-xss-protection: 0

GET
H3 200 VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js Show response
pagead2.googlesyndication.com/bg/ Frame 66D7 50 KB
19 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 01:20:27 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 72ms
71ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 16:20:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 121ms
121ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 16:20:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.easycounter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 16:20:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B22 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 11:27:38 GMT
expires: Sun, 12 Jan 2025 11:27:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB4E 829 B
560 B 48ms
47ms Document
text/html 2a00:1450:4001:80b::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

c6240d3db63d7b70dc1453a4806600d5136ff6a36be7f92a87044c0ab8620ae3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6u-JpqFWXYumcdZ2-bRLeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.easycounter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6u-JpqFWXYumcdZ2-bRLeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 16:20:37 GMT
expires: Sat, 13 Jan 2024 16:20:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B22 39 KB
15 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 16:19:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB4E 0
0 129ms
129ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=2617199753180355&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2B22 0
10 B 33ms
33ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QvfCIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:20:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: out.easycounter.com
URL: https://out.easycounter.com/get/informAdsHit?domain=sofiahalbofanimeworld.blogspot.com&is_ads_hidden=0&viewport_height=1200&ads_top_coord=307&device=1&r=21356

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.easycounter.com/	1970-01-21 02:25:19	Name: cid Value: desktop-8de6fa700a6410ebbdbae4c9b9c7799ccef753d8
.easycounter.com/	1970-01-21 03:15:22	Name: _ga_F8770086QN Value: GS1.1.1705162833.1.0.1705162833.0.0.0
.easycounter.com/	1970-01-21 03:15:22	Name: _ga Value: GA1.1.1612354229.1705162833
.easycounter.com/	1970-01-21 03:00:58	Name: __gads Value: ID=560db572f7147693:T=1705162834:RT=1705162834:S=ALNI_MZYMhzMM2ESlgvY6u7RSyqpVm9luA
.easycounter.com/	1970-01-21 03:00:58	Name: __gpi Value: UID=00000cf5f06030dc:T=1705162834:RT=1705162834:S=ALNI_Ma4o18po9ym7u0NcS1Jl3VFPZyKcg
.doubleclick.net/	1970-01-21 03:00:58	Name: IDE Value: AHWqTUlbewWPD3A_N0PGCBhuFbPw-33ugcyU19kXwtbZc7XKdED7e2B4ZtLHd516k_k
.doubleclick.net/	1970-01-20 17:39:26	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 19:48:58	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
api.easycounter.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
out.easycounter.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.easycounter.com
thumbnail.easycounter.com
tpc.googlesyndication.com
www.easycounter.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
out.easycounter.com
142.250.185.100
142.250.185.70
2001:4860:4802:34::36
216.58.212.162
2606:4700:20::681a:913
2a00:1450:4001:802::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2003
52.1.22.171
09d1f09c5e88b27753c4810f923226a82beb2dd9a2e83ead5bb3f21b647cd638
0c416236a3f5ad4ecb8ade32d5a217054ddaf8f83bf8fd04b4fe18d1f7ee43e7
11d39bbd39c0ec43490c1ad7ff1302c4dc83759ebfe914db807aa4f05ca595b7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e2522fbfa14851b6e0c091147b7f4e1323fb318cd82de91bfddc6984050314
19c164fac4810ad50ef1b6104d5efdebdc4fd4fc4506e0ef153965d0f08d1bbe
1b357c2876a6308f81bf921f86ad10f957cd9a1c57db3ce4d3e92bc318d82ee5
22427bb5e012139717b63f504dceaa948ba9451e9962ee1b27b6cb8f790badaf
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e4cb9b5dea8258c78790b2634d1be27aa5e0b8e73798bf668708039c87ebf8a
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725
397e624b5eaa81e5651fa6e38560053564383335a795d2eea5c2aaf8d82f3ab6
4058669953ac01489448498dd76d1aedd574bf189027c755954099bfe0b7b98f
41b87eaf810cbfd22319a73d89f3935943c76e26d1e211ee28e045f03bb6f4a3
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
506c58dc525def88b7c07a219a2061a3582c6287a8a36a2395ea1e8c3ea67688
5242d2e5610aa73f78ee0840cb42bb2a742f39cf40df46ca209ea9e19e3bbed3
529f1f98e688f506c2c738d6b5aa122f5e148e1e826445ce843ba6732ca55519
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5614c3309cfc1dc32a65a9104cb0e6f78592258e114b93dc5ef6af68a973f85f
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
574647d982140bafdbc9e3273b28407230581c9b6d22fff0bf342d469961e594
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67044ca99716481b5df2a30f20a7cea2cb94f041d3917a04f772bc2860ee8805
77dbb68084f6873f8ba08cea710b212bc9064f5c1b2256225453436b8478a81c
797a025a7f1eb221fb56aaf46908e3f96d07d46b034d73adb8113c23c3f2f8c4
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7bd312892aacc27d1c35e192889701c2d04b957af813cbdeb50bb57ac9d264d3
8d099b3ce272a0ffaaef27852b6761b07cafc4ea7e62fd9be65d49bf04d9ac3f
952f37b109cfe363ac90a65050e93142bf72c6b7b98819f37a22be8c8e2e8ade
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9ab43a4b32763b836e9a809a69066d81e0bba922bbf9d87313114a6492e1aad5
9b4b4865d41ca10b765f29572194d92275002851c9eeb0d3eee63b47f935dd5f
a2bbe493e81f84b70d68cf6053ac8505a19ed800a48994c7c9e29bd42abf10c5
a33c9c01d5f673d80a70d22fd637a9687c7d8212a5717df82877999150c1df62
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae56496fe0f665caed5bacfe90607be90a05d2a5af23130430cd73ac9e405572
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf58aae3faf3c465e103e765c8826fd478dba7c5148ea3078d169a6ea84cb655
c1dc5e53ab1136aed66ecb90c9a181175ee23ad5c6b56e68da60b59f9d4bb9a2
c6240d3db63d7b70dc1453a4806600d5136ff6a36be7f92a87044c0ab8620ae3
c74b60d45660174343ecd4a74f094ee4804bf838aa5366eaa3a6da8392d61b80
c776e9c6a1c5fbb9f478b5d9b48143eeac405884cf9651222fcfec25220e372f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbfea1459f7935adc680c00ada2cc90181e28d5bd250e28118973f5ec9c3fedb
d0c42f20fc18246490f3f103332ecbc0785adc08ea010f67d7939493ff625071
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
df083c0013c984d742afbe3e4a76694655505fb7b84515956f6dc4a3721a50e8
e0eecb4b123f3f8e7b541ae0c92b9ed577e7c2047ec297efdc27e4dc84c3878c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3deb778f13ce75431e7081f5703e4a4d120271b76a7c81784fc71c4429707d5
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe821e8d495259540ea320f7430840412d79913fb8c32edaea98de16cc4c0fc7

www.easycounter.com Open in urlscan Pro 52.1.22.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

96 %HTTPS

73 %IPv6

10 Domains

17 Subdomains

15 IPs

2 Countries

1554 kBTransfer

4070 kBSize

8 Cookies

6 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.easycounter.com Open in urlscan Pro
52.1.22.171 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

96 %
HTTPS

73 %
IPv6

10
Domains

17
Subdomains

15
IPs

2
Countries

1554 kB
Transfer

4070 kB
Size

8
Cookies

117 HTTP transactions
3 data transactions