urlscan.io logo urlscan.io
SecurityTrails logo

counterretreat.com Open in urlscan Pro
142.93.228.190  Public Scan

Go To Rescan Add Verdict Report
URL: https://counterretreat.com/
Submission: On June 08 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 73 HTTP transactions. The main IP is 142.93.228.190, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is counterretreat.com.
TLS certificate: Issued by R3 on June 5th 2024. Valid for: 3 months.
This is the only time counterretreat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

39    142.93.228.190 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
counterretreat.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.230.228.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-32.muc50.r.cloudfront.net
platform-api.sharethis.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    217.195.154.11 (Amsterdam, Netherlands)

ASN395092 (SHOCK-1, US)
PTR: nl-s2.serverpanel.net
umeandthekids.com
8    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2600:9000:26da:f800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
2    108.138.36.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-86.muc50.r.cloudfront.net
sb.scorecardresearch.com
1    3.123.164.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-164-182.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
39 counterretreat.com
counterretreat.com
1 MB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
214 KB
3 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5011
buttons-config.sharethis.com — Cisco Umbrella Rank: 5759
l.sharethis.com — Cisco Umbrella Rank: 5547
47 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 10670
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
397 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3163
www.google.com — Cisco Umbrella Rank: 5
318 B
2 gstatic.com
fonts.gstatic.com
91 KB
2 google-analytics.com
google-analytics.com — Cisco Umbrella Rank: 58
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
89 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 194
3 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3242
pixel.wp.com — Cisco Umbrella Rank: 3184
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
156 KB
1 umeandthekids.com
umeandthekids.com
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
1 KB
0 glam.com Failed
www2.glam.com Failed
73 15
Domain Requested by
39 counterretreat.com 1 redirects counterretreat.com
8 pagead2.googlesyndication.com counterretreat.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.nl counterretreat.com
2 stats.g.doubleclick.net www.googletagmanager.com
google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net counterretreat.com
connect.facebook.net
2 sb.scorecardresearch.com counterretreat.com
2 www.googletagmanager.com counterretreat.com
1 www.google.com counterretreat.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.google-analytics.com google-analytics.com
1 pixel.wp.com counterretreat.com
1 google-analytics.com counterretreat.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com counterretreat.com
1 umeandthekids.com counterretreat.com
1 platform-api.sharethis.com counterretreat.com
1 fonts.googleapis.com counterretreat.com
0 www2.glam.com Failed counterretreat.com
73 21
Subject Issuer Validity Valid
counterretreat.com
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.umeandthekids.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-17 -
2024-06-15		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.nl
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://counterretreat.com/
Frame ID: ABBF3DF6306096BD33E52D0E8A6EE5BB
Requests: 68 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Frame ID: DB1BB8AAA85B284F504F73950938389C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4339167219884835&output=html&h=250&slotname=2954446394&adk=1791392661&adf=3423917924&pi=t.ma~as.2954446394&w=326&abgtt=1&fwrn=4&fwrnh=100&lmt=1717602744&rafmt=1&to=pso&channel=WordPressFront&format=326x250&url=https%3A%2F%2Fcounterretreat.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717812628667&bpp=4&bdt=632&idt=172&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=5524495490768&frm=20&pv=2&ga_vid=602481152.1717812629&ga_sid=1717812629&ga_hid=696575634&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1027&ady=4320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084349%2C44795922%2C95332916%2C95334508%2C95334528%2C95334571%2C95334579%2C95334829%2C31084345%2C95334052%2C95334159%2C31078668&oid=2&pvsid=252481686306217&tmod=549144130&uas=0&nvt=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=200
Frame ID: 4270690EFE0747474A298E07E834305A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4339167219884835&output=html&h=280&slotname=2625929594&adk=3639587812&adf=558060627&pi=t.ma~as.2625929594&w=1140&abgtt=1&fwrn=4&fwrnh=100&lmt=1717602744&rafmt=1&to=pso&channel=WordPressFront&format=1140x280&url=https%3A%2F%2Fcounterretreat.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717812628671&bpp=1&bdt=636&idt=243&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=326x250&correlator=5524495490768&pv_ch=WordPressFront%2B&frm=20&pv=1&ga_vid=602481152.1717812629&ga_sid=1717812629&ga_hid=696575634&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084349%2C44795922%2C95332916%2C95334508%2C95334528%2C95334571%2C95334579%2C95334829%2C31084345%2C95334052%2C95334159%2C31078668&oid=2&pvsid=252481686306217&tmod=549144130&uas=0&nvt=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=250
Frame ID: 9E3B3B1F186E3B5CD06F6B40C6B0336A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4339167219884835&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1717602744&plat=1%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&channel=WordPressFront&format=0x0&url=https%3A%2F%2Fcounterretreat.com%2F&host=ca-host-pub-2644536267352236&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_18~28_16~30_23~27_4&aiixl=32_9~28_4~30_6~27_3&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717812628671&bpp=1&bdt=636&idt=270&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=326x250%2C1140x280&nras=1&correlator=5524495490768&pv_ch=WordPressFront%2B&frm=20&pv=1&ga_vid=602481152.1717812629&ga_sid=1717812629&ga_hid=696575634&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084349%2C44795922%2C95332916%2C95334508%2C95334528%2C95334571%2C95334579%2C95334829%2C31084345%2C95334052%2C95334159%2C31078668&oid=2&pvsid=252481686306217&tmod=549144130&uas=0&nvt=1&fsapi=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=308
Frame ID: CDA077800AA0414F6F6F6803E0BF2D8F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA5E401D48C3A82F842C9BB25C6B3C95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

U me and the kids - UK Lifestyle,Parenting & Beauty Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

73
Requests

96 %
HTTPS

55 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

1696 kB
Transfer

2799 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://counterretreat.com/URL(HTTP://FONTS.GOOGLEAPIS.COM/CSS?FAMILY=GEORGIA) HTTP 301
  • https://counterretreat.com/URL%28HTTP:/FONTS.GOOGLEAPIS.COM/CSS?FAMILY=GEORGIA)

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
counterretreat.com/ 		90 KB
90 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
59a5f78c8c0c93ac9749ee7f92a67ce45b4864d345d387d5892069dd73543974

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
91915
content-type
text/html; charset=UTF-8
date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:52:24 GMT
server
nginx/1.15.5
style.css
counterretreat.com/wp-content/themes/runwaypro/ 		42 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/themes/runwaypro/style.css?ver=2.0.0
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
bbc09d9e796acd349fce6a1fc3daa6d820bc55742031ba097336ce3749947d28

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
43157
content-type
text/css
style.min.css
counterretreat.com/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.9
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
80574
content-type
text/css
mediaelementplayer-legacy.min.css
counterretreat.com/wp-includes/js/mediaelement/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
11256
content-type
text/css
wp-mediaelement.min.css
counterretreat.com/wp-includes/js/mediaelement/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.9
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
4186
content-type
text/css
cookie-law-info-public.css
counterretreat.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.2
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
3106
content-type
text/css
cookie-law-info-gdpr.css
counterretreat.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.2
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
27249
content-type
text/css
client.css
counterretreat.com/wp-content/plugins/jquery-pin-it-button-for-images/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
1959
content-type
text/css
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A500%2C400%2C700%7CFjalla+One&ver=2.0.0
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cb0a08013ba5bc50bf5f6c990af85ba0c0b9bda7f410a4c6c23edd58fb2d06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 08 Jun 2024 02:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 08 Jun 2024 02:10:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Jun 2024 02:10:28 GMT
style.css
counterretreat.com/wp-content/plugins/simple-social-icons/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
6ca663ffc7d06bb83d81ed5f74d2d361311b0bbcead435e028e6801dca3eebb0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
1275
content-type
text/css
jetpack.css
counterretreat.com/wp-content/plugins/jetpack/css/ 		86 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.8.1
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
420033f9eaf95478a450e558f93ae6d7a5ad950c3e78f38832b47f9e2164418a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
88148
content-type
text/css
jquery.min.js
counterretreat.com/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
89521
content-type
application/javascript
jquery-migrate.min.js
counterretreat.com/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
11224
content-type
application/javascript
cookie-law-info-public.js
counterretreat.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.2
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
34185
content-type
application/javascript
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-32.muc50.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:03:53 GMT
content-encoding
gzip
via
1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
MUC50-P5
age
395
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
MDjKo6OszqysFB8Z7JJvxmlsuqg0ARUMd-SJCPnaou-RzwXqYhn_-A==
js
www.googletagmanager.com/gtag/ 		258 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-TQTHS3B
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f424833e71a08eb61f05e468c3d6fddfd613f022f2ea28f0b4582b50bbdb3983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93187
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 08 Jun 2024 02:10:28 GMT
wp-emoji-release.min.js
umeandthekids.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://umeandthekids.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.9
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.195.154.11 Amsterdam, Netherlands, ASN395092 (SHOCK-1, US),
Reverse DNS
nl-s2.serverpanel.net
Software
LiteSpeed /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
content-encoding
br
last-modified
Wed, 19 Jan 2022 23:23:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4539
/
counterretreat.com/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/?custom-css=0e865c5f3b
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
fa9d5bd507feb5e9526dd379b757258c468f5688946d994012ed923d9d09034b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
2090
content-type
text/css;charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a394d07eeb2da60d2408019ef311e84068f6ab414f1b4b45509d9182179c8b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52180
x-xss-protection
0
server
cafe
etag
13792789001755864132
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 08 Jun 2024 02:10:28 GMT
20-Amazing-Unicorn-Party-Ideas-for-Kids-260x457.jpg
counterretreat.com/wp-content/uploads/2015/12/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/12/20-Amazing-Unicorn-Party-Ideas-for-Kids-260x457.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
7095c205064ede7e49ba0968aadf00fb0300146a2dc8cd0b2b004245ce27be4b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
113797
content-type
image/jpeg
20-perfect-princess-party-ideas-for-girls-260x351.jpg
counterretreat.com/wp-content/uploads/2015/11/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/11/20-perfect-princess-party-ideas-for-girls-260x351.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
f4b71e0bbe179d86b854aa036dfa8898ddb76774dbbd2972f94ee227829f7689

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
40300
content-type
image/jpeg
frozen-party-ideas-260x322.jpg
counterretreat.com/wp-content/uploads/2015/08/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/08/frozen-party-ideas-260x322.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
8f1849006d013b3d7ec8c607ded9a3c68a8dedbe4eeef67026e795109a7604b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
23300
content-type
image/jpeg
10-truly-awesome-Peppa-Pig-birthday-party-ideas-260x371.jpg
counterretreat.com/wp-content/uploads/2015/09/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/09/10-truly-awesome-Peppa-Pig-birthday-party-ideas-260x371.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
840641fe628c65b28a3d42f7d6aade0b4a64693a96d8b5592ba8b57c4e964578

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
107335
content-type
image/jpeg
21-Star-Wars-Birthday-Party-Ideas-260x423.jpg
counterretreat.com/wp-content/uploads/2015/09/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/09/21-Star-Wars-Birthday-Party-Ideas-260x423.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
2f34a09e6b6864c2a2fdd57f4ec6b3d6446c046ec08d23b90ce057deb86f1a63

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
87956
content-type
image/jpeg
featured-in-the-telegraph.jpg
counterretreat.com/wp-content/uploads/2015/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/08/featured-in-the-telegraph.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
46b4a4cb67108bf0f12af087b467b92d5848a962be308e1d8e5c913f35649ea0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
9208
content-type
image/jpeg
11811512_10205819763906822_4296907300264807455_n.jpg
counterretreat.com/wp-content/uploads/2015/08/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/08/11811512_10205819763906822_4296907300264807455_n.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
12e424ca24a47bb4243cdde1522fe9c8f5a4dcde5a5e20534508e1d9acb7ac95

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
21617
content-type
image/jpeg
interior.jpg
counterretreat.com/wp-content/uploads/2015/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/08/interior.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
9cfad7b80f1a8a3172dedf5b68fcf431338f263fb5ae7de8660096107ffbbe16

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
22804
content-type
image/jpeg
travel.jpg
counterretreat.com/wp-content/uploads/2015/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2015/08/travel.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
bd452de25fd780699cebd00109d57d9f3f4117bfa6eceaf2ad93d860508cb8ec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
25940
content-type
image/jpeg
jpibfi.client.js
counterretreat.com/wp-content/plugins/jquery-pin-it-button-for-images/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
14508
content-type
application/javascript
jquery.optimum-lazy-load.min.js
counterretreat.com/wp-content/plugins/unveil-lazy-load/js/ 		614 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/unveil-lazy-load/js/jquery.optimum-lazy-load.min.js?ver=0.3.1
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
f496e07103d16733e37931c80067cabde1102e631ddf431642247c50f813c176

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
614
content-type
application/javascript
wp-embed.min.js
counterretreat.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-includes/js/wp-embed.min.js?ver=5.8.9
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
1478
content-type
application/javascript
e-202423.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202423.js
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Sat, 08 Jun 2024 02:10:28 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14421-1717166113627.1218
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 01 Jun 2025 22:14:11 GMT
5eed5eef0e78e500125680e0.js
buttons-config.sharethis.com/js/ 		30 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5eed5eef0e78e500125680e0.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:f800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:29 GMT
via
1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 20 Jun 2020 00:57:20 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
etag
"e6e1643313740711175f51662a65b42f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
sfDf1TExGh0rRGWM5vW7AzA2_FWyGEs-PsgLhR3J6J82OkpOTPT7Bg==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-86.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 00:31:00 GMT
content-encoding
gzip
via
1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
last-modified
Fri, 03 May 2024 13:20:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
5985
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
XFOteQDxi0KVyr9pOgEy6PzIT2yJH0RLco0kSVKrLyfwfznxg12JKg==
viewChannelModule.act
www2.glam.com/app/site/affiliate/ 		0
0
gtm.js
www.googletagmanager.com/ 		177 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5M2WKD
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c601e5958f9ac63588e90f6c17b9117fe1a155c1ead84a8c1a963f2597d2f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65547
x-xss-protection
0
last-modified
Sat, 08 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 08 Jun 2024 02:10:28 GMT
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=counterretreat.com&location=%2F&product=ga&url=https%3A%2F%2Fcounterretreat.com%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=U%20me%20and%20the%20kids%20-%20UK%20Lifestyle%2CParenting%20%26%20Beauty%20Blog&cms=unknown&publisher=5eed5eef0e78e500125680e0&sop=true&version=st_sop.js&lang=en&ua=%22Google%20Chrome%22%3Bv%3D%22125%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22125%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22125.0.6422.141%22%2C%20%22Chromium%22%3Bv%3D%22125.0.6422.141%22%2C%20%22Not.A%2FBrand%22%3Bv%3D%2224.0.0.0%22&ua_platform_version=10.0.0&uuid=86f3a4d6-fcdb-4a7f-a190-67f5f26e1cbb
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.164.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-164-182.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 08 Jun 2024 02:10:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://counterretreat.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3295f8585be498c6cc107bdd13d65496bf7c4cd186da851d0b9f445db56250f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 08 Jun 2024 02:10:28 GMT
content-md5
jdrAZmKRvX79o3yvi1F7tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1297, tbw=2795, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
chlFGtpd9U2VVqLWMqctdzxLU5NxJ9dArCs5yLyNg0RagquhPCl0ekdL2a8jCexx6/9IOkhalqy/8WrcSCMgIQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e000df1904ce2104a042d3688a1d2fdd
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"adce45d38a796d79eb3fa6f705c0e226"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:24:29 GMT
analytics.js
google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 08 Jun 2024 01:08:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 08 Jun 2024 03:08:22 GMT
CSS
counterretreat.com/URL%28HTTP:/FONTS.GOOGLEAPIS.COM/
Redirect Chain
  • https://counterretreat.com/URL(HTTP://FONTS.GOOGLEAPIS.COM/CSS?FAMILY=GEORGIA)
  • https://counterretreat.com/URL%28HTTP:/FONTS.GOOGLEAPIS.COM/CSS?FAMILY=GEORGIA)
1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/URL%28HTTP:/FONTS.GOOGLEAPIS.COM/CSS?FAMILY=GEORGIA)
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/?custom-css=0e865c5f3b
Protocol
H2
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
ba00dbce4232204e61a5fd28c491fd61a1972724b45c3f00dbd495c3ea57cf8a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://counterretreat.com/?custom-css=0e865c5f3b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 22:12:11 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
1451
content-type
text/html; charset=utf-8

Redirect headers

location
/URL%28HTTP:/FONTS.GOOGLEAPIS.COM/CSS?FAMILY=GEORGIA)
date
Sat, 08 Jun 2024 02:10:28 GMT
server
nginx/1.15.5
content-length
0
symbol-defs.svg
counterretreat.com/wp-content/plugins/simple-social-icons/ 		38 KB
38 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
8258853dd48d21c31f56050b57b2b0f7e5a0873ece636cf286d28df782251d7c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
39323
content-type
image/svg+xml
nav-pink.png
counterretreat.com/wp-content/themes/runwaypro/images/ 		945 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/themes/runwaypro/images/nav-pink.png
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/wp-content/themes/runwaypro/style.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
02385642eb27ab307765b9bbef3d47e45d95385efbbb07ce638c114ec2ddcd2b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/wp-content/themes/runwaypro/style.css?ver=2.0.0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
945
content-type
image/png
title-bg.png
counterretreat.com/wp-content/themes/runwaypro/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/themes/runwaypro/images/title-bg.png
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/wp-content/themes/runwaypro/style.css?ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
c559b1b391c8e8f323bbd5e3e31619a3f53ad821b0d2e949021f046fee1d0812

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/wp-content/themes/runwaypro/style.css?ver=2.0.0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:16 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
1043
content-type
image/png
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A500%2C400%2C700%7CFjalla+One&ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://counterretreat.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 08:34:57 GMT
x-content-type-options
nosniff
age
63331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44584
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 08:34:57 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A500%2C400%2C700%7CFjalla+One&ver=2.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://counterretreat.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:12:47 GMT
x-content-type-options
nosniff
age
302261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48336
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:12:47 GMT
20220115_131601-1-300x225.jpg
counterretreat.com/wp-content/uploads/2024/06/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2024/06/20220115_131601-1-300x225.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
143f31168639e528e09163d9139515d7f0f36928139da3ad3282c53bce0aadca

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:29 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
13873
content-type
image/jpeg
CF319E71-F912-4940-B2C8-38BD3B37912A_1-200x300.jpg
counterretreat.com/wp-content/uploads/2024/05/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2024/05/CF319E71-F912-4940-B2C8-38BD3B37912A_1-200x300.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
1ab6102e070c094f46e8607da1b5663181ac426c8ef7656060bdd7ee258b2639

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:29 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
17005
content-type
image/jpeg
webiste_banner_2-02_500x_b4e234b0-ba5b-4310-9bb8-77ac66b041f3_500x-171x300.webp
counterretreat.com/wp-content/uploads/2024/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2024/05/webiste_banner_2-02_500x_b4e234b0-ba5b-4310-9bb8-77ac66b041f3_500x-171x300.webp
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
bfd69aa5d0a8054f0fcfc7628d13017a9607509ea900dc66af635589b9a00453

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:29 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
5258
content-type
image/webp
409708376_18322488913110865_4078540646579955485_n-300x300.jpg
counterretreat.com/wp-content/uploads/2024/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2024/05/409708376_18322488913110865_4078540646579955485_n-300x300.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
73063ceb468637554c66968ca87791c10fed062c2f905c6449afc884c8545d5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:29 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
18358
content-type
image/jpeg
Screenshot_20220922-110240_Gmail-300x217.jpg
counterretreat.com/wp-content/uploads/2024/05/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2024/05/Screenshot_20220922-110240_Gmail-300x217.jpg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
7032798233a03c658a9b7543f92c71c823bc2bfa113f02f38b6cd01fd0d161ac

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:29 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
16701
content-type
image/jpeg
pexels-photo-259588-300x200.jpeg
counterretreat.com/wp-content/uploads/2024/05/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counterretreat.com/wp-content/uploads/2024/05/pexels-photo-259588-300x200.jpeg
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
bef27744251b5a8dc442c627f493c2e49db2c45091be85036253fa9b3ec51a53

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
last-modified
Wed, 05 Jun 2024 15:49:29 GMT
server
nginx/1.15.5
accept-ranges
bytes
content-length
15488
content-type
image/jpeg
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.8.1&blog=52118501&post=0&tz=0&srv=umeandthekids.com&host=counterretreat.com&ref=&fcp=0&rand=0.09853695640966742
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 08 Jun 2024 02:10:28 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
sdk.js
connect.facebook.net/en_US/ 		299 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=17bf97d239a8e366db799718bc17e652
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
8130e04d3950768c15f58ad0e57377767f0d683c4f9371f3e29c0d5a2937441d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Origin
https://counterretreat.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 08 Jun 2024 02:10:28 GMT
content-md5
wPwAmRFntqrTSMp8oHs5eQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87597
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4309, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
oKxBqm9PpfNeFqZOjvASOTHi3D2pph0qfU8g1uLVRi4Lk7qZ0InVqoS/TaHP1jUpCeLLl4hbJnZ5pBUYBmscrA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
24acdf03947b7bac06739f9b66201519
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b2108cac08a9678d15bc3f3d99660096"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 08 Jun 2025 00:55:00 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035233&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1717812628518&ns_c=UTF-8&c7=https%3A%2F%2Fcounterretreat.com%2F&c8=U%20me%20and%20the%20kids%20-%20UK%20Lifestyle%2CParenting%20%26%20Beauty%20Blog&c9=
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-86.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
via
1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
HPp-s5qSgk1SSUoK07B2zZtiOUs4Dt6qkWGCm_gD9FipL-Mzbh2FVw==
x-cache
Miss from cloudfront
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4339167219884835&plah=counterretreat.com&aplac=true&bust=31084345
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
19b9666b72bbee7a89c65aa34863d255836a7b19b7a4ada87c28d2482a28bc29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147237
x-xss-protection
0
server
cafe
etag
553549636237889379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 08 Jun 2024 02:10:28 GMT
collect
www.google-analytics.com/j/ 		4 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=696575634&t=pageview&_s=1&dl=https%3A%2F%2Fcounterretreat.com%2F&ul=nl-nl&de=UTF-8&dt=U%20me%20and%20the%20kids%20-%20UK%20Lifestyle%2CParenting%20%26%20Beauty%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=432378866&gjid=534856287&cid=602481152.1717812629&tid=UA-40498201-1&_gid=1130951753.1717812629&_r=1&_slc=1&z=793060752
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 02:10:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://counterretreat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JE8DPET31W&_ng=1&gtm=45Pe4650v9118470003za200&_p=1717812628293&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=602481152.1717812629&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717812628&sct=1&seg=0&dl=https%3A%2F%2Fcounterretreat.com%2F&dt=U%20me%20and%20the%20kids%20-%20UK%20Lifestyle%2CParenting%20%26%20Beauty%20Blog&en=page_view&_fv=1&_ss=1&_ee=1&tfd=768
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TQTHS3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 02:10:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://counterretreat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-JE8DPET31W&cid=602481152.1717812629&gtm=45Pe4650v9118470003za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TQTHS3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 02:10:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://counterretreat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-JE8DPET31W&cid=602481152.1717812629&gtm=45Pe4650v9118470003za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1443200710
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 02:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/ Frame DB1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4339167219884835&plah=counterretreat.com&aplac=true&bust=31084345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://counterretreat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
27818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jun 2024 18:26:51 GMT
etag
3711839061170457607
expires
Fri, 21 Jun 2024 18:26:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 4270 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4339167219884835&output=html&h=250&slotname=2954446394&adk=1791392661&adf=3423917924&pi=t.ma~as.2954446394&w=326&abgtt=1&fwrn=4&fwrnh=100&lmt=1717602744&rafmt=1&to=pso&channel=WordPressFront&format=326x250&url=https%3A%2F%2Fcounterretreat.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717812628667&bpp=4&bdt=632&idt=172&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=5524495490768&frm=20&pv=2&ga_vid=602481152.1717812629&ga_sid=1717812629&ga_hid=696575634&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1027&ady=4320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084349%2C44795922%2C95332916%2C95334508%2C95334528%2C95334571%2C95334579%2C95334829%2C31084345%2C95334052%2C95334159%2C31078668&oid=2&pvsid=252481686306217&tmod=549144130&uas=0&nvt=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4339167219884835&plah=counterretreat.com&aplac=true&bust=31084345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://counterretreat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 02:10:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 9E3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4339167219884835&output=html&h=280&slotname=2625929594&adk=3639587812&adf=558060627&pi=t.ma~as.2625929594&w=1140&abgtt=1&fwrn=4&fwrnh=100&lmt=1717602744&rafmt=1&to=pso&channel=WordPressFront&format=1140x280&url=https%3A%2F%2Fcounterretreat.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717812628671&bpp=1&bdt=636&idt=243&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=326x250&correlator=5524495490768&pv_ch=WordPressFront%2B&frm=20&pv=1&ga_vid=602481152.1717812629&ga_sid=1717812629&ga_hid=696575634&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084349%2C44795922%2C95332916%2C95334508%2C95334528%2C95334571%2C95334579%2C95334829%2C31084345%2C95334052%2C95334159%2C31078668&oid=2&pvsid=252481686306217&tmod=549144130&uas=0&nvt=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4339167219884835&plah=counterretreat.com&aplac=true&bust=31084345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://counterretreat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 02:10:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40498201-1&cid=602481152.1717812629&jid=432378866&gjid=534856287&_gid=1130951753.1717812629&_u=IEBAAEAAAAAAACAAI~&z=1206695811
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 08 Jun 2024 02:10:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://counterretreat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 02:10:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame CDA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4339167219884835&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1717602744&plat=1%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&channel=WordPressFront&format=0x0&url=https%3A%2F%2Fcounterretreat.com%2F&host=ca-host-pub-2644536267352236&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~28~30~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_18~28_16~30_23~27_4&aiixl=32_9~28_4~30_6~27_3&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717812628671&bpp=1&bdt=636&idt=270&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=326x250%2C1140x280&nras=1&correlator=5524495490768&pv_ch=WordPressFront%2B&frm=20&pv=1&ga_vid=602481152.1717812629&ga_sid=1717812629&ga_hid=696575634&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084349%2C44795922%2C95332916%2C95334508%2C95334528%2C95334571%2C95334579%2C95334829%2C31084345%2C95334052%2C95334159%2C31078668&oid=2&pvsid=252481686306217&tmod=549144130&uas=0&nvt=1&fsapi=1&fc=896&brdim=350%2C350%2C350%2C350%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=308
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4339167219884835&plah=counterretreat.com&aplac=true&bust=31084345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://counterretreat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 02:10:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40498201-1&cid=602481152.1717812629&jid=432378866&_u=IEBAAEAAAAAAACAAI~&z=744159208
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 02:10:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40498201-1&cid=602481152.1717812629&jid=432378866&_u=IEBAAEAAAAAAACAAI~&z=744159208
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 02:10:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
defer.js
counterretreat.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/defer.js
Requested by
Host: counterretreat.com
URL: https://counterretreat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 08 Jun 2024 02:10:29 GMT
server
nginx/1.15.5
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240605&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4339167219884835&plah=counterretreat.com&aplac=true&bust=31084345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c222c16a539cfa798a5ee27d7235b2a99fb34258bc4ff1ca16458effa2de2d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12606
x-xss-protection
0
favicon.ico
counterretreat.com/ 		616 B
674 B 		Other
General
Check archive.org
Download Go to
Full URL
https://counterretreat.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.93.228.190 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
fab8d59706459aa334a40df9ed46f05ba408833b902c68e2c8fa26beabaf6699

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:29 GMT
server
nginx/1.15.5
content-length
616
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4339167219884835&plah=counterretreat.com&aplac=true&bust=31084345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://counterretreat.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 08 Jun 2024 02:10:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://counterretreat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
15214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jun 2024 21:56:55 GMT
expires
Sat, 07 Jun 2025 21:56:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www2.glam.com
URL
http://www2.glam.com/app/site/affiliate/viewChannelModule.act?mName=viewAdJs&affiliateId=1751658455&adSize=320x50,300x100,300x150,300x250,*x*
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240605&jk=252481686306217&bg=!3N-l35DNAAb64txl2uI7ADQBe5WfONjPfvRIy_JMFGly_EW86w0UWrLA0e5GPGhn0kqeRPMApJqsQEV-LTIs589URhhVAgAAALVSAAAAAWgBB34ANRDkhTjaugqblWwWlCEc3hxx9-CUso_FxoXOlQHMrvgxmD36Dgn0NNIQBJG41GO4-_KbU5xFmQKp5toIydwWASnpy1LvgKqP9R4A7wMoZDwnpYfXZPqiEpioHAQlHJJpdyZgTH28zrhTs7EYQquAcsvUklEwO4FeNJ6PknThTRc7B7brJDUgxeRdp8PjWH_0j_rbQG5Pc_xjQYomMZBlcyMq3vXPaZUirdsDcbIq9w6RR-ZlIGYIx9lx_EJ4SVGj2q18slFG4ytjZhpufyB6OQr9w9Kbt3Tm7LbMuf8sf0ufS-Jo9i0uRmPISCxPC0DljtoJUCnoo6-pR4Jky12hQ-mxtZa_ctjvKz4nIPCiETzElFTItfz8LGlrz_iEsdnuEWJMgd2wpJthvC9lfydyCm-aPpFt-2tuDI_LeBN9gzlICzTvLcP3S-udWi_Zkke-vJ6QD5skIKYDm_c21nvSvp-JSRbcc5qAbb-N-bHIGSk0lmWyHBXdDOxOHrqDyk2nksgt45Es50lkAf5GwinLMDHQbY12Im1jpYntwKZr5-xxyPJ3wh45PSD-F9pnVlrEPGdn3hTsIqkWlNseVd1mixxPFklUg9kWit_enfDzfLMSwaLmg7iXFD7qMxsLkNikUia55i3yrXTDldLcYZxat2PE7hFk8yb1fibYtUsdtrf2-4HqGKuGbsunGjSgc8EUXv88Gy5goI7isEAEPGHDo9QHAiJ1e72jjfcMnj5-JAn1X2W4bp4qi12LZR1fFdFGcX37fv9b9BMM0rdax_uIV7GkvH7XtqRj1QN1FQAtWWyKrxZwasKJfZhyPGA3v7YBSH5q2rbobJpGX9wbxBaZ23EIZ-bOo-WvCoo2ERitIiMMmpkD4N3E87KH1-3BOJlijdzXj1ZioY_Mt_xAwVtx14dPh5I1hi_DayNuwrz1GHG0hlrTQbcCxY13kr9fiXfjRzTG2uN_p1t3hkozUM5k_yte

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERENCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| gtag object| dataLayer string| ajaxurl object| _comscore function| downloadJSAtOnload string| GoogleAnalyticsObject function| ga object| dynamicgoogletags object| google_js_reporting_queue object| adsbygoogle object| jpibfi_options object| wp object| _stq function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| jpibfi_debugger object| FB object| COMSCORE object| ns_p number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager object| gaplugins object| gaGlobal object| gaData object| twemoji string| google_user_agent_client_hint object| googletag object| __buffer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| GoogleGcLKhOms

6 Cookies

Domain/Path Name / Value
counterretreat.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
counterretreat.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.counterretreat.com/ Name: _gid
Value: GA1.2.1130951753.1717812629
.counterretreat.com/ Name: _gat
Value: 1
.counterretreat.com/ Name: _ga_JE8DPET31W
Value: GS1.1.1717812628.1.0.1717812628.60.0.0
.counterretreat.com/ Name: _ga
Value: GA1.1.602481152.1717812629

21 Console Messages

Source Level URL
Text
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/12/20-Amazing-Unicorn-Party-Ideas-for-Kids-260x457.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/11/20-perfect-princess-party-ideas-for-girls-260x351.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/frozen-party-ideas-260x322.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/09/10-truly-awesome-Peppa-Pig-birthday-party-ideas-260x371.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/09/21-Star-Wars-Birthday-Party-Ideas-260x423.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/featured-in-the-telegraph.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/11811512_10205819763906822_4296907300264807455_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/interior.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/travel.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://counterretreat.com/
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure script 'http://www2.glam.com/app/site/affiliate/viewChannelModule.act?mName=viewAdJs&affiliateId=1751658455&adSize=320x50,300x100,300x150,300x250,*x*'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/12/20-Amazing-Unicorn-Party-Ideas-for-Kids-260x457.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/11/20-perfect-princess-party-ideas-for-girls-260x351.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/frozen-party-ideas-260x322.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/09/10-truly-awesome-Peppa-Pig-birthday-party-ideas-260x371.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/09/21-Star-Wars-Birthday-Party-Ideas-260x423.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/featured-in-the-telegraph.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/11811512_10205819763906822_4296907300264807455_n.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/interior.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://counterretreat.com/(Line 428)
Message:
Mixed Content: The page at 'https://counterretreat.com/' was loaded over HTTPS, but requested an insecure element 'http://counterretreat.com/wp-content/uploads/2015/08/travel.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://counterretreat.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://counterretreat.com/defer.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
connect.facebook.net
counterretreat.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
l.sharethis.com
pagead2.googlesyndication.com
pixel.wp.com
platform-api.sharethis.com
region1.analytics.google.com
sb.scorecardresearch.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
umeandthekids.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www2.glam.com
pagead2.googlesyndication.com
www2.glam.com
108.138.36.86
142.93.228.190
157.240.252.13
172.217.16.130
172.217.18.4
192.0.76.3
2001:4860:4802:34::36
217.195.154.11
2600:9000:26da:f800:c:abe:f440:93a1
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9d
2a03:2880:f084:d:face:b00c:0:3
3.123.164.182
54.230.228.32
02385642eb27ab307765b9bbef3d47e45d95385efbbb07ce638c114ec2ddcd2b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12e424ca24a47bb4243cdde1522fe9c8f5a4dcde5a5e20534508e1d9acb7ac95
143f31168639e528e09163d9139515d7f0f36928139da3ad3282c53bce0aadca
19b9666b72bbee7a89c65aa34863d255836a7b19b7a4ada87c28d2482a28bc29
1ab6102e070c094f46e8607da1b5663181ac426c8ef7656060bdd7ee258b2639
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f34a09e6b6864c2a2fdd57f4ec6b3d6446c046ec08d23b90ce057deb86f1a63
3295f8585be498c6cc107bdd13d65496bf7c4cd186da851d0b9f445db56250f4
3cb0a08013ba5bc50bf5f6c990af85ba0c0b9bda7f410a4c6c23edd58fb2d06a
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
420033f9eaf95478a450e558f93ae6d7a5ad950c3e78f38832b47f9e2164418a
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
46b4a4cb67108bf0f12af087b467b92d5848a962be308e1d8e5c913f35649ea0
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
59a5f78c8c0c93ac9749ee7f92a67ce45b4864d345d387d5892069dd73543974
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6c601e5958f9ac63588e90f6c17b9117fe1a155c1ead84a8c1a963f2597d2f9c
6ca663ffc7d06bb83d81ed5f74d2d361311b0bbcead435e028e6801dca3eebb0
7032798233a03c658a9b7543f92c71c823bc2bfa113f02f38b6cd01fd0d161ac
7095c205064ede7e49ba0968aadf00fb0300146a2dc8cd0b2b004245ce27be4b
73063ceb468637554c66968ca87791c10fed062c2f905c6449afc884c8545d5f
8130e04d3950768c15f58ad0e57377767f0d683c4f9371f3e29c0d5a2937441d
8258853dd48d21c31f56050b57b2b0f7e5a0873ece636cf286d28df782251d7c
840641fe628c65b28a3d42f7d6aade0b4a64693a96d8b5592ba8b57c4e964578
8f1849006d013b3d7ec8c607ded9a3c68a8dedbe4eeef67026e795109a7604b4
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9cfad7b80f1a8a3172dedf5b68fcf431338f263fb5ae7de8660096107ffbbe16
a394d07eeb2da60d2408019ef311e84068f6ab414f1b4b45509d9182179c8b49
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba00dbce4232204e61a5fd28c491fd61a1972724b45c3f00dbd495c3ea57cf8a
bbc09d9e796acd349fce6a1fc3daa6d820bc55742031ba097336ce3749947d28
bd452de25fd780699cebd00109d57d9f3f4117bfa6eceaf2ad93d860508cb8ec
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bef27744251b5a8dc442c627f493c2e49db2c45091be85036253fa9b3ec51a53
bfd69aa5d0a8054f0fcfc7628d13017a9607509ea900dc66af635589b9a00453
c222c16a539cfa798a5ee27d7235b2a99fb34258bc4ff1ca16458effa2de2d51
c559b1b391c8e8f323bbd5e3e31619a3f53ad821b0d2e949021f046fee1d0812
c6d0d78d73c8618c4c22287fb022469bfc689b5eb6f58523b49c0ecf4c306e2f
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f424833e71a08eb61f05e468c3d6fddfd613f022f2ea28f0b4582b50bbdb3983
f496e07103d16733e37931c80067cabde1102e631ddf431642247c50f813c176
f4b71e0bbe179d86b854aa036dfa8898ddb76774dbbd2972f94ee227829f7689
fa9d5bd507feb5e9526dd379b757258c468f5688946d994012ed923d9d09034b
fab8d59706459aa334a40df9ed46f05ba408833b902c68e2c8fa26beabaf6699
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4