urlscan.io logo urlscan.io
SecurityTrails logo

sousou-no-frieren.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sousou-no-frieren.com/
Effective URL: https://sousou-no-frieren.com/
Submission: On December 27 via api from US — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 3 countries across 18 domains to perform 116 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sousou-no-frieren.com.
TLS certificate: Issued by GTS CA 1P5 on December 24th 2023. Valid for: 3 months.
This is the only time sousou-no-frieren.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
26 2a06:98c1:312... 13335 (CLOUDFLAR...)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.75.120.193 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.186.98 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 185.89.210.212 29990 (ASN-APPNEX)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.214.121.166 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.36.162.12 20940 (AKAMAI-ASN1)
3 142.250.185.162 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
7 2600:1f13:800... 16509 (AMAZON-02)
116 26
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
sousou-no-frieren.com
26    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
sousou-no-frieren.com
19    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
5    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
13    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    52.214.121.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
5    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    23.36.162.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-12.deploy.static.akamaitechnologies.com
cdn.mookie1.com
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2600:9000:223f:7a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2600:1f13:800:7780:8654:ca58:77f:995 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
432 KB
27 sousou-no-frieren.com
sousou-no-frieren.com
410 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
115 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
102 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
78 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165
onesignal.com — Cisco Umbrella Rank: 1473
img.onesignal.com — Cisco Umbrella Rank: 7322
87 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
134 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
1 mookie1.com
cdn.mookie1.com — Cisco Umbrella Rank: 37578
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
80 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7364
25 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
94 KB
0 -egg.com Failed
-egg.com Failed
116 18
Domain Requested by
27 sousou-no-frieren.com 1 redirects sousou-no-frieren.com
19 pagead2.googlesyndication.com sousou-no-frieren.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
13 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
sousou-no-frieren.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
sousou-no-frieren.com
googleads.g.doubleclick.net
7 dt.adsafeprotected.com googleads.g.doubleclick.net
5 s0.2mdn.net sousou-no-frieren.com
s0.2mdn.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 googleads4.g.doubleclick.net sousou-no-frieren.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 onesignal.com cdn.onesignal.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com sousou-no-frieren.com
googleads.g.doubleclick.net
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects sousou-no-frieren.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com sousou-no-frieren.com
googleads.g.doubleclick.net
2 www.google-analytics.com sousou-no-frieren.com
www.google-analytics.com
2 cdn.onesignal.com sousou-no-frieren.com
cdn.onesignal.com
1 cdn.mookie1.com s0.2mdn.net
1 img.onesignal.com sousou-no-frieren.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 i.imgur.com sousou-no-frieren.com
1 code.jquery.com sousou-no-frieren.com
0 -egg.com Failed sousou-no-frieren.com
116 27

This site contains no links.

Subject Issuer Validity Valid
sousou-no-frieren.com
GTS CA 1P5		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
onesignal.com
E1		 2023-12-25 -
2024-03-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ak-dvsan01.mookie1.com
R3		 2023-10-26 -
2024-01-24		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh

This page contains 16 frames:

Primary Page: https://sousou-no-frieren.com/
Frame ID: 189ABADF4D364EBAB33A8C96706945A8
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 75464C556B13A7AC3356DE96078DB4E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&adk=1812271804&adf=3025194257&lmt=1703671975&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fsousou-no-frieren.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703711188077&bpp=5&bdt=414&idt=444&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4848344550610&frm=20&pv=2&ga_vid=429877986.1703711188&ga_sid=1703711189&ga_hid=1108008592&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C95320869%2C95320885&oid=2&pvsid=3016253941172615&tmod=281962794&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467
Frame ID: A5867CAAD42B8139ACFA8B72B18BCF25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&h=280&slotname=3142155850&adk=2997177160&adf=33086468&pi=t.ma~as.3142155850&w=920&fwrn=4&fwrnh=100&lmt=1703671975&rafmt=1&format=920x280&url=https%3A%2F%2Fsousou-no-frieren.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703711188082&bpp=1&bdt=420&idt=469&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4848344550610&frm=20&pv=1&ga_vid=429877986.1703711188&ga_sid=1703711189&ga_hid=1108008592&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=180&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C95320869%2C95320885&oid=2&pvsid=3016253941172615&tmod=281962794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Frame ID: 199C77DD80658E765D588C2BAABD5D95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 73A77B3440D658E141555E332B13B613
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6759908023A403EAEECF590F807326B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzM3t8EELan7OUEGJvU84ACMAE&v=APEucNVzDKcV3lm3c8Q5PgeZcFVcpNRgJg549ZGJD08Kk2nStlsIfjzTZDR7KqneQiuBVHVmoS2g6KjAoUK_PzwseRB_a7rSZYqZIY3UjZ1sG5IATdxW1mMqhQktDmfhUqXYmNsFoK1KDAyNtO1Othv6FZwpjN1GouAZBwJbryOomvO104V5SLY
Frame ID: 459CE7CF2DE7906865EAD71D658C494C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 907E4F82D9BDE17F8769CF9CBEFBE639
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400
Frame ID: 053667FCF0239BD294BF4F46D7E04F81
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7D26BEC210DF9E7F3300D7618918D4F2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4CA57D33D4531217CDD881FBD639065C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0E7473066ED4366B8944D485E6D9385
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 04E4AE5967218E18BD69FC9C305EBA3E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: BEBFF5777091B2175313A079431139DF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
Frame ID: F9F05DC9DCB2A8A7A56EC70597A0E8EF
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B639F27D7257053CF11EF6C9A71608AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Read Sousou no Frieren Manga Online - English Scans

Page URL History Show full URLs

  1. http://sousou-no-frieren.com/ HTTP 301
    https://sousou-no-frieren.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

94 %
HTTPS

73 %
IPv6

18
Domains

27
Subdomains

26
IPs

3
Countries

1715 kB
Transfer

4793 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sousou-no-frieren.com/ HTTP 301
    https://sousou-no-frieren.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
Request Chain 73
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYyR1fHe8Qxi0oTMA-qoAAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
Request Chain 74
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJXS4BCwxPyX4rXfueLw0gA&google_cver=1
Request Chain 75
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI3OTU5MjQzMDkzNTY3NjAxMw%3D%3D
Request Chain 81
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 97
  • https://fw.adsafeprotected.com/rfw/st/1876851/77077875/4.js?adContainerId=brand_safety_1ZGMZaS8Le_ox_APkcmg6A4&cbFunctionName=goog_wrapCb_1ZGMZaS8Le_ox_APkcmg6A4&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fsousou-no-frieren.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fsousou-no-frieren.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-3327298579154787%26fa%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:683bf6e3-9424-ed02-8a9c-66552bc92747,c:y2nalv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-qvqgw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tZFYwO7+11%7C12%7C13%7C1411%7C1412%7C151*.1876851-77077875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:ce56de65-a4fb-11ee-925d-722029d4e4d9,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sousou-no-frieren.com/
Redirect Chain
  • http://sousou-no-frieren.com/
  • https://sousou-no-frieren.com/
158 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1526a7a7d55c85044688dd32d05f976d5ab0768d4e801c3c81046544e02fb0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83c48709bbceb505-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 27 Dec 2023 21:06:27 GMT
last-modified
Wed, 27 Dec 2023 10:12:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ%2BevLNWCnlmyL5ZvrCJFn163%2BIhAKuKbbAAK4wQQCzWo%2Bas2o2uHHPt9DjlgEi84SwJ9ABQha57apIjOEEvhD4%2Bvf8YCbuUaLtyiYt3xEEou0pcSddVPh4x6Ed09sU46Gdk0fzwrR%2BnTRTxitSoytIAGXM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
83c48708dbe056a5-OSL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 27 Dec 2023 21:06:27 GMT
Expires
Wed, 27 Dec 2023 22:06:27 GMT
Location
https://sousou-no-frieren.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g7uLGsbpUGfIV1IptiCBFvMVK0%2F2Fp%2FJY78PJWDOOXW%2BWYY2YHLVQLq3E1CDQN3H1XNjXS6iQD7VyJb2pJqOfMsvYDK3oMdxRIM8BXxQAyJczxwoAx%2Fs696kBfiwTORAbi0bcuxvdCJDZA8ZqPJALn6L60%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79aa589ea67e7cf0948e93747d340979e46b9ea4542c3755abc1ac09e4ec0ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sousou-no-frieren.com/
Origin
https://sousou-no-frieren.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51584
x-xss-protection
0
server
cafe
etag
5979087690301577368
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:06:27 GMT
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
via
1.1 varnish, 1.1 varnish
age
8908988
x-cache
HIT, HIT
content-length
95957
x-served-by
cache-lga21975-LGA, cache-bma1632-BMA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1703711188.797206,VS0,VE0
etag
"28feccc0-176d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
32, 71316
style.min.css
sousou-no-frieren.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 08 Sep 2021 23:30:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGijR3rKAkkrtoOF%2Fko34ccOt8WXi9W8hzwjfzShuaTpCpx%2BVQlEuHsfXov2eL7uUvjsqGai%2FrEmQHvxNkSZFkMSZEkGZF0HftjkFt4u74E%2B3zYFyzNBf3oC6AZc7Ob1QdQdwiKjieotX8SVnnyUf2lLpZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d88b505-OSL
alt-svc
h3=":443"; ma=86400
styles.css
sousou-no-frieren.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 27 Apr 2022 05:30:18 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2731
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBdqlocQsWCSsz%2BKf%2Fymg4vC8m62LHMYuoU1MA%2FpgngLIwqbM89bXCzqlyRelvPSqS6KZz7dcKIDi5N8ZNIXiUMK0P81hC4JFuyvBh43R2gWuGUUO1LFX225VK1fohpw2YBT5vRnZj3iMHr1wrB3MslFhkM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d8ab505-OSL
alt-svc
h3=":443"; ma=86400
frontend.css
sousou-no-frieren.com/wp-content/plugins/wp-dark-mode//assets/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/wp-dark-mode//assets/css/frontend.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8d41eb43d715f41aa6a2f05ca10b37a556debf3cb3be69cc34eb771f2bfa0a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 27 Apr 2021 15:10:54 GMT
cf-bgj
minify
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pogCu7FCV%2BCT%2BFWXOhwUXcoQWrNl%2BTWwjJzLibe%2BRlAHh%2B1jZQZmM7bUHRUBplyykAoL0yEzN4atpX2%2BeS8rQS0A7%2FaUjiCfA97UBG0i%2Bm9S5obPx5yWzVJwJ8iyeJpnhUByMFJWclkV0faiYfj19sCvwUo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d8bb505-OSL
alt-svc
h3=":443"; ma=86400
bootstrap.css
sousou-no-frieren.com/wp-content/themes/Ifenzi/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/css/bootstrap.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sun, 25 Apr 2021 02:26:06 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=124948
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sl9M3EqF046WqXiGkZ0MoN8U3CwlKbKvW2EtXxVQ8CUNSVB8dO0QHsVmjOBzmh8Vr05mykIqeVBDFgB6x15FGf5zcAcgn1htLorepEV%2BXRJ%2BM7CYs8ZbDEhzSY%2FeE90qN0EYJhJGa7AO%2BUMWjcS%2FCnTVtT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d8cb505-OSL
alt-svc
h3=":443"; ma=86400
style.css
sousou-no-frieren.com/wp-content/themes/Ifenzi/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/style.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 08 May 2021 08:38:12 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=24746
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ijs0rRXHrw7FsebKr%2B6UTvDZP7BsEv5gjsA8yQhZfpI9GW%2FfOCT4nGx3rIcIrGXQdFQhstcdqc5E88XULZ%2Bb5I%2B3otmSoNMCU7MHtMxEIqOHXmNmhFneArJIngRK8YRylYMLLHcSb4YrTSIS7Xl3oM4UviM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d8db505-OSL
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
sousou-no-frieren.com/wp-content/themes/Ifenzi/font-awesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 03 Apr 2021 04:10:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdEYNvhWJakGnEAgEGTiSBNo%2BXVQkJnJuPBuR0UhO%2FwihOobmJ2C%2FxlSMzdFTn8XPM4x4ajGpcGiin6TqZcq6X%2B9vJDmZ8eqXE7Zq%2BLvaywzN0o4Q2LiXfjWbE2JykuDVpKxej42kN7cmP2%2Bs8IXh%2BLngGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d8fb505-OSL
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd82f6fc030a4b38eca7176b079619808ba33965e942cf6273c18dac1ddb39c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Dec 2023 20:55:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Dec 2023 21:06:27 GMT
essb-subscribe.min.css
sousou-no-frieren.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-subscribe.min.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a6d5271e675e56a1da3ab0ddac24e70a88e7581adf9affc809d147780bef1d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 27 Mar 2021 10:21:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmcS8TcTeQhsS3IGTQWTkzcNB6ggVCbtS1fq63ldsnRKMPGHNwio1uWoEhGiPAUXWkNy1QzzhaWWIuaRFjz0I%2F9AZMmVs%2BDCaxL9zeiJkdhnmUVBe2J7NtDon%2Fd6NB%2BDoj%2BTlOYSV0XefDYr%2B8kt3RcbWuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d90b505-OSL
alt-svc
h3=":443"; ma=86400
easy-social-share-buttons.min.css
sousou-no-frieren.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 		119 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d9183dac3e1ddde897b5a1718d18f42b50c6ab8fe9deab8b29f04bd2cb2d8b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 27 Mar 2021 10:21:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FTpb7w5ylXR2My2Hk12n6nXDd%2BfQPQ5Nl8YYvLSKcnfPq3R%2FsOWSWic0U9UNRUcdi1unuOLmSKwJaMgZT68M%2Fa%2BjfmPoL0IeNFv08tM4ITMarghRDTP%2FiguDzv3E5qckJGJC%2FXp2zAMsaxAzXlotcnUByU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870b1d91b505-OSL
alt-svc
h3=":443"; ma=86400
dark-mode.js
sousou-no-frieren.com/wp-content/plugins/wp-dark-mode//assets/js/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/wp-dark-mode//assets/js/dark-mode.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d3476db1f13a153b033ed8f4deef7a4bce2fbf48a3316b9f6bf25708a33bf87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Tue, 27 Apr 2021 13:47:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=180879
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJE6nExdeQM2LMWHRrGh93BFeu4oYLqe2cJo9EtRj7bLAZtG1p0AQXFYsnD2mn94SZ8RQICYkxfCRmNG%2FjKxzVSrQq1ltvEw2t3DW7mlw9H4bqcKCrNKdcgB6K1rniNJvYYJCXiMuRYwBZ%2FVfTJy710%2F6SU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870b1d92b505-OSL
alt-svc
h3=":443"; ma=86400
jquery.min.js
sousou-no-frieren.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 08 Sep 2021 23:30:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CebQOYc5YbLrSeaUt1MtSDqArTEA%2BIx0HvdHgGte9YWEC6i3P%2Buc0PLFE0US3Gju0LFlqltUxg2j4CCP4h5weKy%2FSER0Jl7199T3EowQWKoN8X%2BaNqux2hHXbFi9aLOrwsoCi7miowPWrU6n6yiRJZen4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870b1d93b505-OSL
alt-svc
h3=":443"; ma=86400
cVoL8WD.jpg
i.imgur.com/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/cVoL8WD.jpg
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
6de91cc679c05f589449ae7e246ef42411de2ff3db8e238f2de43106449edeee
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-C4
age
4950549
x-cache
Miss from cloudfront, HIT, HIT
content-length
24717
x-served-by
cache-iad-kjyo7100065-IAD, cache-fra-etou8220056-FRA
last-modified
Sat, 03 Jul 2021 23:03:57 GMT
server
cat factory 1.0
x-timer
S1703711188.975959,VS0,VE1
etag
"e54fd730b8ef7cfe454e3d003b21e0bf"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vjsTIgOMkKxoRAdcmOLyaHf-xpgyQXfiB4skRQZa_qazuHncNvd1ig==
x-cache-hits
1, 1
icons.css
sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:27 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 11 Dec 2023 01:38:11 GMT
server
cloudflare
age
4071
cf-polished
origSize=37491
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN4Xc0QE%2FtWfqNaS5YdHAxMsJbn3ICnHxVWbLvdvGzSAEWglFkLDtAzVwBtjfh0NcwOLEifUCiJUkSNaaA4enQr3oGNh%2FqYruLlx0lK3F7Frt9Zp0dpm5VotYQfE6uwIJO%2BXYyVXUqzZhJ6Ks9nuIecWFfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870bd9da1c16-OSL
alt-svc
h3=":443"; ma=86400
shortcodes.css
sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1690266a4def354da2feda545468781eefe065dab28c28e115ef23160308206b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 11 Dec 2023 01:38:11 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=45539
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L24Yf51ZHk0snDx2eDCRAxwLduHJezNgmoC0evkDismezXcOquR3K6ksX3Iw05LRNlFRou3Nr6URyne3KPge44PXxNQ91yeqHjE5IuSO4xSf9e6xLpvkW3KBvfp%2FF0u2BoaJbg0JsRnAsS8wqXzgPY3BGR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83c4870c1a0f1c16-OSL
alt-svc
h3=":443"; ma=86400
regenerator-runtime.min.js
sousou-no-frieren.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 08 Sep 2021 23:30:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKuOcf%2BYltDcgM0qt%2BC%2FQ1C89Paw%2Bkc9Tl0IPKRxt7AZGmz5Uugt3L%2BonANVmfc%2F%2FqBXxNKmglKPhdwoPN4soXvVi%2BlNBFK%2F0mDLZX20Y5v5dqhQ3AJZ%2FWqm2rJeyTiEg%2BLu8bNwt2S3nbglGoOiHxf4ZNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1aed1c16-OSL
alt-svc
h3=":443"; ma=86400
wp-polyfill.min.js
sousou-no-frieren.com/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 08 Sep 2021 23:30:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gE8b3lVYuufCrenc3wb9Jbb9gi%2BS4ac%2FnuiZGoVSd1AH%2FxSDkzWaFLvR13dr9xP0Siztc0L5OVKSe10jrVaYoorZ1ZWKQkPwlMqiZhtNA1lU0pQVCDfbz4qaOahz%2B1gVBcaODN5bbqohqPQqpHKw%2FlEII2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af01c16-OSL
alt-svc
h3=":443"; ma=86400
index.js
sousou-no-frieren.com/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 27 Apr 2022 05:30:18 GMT
cf-bgj
minify
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZAwKED1NexY5owutFAR5ecsC%2Bd3Q%2BTAJZDsz1GPGCQDXIkP7WH0ldY7Sm%2Faf9lYG%2FO%2FumYizr%2FOG1ZaS5tQU2Zi9J7Q2jqRUNq06a5L2CuNXkCniF5eg90ul2yrN5e5De15p4Oiz3es2JMRXBKhy8QixFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af11c16-OSL
alt-svc
h3=":443"; ma=86400
frontend.min.js
sousou-no-frieren.com/wp-content/plugins/wp-dark-mode//assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/wp-dark-mode//assets/js/frontend.min.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05614e931955c71e4f9c792381923a5556b19bf372ae3f834d735f5939bb3447

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 27 Apr 2021 13:47:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BSjsUwB%2B6wwRP9WdfYASRMEJMr5nCd4X0%2BpnNn3HeKxbsaYZicV0nmXcvXarKfauBrQ4HapJ3QV4SkpTDdkSzWONe5zpiJwV9RIxue%2FPWPKCCL41l7zq%2FymOrtXuW1yV6%2B%2FBAwvSfjoVYkCy0OjBsWJ%2FGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af21c16-OSL
alt-svc
h3=":443"; ma=86400
bootstrap.js
sousou-no-frieren.com/wp-content/themes/Ifenzi/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/js/bootstrap.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 03 Apr 2021 04:10:24 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=36790
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcV02Q5W20A9CskyDaybEl6CMeI5TITMPp5yaNHJFgx13x9iCgiVaongIgFdDm9s2%2F6TkF%2BlFS5013MjGlgc1v6rby9fs4oMUN%2Ba1L6i32vKNSjC5kqhWdA1KglRVQe8Ql1sxUh%2BgsscdZjDclKv5VGFOl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af41c16-OSL
alt-svc
h3=":443"; ma=86400
skip-link-focus-fix.js
sousou-no-frieren.com/wp-content/themes/Ifenzi/js/ 		588 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 03 Apr 2021 04:10:24 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=751
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKsRpkZurO7mIWgNOEaJV9WU8QI4TftyaqV76VVjv99W3UTZWD879BWJTIZKWLUuESkjfkpavwGJYrF4U4Hr9E06r8OaH9PKJrW472oBdsc%2BC%2B7KSzJGO%2BRSuWPhI8uitcGAzhaUgJu5cZUKw8UQ1KoBKXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af51c16-OSL
alt-svc
h3=":443"; ma=86400
lighthouse.js
sousou-no-frieren.com/wp-content/themes/Ifenzi/js/ 		1010 B
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/js/lighthouse.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 03 Apr 2021 04:10:24 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1100
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hns2Yqo3ROTn8fswNu6rgqPAWZhjBYkLYzBIzm72I%2FLvJ8UJTdqFFafXUlzBeiLFOlKXK3D30ic6FFoJR8eNGKJNxeGDjMGrmbNXGUn6T%2FI6D90xd03GTnHUgws8NyI0GmJezZg9IEsYze4W7NK892vjLdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af61c16-OSL
alt-svc
h3=":443"; ma=86400
wp-embed.min.js
sousou-no-frieren.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 27 May 2023 21:03:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLx82pO5HU3iqYADIDutBfAO1qL7yLT%2BYHml3UEHR6r51vzenk9PaeMnfn8TbaCJ9SKQPWEs8HJy6C1gIOEie4JgKuI4FHSBQZ3hdIeorLvI5E0Gd6NQkCIRqcZ6XFxAhR1Cib6EeHW6zKGzIbZQuigWQ68%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af71c16-OSL
alt-svc
h3=":443"; ma=86400
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2611
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83c4870d9dbdb518-OSL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Dec 2023 21:06:28 GMT
index.js
sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c661376fd6275029eba6e35e45ab10a8f70b857fb53dcf442781ab3937231b7f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 11 Dec 2023 01:38:11 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=15777
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GUBI%2BQnpOMNn%2BBe2pOPE7l%2Bvac%2FE8dWkiLmDEyBA%2Bz6kArlZSeMu1tenhet0EAY84zWMcHYkegbTSivVt5RORWgNqoQ2O60b4tUcGkU4%2BpiJVBMzgrTvlRuDcmbFVNrufOQCUfjpvYznYMdfg%2F8%2F0sduS0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af81c16-OSL
alt-svc
h3=":443"; ma=86400
2566c291e59e185c12a331fef1e235f3.js
sousou-no-frieren.com/wp-content/easysocialsharebuttons-assets/compiled/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 01 Jul 2023 10:12:20 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=51946
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O523t3Ca8ZvhbM8ElKTQqdEfSZecWvlp4N%2Ff36N7Z9zaFzmrK5rIGMQWjdRrX%2FjB%2BlUECGLrVlMzQDq22PaQ5nLprFgKOkAl5wV5%2FMhg1vg0xMjyVZ2aC7VK9bYdB8jwTIZCB9gzapBPJfr6Vr8BLaZlVJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1af91c16-OSL
alt-svc
h3=":443"; ma=86400
lazyload.min.js
sousou-no-frieren.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 14 Feb 2021 17:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWzyvgT8UdGoijE7MLQSAg1mSABSgdxdgE7ZaibRR7MVEvW4gf28WcydO9FICv3Q4aHR5eDdcE%2BTckCS6lhJ3yvswlO7euL1u52Jxb9VCLAHlJuyiv7BJR3Ocm7gkP%2BJa7if0fxz6q5v3OFJ1qlfKNGLmWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83c4870d1afb1c16-OSL
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 27 Dec 2023 19:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6243
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 27 Dec 2023 21:22:25 GMT
TxMSyw
-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/ 		0
0
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sousou-no-frieren.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 14:33:15 GMT
x-content-type-options
nosniff
age
196393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 14:33:15 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sousou-no-frieren.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 15:36:20 GMT
x-content-type-options
nosniff
age
192608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 15:36:20 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sousou-no-frieren.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:54:05 GMT
x-content-type-options
nosniff
age
130343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:54:05 GMT
fontawesome-webfont.woff2
sousou-no-frieren.com/wp-content/themes/Ifenzi/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://sousou-no-frieren.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Origin
https://sousou-no-frieren.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 03 Apr 2021 04:10:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4w4OeV2WfoHx0SpTkg56i%2BgeHDVJ6Fj7fuUNIEjTy30K8jSxZATpuEBDrm%2BjIe5StFxPKTszOBNKhyeZpMC3EH6G2WzywE%2F6prw2E9%2BmIPpgp83w%2Bh5JWFpNu6NtpP%2BplYVdW%2BcqGHiIeu0AZLrHNN0kl%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c4870d6b771c16-OSL
alt-svc
h3=":443"; ma=86400
content-length
56780
forkawesome-webfont.woff2
sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer
https://sousou-no-frieren.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin
https://sousou-no-frieren.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 11 Dec 2023 01:38:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZP1qiCH6dgBjqk%2BSLq2Afv3ZF1sRpWXovrFCV%2FX4dglpRT091crdmUwcCC52xcoTXBVJaQ55SXbCQKNVvfxONlxeb38EnOXx2WUdzCAdMcrSdNeWJDrnDQaWT49rw4QCdYA8qtscGth0fKRJneHS7OONhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83c4870d6b871c16-OSL
alt-svc
h3=":443"; ma=86400
content-length
109916
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cb90d387cae95ecb2fe2aacb4cdd199873b8fb62f77427b58cdbdded8c85a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137957
x-xss-protection
0
server
cafe
etag
7554693869695410497
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:06:28 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 7546 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sousou-no-frieren.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
78455
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Tue, 09 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1885
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83c4870eef1fb518-OSL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Dec 2023 21:06:28 GMT
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1108008592&t=pageview&_s=1&dl=https%3A%2F%2Fsousou-no-frieren.com%2F&ul=en-us&de=UTF-8&dt=Read%20Sousou%20no%20Frieren%20Manga%20Online%20-%20English%20Scans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1947593309&gjid=1887902604&cid=429877986.1703711188&tid=UA-201266333-4&_gid=331848382.1703711188&_r=1&_slc=1&z=1651093869
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f44cd6d91d41fe82d88e18673fa861f49e59eb90a6234ccfa2ef8271ff41dc45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sousou-no-frieren.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sousou-no-frieren.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/bb702c99-8f4b-4933-baae-5afffd1ef462/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/bb702c99-8f4b-4933-baae-5afffd1ef462/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846bb8e6d88c53a345ab5091fcaed82ab3a7460e4993ff62daa81a73228ea72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
cf-polished
origSize=3406
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9b1e1ea3-3b8e-495f-8784-3c607829d975
x-runtime
0.034463
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"ba106d6a3bc1d6860972f041a1ea454e"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83c4870f9fdab518-OSL
access-control-allow-headers
SDK-Version
expires
Wed, 27 Dec 2023 22:06:28 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-466YVPYP3T&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07c7cf0bcdb262bb9296591239a74888beed73e423bc4e8bd40f0c6c417303ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81194
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 27 Dec 2023 21:06:28 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1866
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
83c487103a571bfe-OSL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 26 Jan 2024 21:06:28 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A586 		232 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&adk=1812271804&adf=3025194257&lmt=1703671975&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fsousou-no-frieren.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703711188077&bpp=5&bdt=414&idt=444&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4848344550610&frm=20&pv=2&ga_vid=429877986.1703711188&ga_sid=1703711189&ga_hid=1108008592&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C95320869%2C95320885&oid=2&pvsid=3016253941172615&tmod=281962794&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
175becf213b86cefc4c9311f266bbd52160a242c77082909728f5935294e7a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sousou-no-frieren.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
60903
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:06:29 GMT
expires
Wed, 27 Dec 2023 21:06:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20lh-nav-bg-transform%20navbar-default%20navbar-fixed-top%20navbar-left&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 199C 		738 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&h=280&slotname=3142155850&adk=2997177160&adf=33086468&pi=t.ma~as.3142155850&w=920&fwrn=4&fwrnh=100&lmt=1703671975&rafmt=1&format=920x280&url=https%3A%2F%2Fsousou-no-frieren.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703711188082&bpp=1&bdt=420&idt=469&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4848344550610&frm=20&pv=1&ga_vid=429877986.1703711188&ga_sid=1703711189&ga_hid=1108008592&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=180&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C95320869%2C95320885&oid=2&pvsid=3016253941172615&tmod=281962794&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9246a3a72c7a4d7ff84a694de71b80d2d895fdb66d16ecf39d65b53427fae6b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sousou-no-frieren.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
369
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:06:28 GMT
expires
Wed, 27 Dec 2023 21:06:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
icon
onesignal.com/api/v1/apps/bb702c99-8f4b-4933-baae-5afffd1ef462/ 		184 B
758 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/bb702c99-8f4b-4933-baae-5afffd1ef462/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86820ecdb1522eca1bd651b864b6a2847de2c3d6e5496cc6bcd77fa6bf6318c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:28 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ae0baa4e-a2f3-408d-8804-4a1f6d0b80d2
x-runtime
0.012441
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"86820ecdb1522eca1bd651b864b6a284"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
83c4871168821c0a-OSL
access-control-allow-headers
SDK-Version
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-466YVPYP3T&gtm=45je3bt0v9110430470&_p=1703711188403&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=429877986.1703711188&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsousou-no-frieren.com%2F&dt=Read%20Sousou%20no%20Frieren%20Manga%20Online%20-%20English%20Scans&sid=1703711188&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1526
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-466YVPYP3T&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sousou-no-frieren.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1c745f73-a6e3-4e8f-84c6-04f72467edc9
img.onesignal.com/permanent/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/1c745f73-a6e3-4e8f-84c6-04f72467edc9
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a1c02813fd47455b70afa1adc9f476e2646f10a56d8ec778ddfe8118d937ef4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Wed, 27 Dec 2023 21:06:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
x-guploader-uploadid
ABPtcPpP0t_JG9jzr4defitPvG2GZYW4-t29oLxkVMiEPGnnO56g9TtBQ_MkZ3XbtnyLp3wt2j-xJgXZJg
x-goog-meta-x-goog-source-etag
"06e92554505abaa15d474e95e8657c83"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3692
pragma
no-cache
last-modified
Wed, 08 Feb 2023 01:55:13 GMT
server
cloudflare
etag
"-CJ/0+vDohP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1675821313866271
content-type
application/octet-stream
x-goog-hash
crc32c=q1rMuQ==, md5=BuklVFBauqFdR06V6GV8gw==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
3692
accept-ranges
bytes
cf-ray
83c487122a9cb518-OSL
expires
Sat, 27 Jan 2024 21:06:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
368844fc3c1b4d0cbe6f963818ee9c45134348dd744481578a733cf71e4bd7bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12242
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d499434d838c500a9911c5d9d0d45d4f090b0e7a81e0af77b3c8a671c69a6777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56007
x-xss-protection
0
server
cafe
etag
13190585268739253661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:06:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 21:06:29 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 73A7 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sousou-no-frieren.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
83345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Tue, 09 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 6759 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=sousou-no-frieren.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sousou-no-frieren.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
83345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Tue, 09 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 73A7 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Dec 2023 20:26:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Dec 2023 21:06:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73A7 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 14:24:49 GMT
x-content-type-options
nosniff
age
110500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 Dec 2024 14:24:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73A7 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:24:42 GMT
x-content-type-options
nosniff
age
96107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 Dec 2024 18:24:42 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 73A7 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 03:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 03:25:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 73A7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
67253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 02:25:36 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 459C 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzM3t8EELan7OUEGJvU84ACMAE&v=APEucNVzDKcV3lm3c8Q5PgeZcFVcpNRgJg549ZGJD08Kk2nStlsIfjzTZDR7KqneQiuBVHVmoS2g6KjAoUK_PzwseRB_a7rSZYqZIY3UjZ1sG5IATdxW1mMqhQktDmfhUqXYmNsFoK1KDAyNtO1Othv6FZwpjN1GouAZBwJbryOomvO104V5SLY
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:06:29 GMT
expires
Wed, 27 Dec 2023 21:06:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 907E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:06:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 907E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
84999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 21:29:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 907E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
85000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 21:29:49 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 907E 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:06:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 907E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Du7LVF4B1GQeUkjeRjC5iNRWgHLyKzpEnoRQYMAA7VJR3HagzvnuwNA3JGIvo8q-D5sqrDybbRmPw_z7ov-4-3_GuykzLhAmWZgUpTGMdE_uU9rQ0
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 0536 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e913a8990c885bd71ef289a424530af23b9aa3e431085874a2ed8681d93f95b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Dec 2023 19:31:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Dec 2023 21:06:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0536 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
85000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 21:29:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 0536 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
84999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 21:29:50 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7D26 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
1685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 20:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0536 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
84999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 21:29:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0536 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
85000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 21:29:49 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0536 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:06:29 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 0536 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 09:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Mar 2024 09:13:33 GMT
rum
dsum-sec.casalemedia.com/ Frame 459C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
43 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzM3t8EELan7OUEGJvU84ACMAE&v=APEucNVzDKcV3lm3c8Q5PgeZcFVcpNRgJg549ZGJD08Kk2nStlsIfjzTZDR7KqneQiuBVHVmoS2g6KjAoUK_PzwseRB_a7rSZYqZIY3UjZ1sG5IATdxW1mMqhQktDmfhUqXYmNsFoK1KDAyNtO1Othv6FZwpjN1GouAZBwJbryOomvO104V5SLY
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HNB3G9%2BqYCW5lj9ebRDx7%2Bwep6HbwSsOD64VAYy9FaViA8Zkki8I5iWEi4PConwA2ALMmJxBuGg%2B8CJbgWagNjovBXihkI8ZPgmvz%2BIOkkAc6fJ2FR%2FUBjFUVFCvwndKXaGFRn8ddqMPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83c48718cef456aa-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 459C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYyR1fHe8Qxi0oTMA-qoAAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzM3t8EELan7OUEGJvU84ACMAE&v=APEucNVzDKcV3lm3c8Q5PgeZcFVcpNRgJg549ZGJD08Kk2nStlsIfjzTZDR7KqneQiuBVHVmoS2g6KjAoUK_PzwseRB_a7rSZYqZIY3UjZ1sG5IATdxW1mMqhQktDmfhUqXYmNsFoK1KDAyNtO1Othv6FZwpjN1GouAZBwJbryOomvO104V5SLY
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVO7vNsxA68unjdfHYHiumR3IvwGIs4uQEPEi9yy3yZmD7XgDvykgnBMspJpN9hytX%2Be1nH1MIHint%2F1qFNQYViq8vvsQi3nW2VHBMajPm3O1oDw9fLcNQR%2B3ohAu5RaSFSppjO5o7UQFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83c487195f8056aa-OSL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBOb7plqBKdqwvSYsw8xILM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 459C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJXS4BCwxPyX4rXfueLw0gA&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJXS4BCwxPyX4rXfueLw0gA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzM3t8EELan7OUEGJvU84ACMAE&v=APEucNVzDKcV3lm3c8Q5PgeZcFVcpNRgJg549ZGJD08Kk2nStlsIfjzTZDR7KqneQiuBVHVmoS2g6KjAoUK_PzwseRB_a7rSZYqZIY3UjZ1sG5IATdxW1mMqhQktDmfhUqXYmNsFoK1KDAyNtO1Othv6FZwpjN1GouAZBwJbryOomvO104V5SLY
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
an-x-request-uuid
3295bc28-9692-4ab0-ab56-e550833213a4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.255.148.169; 178.255.148.169; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJXS4BCwxPyX4rXfueLw0gA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 459C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI3OTU5MjQzMDkzNTY3NjAxMw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI3OTU5MjQzMDkzNTY3NjAxMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzM3t8EELan7OUEGJvU84ACMAE&v=APEucNVzDKcV3lm3c8Q5PgeZcFVcpNRgJg549ZGJD08Kk2nStlsIfjzTZDR7KqneQiuBVHVmoS2g6KjAoUK_PzwseRB_a7rSZYqZIY3UjZ1sG5IATdxW1mMqhQktDmfhUqXYmNsFoK1KDAyNtO1Othv6FZwpjN1GouAZBwJbryOomvO104V5SLY
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
an-x-request-uuid
2f147854-18a5-4e68-8265-419ab6695d65
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI3OTU5MjQzMDkzNTY3NjAxMw%3D%3D
x-proxy-origin
178.255.148.169; 178.255.148.169; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4CA5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sousou-no-frieren.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
246197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 00:43:12 GMT
expires
Tue, 24 Dec 2024 00:43:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B0E7 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
18af68cdb5928416d802fc42962839755ce2517700538de10b8ad28db5ae7e15
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gh6_-6a0MlNNmrwlk3SQkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sousou-no-frieren.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-gh6_-6a0MlNNmrwlk3SQkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:06:29 GMT
expires
Wed, 27 Dec 2023 21:06:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 907E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9892820236027&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 907E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9892820236027&version=m202309260101&ct=76&x=1&cor=13432946504860373000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 907E 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXLag5JT9eqMGl6eSyrJjxuefH3TutufOUxowSnSI9-JLrJfvA6GeDG3zfljKcPdh9lDs7_JH63g70NEb6XbpbEvxI1ewiGHXAyOsxZNjxiu_O210Q3O187PDI_ixUETzaz6mujXWYWu_mtksYGv11lMGC3tgkierzXuWrD6iEqrEV3IQ&dbm_d=AKAmf-D7rKh-sZ1HmZGIh5Ru8duwzyeMtaWW6qo7qMg2O3SoGAc-M5cydMJKL46uEgewahj67sjDqws4xDJyhS84-a-pJJtVofvY2hFIbj3pgmggHnmlD2s3slwd8oXCgEzZA2rBp5NsN08m58deWKFPU-UCcrYAxW6eDQCA2qKyKs96tlln1oCGgzSH0X_YD8NJMWctDFrGMyMqUq4zxaWQDMBLMNxP6WmouzpF9kbMqVDO7WwbexwmEAB-wHsbBCF8TLjKJ6oWdqzapjuf7mtYMVam6onYeuFG8x9vpJ3JOJlrNwIcjsCouB1_4Mkv_q8AAv6gchr7VRk3qGzFtvXYftFPwLRHo7qojYGL09Fc1s-suIEpYjJqvKCBxcgYek6HdDZQhcVkULxy8TxomaWQKc8-vOI9jv1DlO56k-LKMTRXyuN6HnJYK_3bguUw16O996j6q7jtntOSfNMckY9sk-vF1l2uJKzByheKOhljl3wc5byoA5nVWgwRLMKVD4zfRI4cXCU4eJj4Nt21TJ1CcvbE5xjEhsqT4N8n5ZdNObl-MlVRqGcpEN9MICsvshn4-Ys0sLCKO17VlRxZWFGv8bEgXzxaMT2pZlXbA2xFofQ3HFn3RNjqJSD4YMc2iysgnMvK9-8DpMX83UJBr0Z71YUT_Zd_L14WqYiXdUmQG4h_w2Xp-l63CXXjmp8s5kZfn9whJl22tE0bfv0KYVlLNkzqoz-sGbELiykAT8bn0bDCE4SgD_qBJcdcPxXR_4LOs3hGpbTtPmXAhp_zcKZCB8458I1q6OoNYPxK6WpaIozNaPEHBiMmjHpQGaT_oi-6cLBXbDIsDUQ_fiaD0cEuIeBv--cp3ZApkRfgszEXYm01JGPXKFhANLWy4nZdskr8ASaR9Op98TUn8_5Of5XS3HuytF9MRUMS6CuJOZ3hgABejklDV6_hES0QWcXayHArmuNz-X_bloO98rtAUg5O36m5JNqpoVG6gqNJx_buT473NkL4CdVRgQ1JV_vyifLzBvN4aN9d5eIL0vVqgxjKZnD63JKpWcbjOedIoIj7UpSPCk_6dnCwopoFzBiWGb-96uZP9T47lRs6c-jFYRmI2o1j_uXGlptJS353zsL68m99ekGUlZ-jIRF3kvkymbUzZfxVBUToFt1tomF_8UISyWQApDb-wCNX-NJSyu3w9QO2ZuCXHs0BFduj7K0SPTBvOF4UF-ntQVENF8c-Vtxe9HqztwkKfqsQ36JHwisko2Ap9m1SKfjCrXbVVu0Z_2l6xZBGoe71JIyA1rXMGmLtwjEEvU3d2UEk9QjcSjfUINQQ5ZUox0hGc5oVoyyD1N7RLAtYev5RHgL8acYFWx_DcE8IVVxgvSBJAYZXz2MyNW-O8G14Fin4OLx2-2orn7Oj9CYhN7tlu9USG5p0-ZGsDH_YZWrxWiSwZjkSqyLxyFKKx4CdyQp7qgIznn0fqGrIkR4DiZ-xFSMDH3FrixnqRnmfHI6jtpDog48Oi5Qs-fhfRShtDNX4uW8fEAhJqN8j_GnpANkpNpjcw_GDrD-0Cg8eXXuxZGUExZCCYxLkSyfjzxkMQFhPe83I2bs26ip7oZx8oNwNUurbgnCeiuhcr39Ost2uqn7N1GTZ2XAso6c5GNDW0LjEAYU_0CXJjIb_mVTxNZlEIBYykGje4bukHR3iqsYIvq8IUcY7_GF-FgAhJj2pJBDhtPC4qixivZBtbJy5LVrtVtBb_rv9NgG-DKv4BuacjImJ10mo56Qs_fx54dx8eHiqxeY44IohEw2JBuO5aOkP4cJl487UgAFrAUrLS7MrqDQ8Kvr1NOYVzggZuoMkumykzL-2IIAIFfeiz8WccR5YEhOA1j57Tiv8lrDhS-zoR414pgLQ_BDyy5mtjoRiRXdjD5dXLJlR8iuVv6H65a1CsVw0UA-p64fd2N2qdL0Qy4fWBSY3MgOXBpq_cKmhodgyai6p2egVy-WTG5cjVX7NR5iipVyCDwpVubl6JAVYXhrl0mt4-jOdhS7TVyeuWJftT2BK71MkhG1_xW2-pKa72yQlAfNBgbV3lM_6Xb0IHL7RuBJHo_CnSs0OcxPEsNXkqrhwIV2oPS0CeOcOFdGJC3vysSga9AvAXILnTPuJK3sFLLh7wIsbRAT3-qARDL-fIKtITzgVcdeDSmMIGyrvuJkfN0v_pGcwAzEo5rtDDKy9lemtmjcYdibUiyXH8W5vBsB4sxINB4gwyGdbNGEgu_GOjI6UsfiwkR3tm5EHohkBpr20bhYNJcBOrdTE86gG0M1XYuypMCMVIphNssdnPa1wVr8FiJaG-7XjdZMKvpxKaxeun9quAXWSoa1NvCwAaGTMJG_kP5FaFp-UeguklO2P9VCrQdp49dqis_Xe11FHnjsqessJCTSmlXK1_KNp5hcWuZvngeflM6ETFEn_XCjBdxY70pLQ6qgQNzBHTBIMMZ6nA3yarrKJrrxHAO-k4ixVLPghqy6NPcVvyCrx3vxJT9BHwaivIn71b7ytrF8F48D2tkJ6uS4psgTMhhFgnKmQd8s0T7a0c6IbaZvLRyi0SYzPtbhDnAAF0-Em8OPzAEW93qoOQ0Pf2m08vbs4-tJW3YhBS94bir2sQ1XyIKS5H9JaiiO1zfKAFwi5hGRuws6_x1dieqiy2qDEiPKXvSCWZhNczA2xe5CrJ3ZNUSp4FSmRDcMO-cex7NXE1TR0cBkEW76qb8BGc04Sb6suYwjmkTl1krrezLfkGnQEBD2T5xEfml95O4oD3PF3JUR3iWgPboPdQyy3XKh6aW4u0_GWTy1RAkUi9VY7WoOWJHkPwyeUKmPBTeFmKcOeFpc5jCeELwIwnVOrXoJcDZmG7NZUw4qpwN-AlSWV3VsIRb8I8owNCb2rGgmI-zguZHNEzCWncDekPgOO_WhTbNs5-O3-IlNPDBObiqpqWqG-e1VaDSW0ebcy_M64OEnKoUToMpZ2dw0h_38Z_hsSaaeVDsNbnUPPnAhajZhdnx-F3XL51EZV7kOahv2syAqmCUUSSrWrc1Z8QIqomBKsW5_1HxFGcbdXkZc77tmxX6JbZbxE_sBkkylB7q9n-qcfumZGB6hqBQHvY5u8S1oIG9BGxsHaFYR63FuHPD8RGx5pCyWW_iYDzAN617zy-5kRrSq2wBdcXTV5gh7U3WBkmdZUZjigwjHVgz8sOWHlPLdZoIy_pdbWwcoL5UvC_IVMTpDO4Fw0-fWMjpTT628d6lI8OY3oy1q8BauaY07nWk8dC5ksKvZpFbMqK8QtnMcCRHL2iDLhFrxpkiWFZxpWDL4Eby8ur_5MJfr4NIhfG6Y6gHRq4dqaSAV0PwQh0uk9wvN23llGEq46TYOrE8toxrId19bTmeRhh98N3TVO6hY3INVeZ9KjTwRUXuNLX_FimOphZQeZXXisa_OQoQDt6ECtV6fAqbYn4LybzfPGi65RK9lbFPwKauIzQaTu2nN5U0MlWVuPkvv1r8hQUO_KC2tKkmB5bfRUcwFpPkzM6g2T8nz-SW4NwpCjGD8-3PBe40yyOrnfA6v72Xw8h1fd68iBKN8c1YYnyqSiFlE3AljNNSxB8Wl6Sr8y0jF-jQxlXB457RdCd6YUpcGxs8EiGTGIIzNUJvFF4HD6_iF6Uy3yKNNQAVOv8p9HE40SHRQT1A&cid=CAQSTwAvHhf_TLXCr178vkgHYspNEZrw6ZKqVOByT16ZnRMKLuPl_RYaOoae_1JaD018l1kXq-10mQ-tACipwqFJLt1dwzmswehNdYrwQDe8jaIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsousou-no-frieren.com%2F&ds=l&xdt=1&iif=1&cor=13432946504860373000&adk=1761367584&idt=168&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7e83964f9cba2d0aba6b916c9b48eddcad99779f9b56794134c7a1e0b13f5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42067
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7D26
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:06:29 GMT
expires
Wed, 27 Dec 2023 21:06:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:06:29 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4CA5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 15:53:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
18771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 15:53:38 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1876851/77077875/ Frame 907E 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1876851/77077875/skeleton.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cfa73c11a976d01ae1278df2317f722c36fb825ab244694ca7dddc1ae94a9343

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 907E 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Dec 2023 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 907E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXLag5JT9eqMGl6eSyrJjxuefH3TutufOUxowSnSI9-JLrJfvA6GeDG3zfljKcPdh9lDs7_JH63g70NEb6XbpbEvxI1ewiGHXAyOsxZNjxiu_O210Q3O187PDI_ixUETzaz6mujXWYWu_mtksYGv11lMGC3tgkierzXuWrD6iEqrEV3IQ&dbm_d=AKAmf-D7rKh-sZ1HmZGIh5Ru8duwzyeMtaWW6qo7qMg2O3SoGAc-M5cydMJKL46uEgewahj67sjDqws4xDJyhS84-a-pJJtVofvY2hFIbj3pgmggHnmlD2s3slwd8oXCgEzZA2rBp5NsN08m58deWKFPU-UCcrYAxW6eDQCA2qKyKs96tlln1oCGgzSH0X_YD8NJMWctDFrGMyMqUq4zxaWQDMBLMNxP6WmouzpF9kbMqVDO7WwbexwmEAB-wHsbBCF8TLjKJ6oWdqzapjuf7mtYMVam6onYeuFG8x9vpJ3JOJlrNwIcjsCouB1_4Mkv_q8AAv6gchr7VRk3qGzFtvXYftFPwLRHo7qojYGL09Fc1s-suIEpYjJqvKCBxcgYek6HdDZQhcVkULxy8TxomaWQKc8-vOI9jv1DlO56k-LKMTRXyuN6HnJYK_3bguUw16O996j6q7jtntOSfNMckY9sk-vF1l2uJKzByheKOhljl3wc5byoA5nVWgwRLMKVD4zfRI4cXCU4eJj4Nt21TJ1CcvbE5xjEhsqT4N8n5ZdNObl-MlVRqGcpEN9MICsvshn4-Ys0sLCKO17VlRxZWFGv8bEgXzxaMT2pZlXbA2xFofQ3HFn3RNjqJSD4YMc2iysgnMvK9-8DpMX83UJBr0Z71YUT_Zd_L14WqYiXdUmQG4h_w2Xp-l63CXXjmp8s5kZfn9whJl22tE0bfv0KYVlLNkzqoz-sGbELiykAT8bn0bDCE4SgD_qBJcdcPxXR_4LOs3hGpbTtPmXAhp_zcKZCB8458I1q6OoNYPxK6WpaIozNaPEHBiMmjHpQGaT_oi-6cLBXbDIsDUQ_fiaD0cEuIeBv--cp3ZApkRfgszEXYm01JGPXKFhANLWy4nZdskr8ASaR9Op98TUn8_5Of5XS3HuytF9MRUMS6CuJOZ3hgABejklDV6_hES0QWcXayHArmuNz-X_bloO98rtAUg5O36m5JNqpoVG6gqNJx_buT473NkL4CdVRgQ1JV_vyifLzBvN4aN9d5eIL0vVqgxjKZnD63JKpWcbjOedIoIj7UpSPCk_6dnCwopoFzBiWGb-96uZP9T47lRs6c-jFYRmI2o1j_uXGlptJS353zsL68m99ekGUlZ-jIRF3kvkymbUzZfxVBUToFt1tomF_8UISyWQApDb-wCNX-NJSyu3w9QO2ZuCXHs0BFduj7K0SPTBvOF4UF-ntQVENF8c-Vtxe9HqztwkKfqsQ36JHwisko2Ap9m1SKfjCrXbVVu0Z_2l6xZBGoe71JIyA1rXMGmLtwjEEvU3d2UEk9QjcSjfUINQQ5ZUox0hGc5oVoyyD1N7RLAtYev5RHgL8acYFWx_DcE8IVVxgvSBJAYZXz2MyNW-O8G14Fin4OLx2-2orn7Oj9CYhN7tlu9USG5p0-ZGsDH_YZWrxWiSwZjkSqyLxyFKKx4CdyQp7qgIznn0fqGrIkR4DiZ-xFSMDH3FrixnqRnmfHI6jtpDog48Oi5Qs-fhfRShtDNX4uW8fEAhJqN8j_GnpANkpNpjcw_GDrD-0Cg8eXXuxZGUExZCCYxLkSyfjzxkMQFhPe83I2bs26ip7oZx8oNwNUurbgnCeiuhcr39Ost2uqn7N1GTZ2XAso6c5GNDW0LjEAYU_0CXJjIb_mVTxNZlEIBYykGje4bukHR3iqsYIvq8IUcY7_GF-FgAhJj2pJBDhtPC4qixivZBtbJy5LVrtVtBb_rv9NgG-DKv4BuacjImJ10mo56Qs_fx54dx8eHiqxeY44IohEw2JBuO5aOkP4cJl487UgAFrAUrLS7MrqDQ8Kvr1NOYVzggZuoMkumykzL-2IIAIFfeiz8WccR5YEhOA1j57Tiv8lrDhS-zoR414pgLQ_BDyy5mtjoRiRXdjD5dXLJlR8iuVv6H65a1CsVw0UA-p64fd2N2qdL0Qy4fWBSY3MgOXBpq_cKmhodgyai6p2egVy-WTG5cjVX7NR5iipVyCDwpVubl6JAVYXhrl0mt4-jOdhS7TVyeuWJftT2BK71MkhG1_xW2-pKa72yQlAfNBgbV3lM_6Xb0IHL7RuBJHo_CnSs0OcxPEsNXkqrhwIV2oPS0CeOcOFdGJC3vysSga9AvAXILnTPuJK3sFLLh7wIsbRAT3-qARDL-fIKtITzgVcdeDSmMIGyrvuJkfN0v_pGcwAzEo5rtDDKy9lemtmjcYdibUiyXH8W5vBsB4sxINB4gwyGdbNGEgu_GOjI6UsfiwkR3tm5EHohkBpr20bhYNJcBOrdTE86gG0M1XYuypMCMVIphNssdnPa1wVr8FiJaG-7XjdZMKvpxKaxeun9quAXWSoa1NvCwAaGTMJG_kP5FaFp-UeguklO2P9VCrQdp49dqis_Xe11FHnjsqessJCTSmlXK1_KNp5hcWuZvngeflM6ETFEn_XCjBdxY70pLQ6qgQNzBHTBIMMZ6nA3yarrKJrrxHAO-k4ixVLPghqy6NPcVvyCrx3vxJT9BHwaivIn71b7ytrF8F48D2tkJ6uS4psgTMhhFgnKmQd8s0T7a0c6IbaZvLRyi0SYzPtbhDnAAF0-Em8OPzAEW93qoOQ0Pf2m08vbs4-tJW3YhBS94bir2sQ1XyIKS5H9JaiiO1zfKAFwi5hGRuws6_x1dieqiy2qDEiPKXvSCWZhNczA2xe5CrJ3ZNUSp4FSmRDcMO-cex7NXE1TR0cBkEW76qb8BGc04Sb6suYwjmkTl1krrezLfkGnQEBD2T5xEfml95O4oD3PF3JUR3iWgPboPdQyy3XKh6aW4u0_GWTy1RAkUi9VY7WoOWJHkPwyeUKmPBTeFmKcOeFpc5jCeELwIwnVOrXoJcDZmG7NZUw4qpwN-AlSWV3VsIRb8I8owNCb2rGgmI-zguZHNEzCWncDekPgOO_WhTbNs5-O3-IlNPDBObiqpqWqG-e1VaDSW0ebcy_M64OEnKoUToMpZ2dw0h_38Z_hsSaaeVDsNbnUPPnAhajZhdnx-F3XL51EZV7kOahv2syAqmCUUSSrWrc1Z8QIqomBKsW5_1HxFGcbdXkZc77tmxX6JbZbxE_sBkkylB7q9n-qcfumZGB6hqBQHvY5u8S1oIG9BGxsHaFYR63FuHPD8RGx5pCyWW_iYDzAN617zy-5kRrSq2wBdcXTV5gh7U3WBkmdZUZjigwjHVgz8sOWHlPLdZoIy_pdbWwcoL5UvC_IVMTpDO4Fw0-fWMjpTT628d6lI8OY3oy1q8BauaY07nWk8dC5ksKvZpFbMqK8QtnMcCRHL2iDLhFrxpkiWFZxpWDL4Eby8ur_5MJfr4NIhfG6Y6gHRq4dqaSAV0PwQh0uk9wvN23llGEq46TYOrE8toxrId19bTmeRhh98N3TVO6hY3INVeZ9KjTwRUXuNLX_FimOphZQeZXXisa_OQoQDt6ECtV6fAqbYn4LybzfPGi65RK9lbFPwKauIzQaTu2nN5U0MlWVuPkvv1r8hQUO_KC2tKkmB5bfRUcwFpPkzM6g2T8nz-SW4NwpCjGD8-3PBe40yyOrnfA6v72Xw8h1fd68iBKN8c1YYnyqSiFlE3AljNNSxB8Wl6Sr8y0jF-jQxlXB457RdCd6YUpcGxs8EiGTGIIzNUJvFF4HD6_iF6Uy3yKNNQAVOv8p9HE40SHRQT1A&cid=CAQSTwAvHhf_TLXCr178vkgHYspNEZrw6ZKqVOByT16ZnRMKLuPl_RYaOoae_1JaD018l1kXq-10mQ-tACipwqFJLt1dwzmswehNdYrwQDe8jaIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsousou-no-frieren.com%2F&ds=l&xdt=1&iif=1&cor=13432946504860373000&adk=1761367584&idt=168&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 21:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
84141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 21:44:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 907E 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXLag5JT9eqMGl6eSyrJjxuefH3TutufOUxowSnSI9-JLrJfvA6GeDG3zfljKcPdh9lDs7_JH63g70NEb6XbpbEvxI1ewiGHXAyOsxZNjxiu_O210Q3O187PDI_ixUETzaz6mujXWYWu_mtksYGv11lMGC3tgkierzXuWrD6iEqrEV3IQ&dbm_d=AKAmf-D7rKh-sZ1HmZGIh5Ru8duwzyeMtaWW6qo7qMg2O3SoGAc-M5cydMJKL46uEgewahj67sjDqws4xDJyhS84-a-pJJtVofvY2hFIbj3pgmggHnmlD2s3slwd8oXCgEzZA2rBp5NsN08m58deWKFPU-UCcrYAxW6eDQCA2qKyKs96tlln1oCGgzSH0X_YD8NJMWctDFrGMyMqUq4zxaWQDMBLMNxP6WmouzpF9kbMqVDO7WwbexwmEAB-wHsbBCF8TLjKJ6oWdqzapjuf7mtYMVam6onYeuFG8x9vpJ3JOJlrNwIcjsCouB1_4Mkv_q8AAv6gchr7VRk3qGzFtvXYftFPwLRHo7qojYGL09Fc1s-suIEpYjJqvKCBxcgYek6HdDZQhcVkULxy8TxomaWQKc8-vOI9jv1DlO56k-LKMTRXyuN6HnJYK_3bguUw16O996j6q7jtntOSfNMckY9sk-vF1l2uJKzByheKOhljl3wc5byoA5nVWgwRLMKVD4zfRI4cXCU4eJj4Nt21TJ1CcvbE5xjEhsqT4N8n5ZdNObl-MlVRqGcpEN9MICsvshn4-Ys0sLCKO17VlRxZWFGv8bEgXzxaMT2pZlXbA2xFofQ3HFn3RNjqJSD4YMc2iysgnMvK9-8DpMX83UJBr0Z71YUT_Zd_L14WqYiXdUmQG4h_w2Xp-l63CXXjmp8s5kZfn9whJl22tE0bfv0KYVlLNkzqoz-sGbELiykAT8bn0bDCE4SgD_qBJcdcPxXR_4LOs3hGpbTtPmXAhp_zcKZCB8458I1q6OoNYPxK6WpaIozNaPEHBiMmjHpQGaT_oi-6cLBXbDIsDUQ_fiaD0cEuIeBv--cp3ZApkRfgszEXYm01JGPXKFhANLWy4nZdskr8ASaR9Op98TUn8_5Of5XS3HuytF9MRUMS6CuJOZ3hgABejklDV6_hES0QWcXayHArmuNz-X_bloO98rtAUg5O36m5JNqpoVG6gqNJx_buT473NkL4CdVRgQ1JV_vyifLzBvN4aN9d5eIL0vVqgxjKZnD63JKpWcbjOedIoIj7UpSPCk_6dnCwopoFzBiWGb-96uZP9T47lRs6c-jFYRmI2o1j_uXGlptJS353zsL68m99ekGUlZ-jIRF3kvkymbUzZfxVBUToFt1tomF_8UISyWQApDb-wCNX-NJSyu3w9QO2ZuCXHs0BFduj7K0SPTBvOF4UF-ntQVENF8c-Vtxe9HqztwkKfqsQ36JHwisko2Ap9m1SKfjCrXbVVu0Z_2l6xZBGoe71JIyA1rXMGmLtwjEEvU3d2UEk9QjcSjfUINQQ5ZUox0hGc5oVoyyD1N7RLAtYev5RHgL8acYFWx_DcE8IVVxgvSBJAYZXz2MyNW-O8G14Fin4OLx2-2orn7Oj9CYhN7tlu9USG5p0-ZGsDH_YZWrxWiSwZjkSqyLxyFKKx4CdyQp7qgIznn0fqGrIkR4DiZ-xFSMDH3FrixnqRnmfHI6jtpDog48Oi5Qs-fhfRShtDNX4uW8fEAhJqN8j_GnpANkpNpjcw_GDrD-0Cg8eXXuxZGUExZCCYxLkSyfjzxkMQFhPe83I2bs26ip7oZx8oNwNUurbgnCeiuhcr39Ost2uqn7N1GTZ2XAso6c5GNDW0LjEAYU_0CXJjIb_mVTxNZlEIBYykGje4bukHR3iqsYIvq8IUcY7_GF-FgAhJj2pJBDhtPC4qixivZBtbJy5LVrtVtBb_rv9NgG-DKv4BuacjImJ10mo56Qs_fx54dx8eHiqxeY44IohEw2JBuO5aOkP4cJl487UgAFrAUrLS7MrqDQ8Kvr1NOYVzggZuoMkumykzL-2IIAIFfeiz8WccR5YEhOA1j57Tiv8lrDhS-zoR414pgLQ_BDyy5mtjoRiRXdjD5dXLJlR8iuVv6H65a1CsVw0UA-p64fd2N2qdL0Qy4fWBSY3MgOXBpq_cKmhodgyai6p2egVy-WTG5cjVX7NR5iipVyCDwpVubl6JAVYXhrl0mt4-jOdhS7TVyeuWJftT2BK71MkhG1_xW2-pKa72yQlAfNBgbV3lM_6Xb0IHL7RuBJHo_CnSs0OcxPEsNXkqrhwIV2oPS0CeOcOFdGJC3vysSga9AvAXILnTPuJK3sFLLh7wIsbRAT3-qARDL-fIKtITzgVcdeDSmMIGyrvuJkfN0v_pGcwAzEo5rtDDKy9lemtmjcYdibUiyXH8W5vBsB4sxINB4gwyGdbNGEgu_GOjI6UsfiwkR3tm5EHohkBpr20bhYNJcBOrdTE86gG0M1XYuypMCMVIphNssdnPa1wVr8FiJaG-7XjdZMKvpxKaxeun9quAXWSoa1NvCwAaGTMJG_kP5FaFp-UeguklO2P9VCrQdp49dqis_Xe11FHnjsqessJCTSmlXK1_KNp5hcWuZvngeflM6ETFEn_XCjBdxY70pLQ6qgQNzBHTBIMMZ6nA3yarrKJrrxHAO-k4ixVLPghqy6NPcVvyCrx3vxJT9BHwaivIn71b7ytrF8F48D2tkJ6uS4psgTMhhFgnKmQd8s0T7a0c6IbaZvLRyi0SYzPtbhDnAAF0-Em8OPzAEW93qoOQ0Pf2m08vbs4-tJW3YhBS94bir2sQ1XyIKS5H9JaiiO1zfKAFwi5hGRuws6_x1dieqiy2qDEiPKXvSCWZhNczA2xe5CrJ3ZNUSp4FSmRDcMO-cex7NXE1TR0cBkEW76qb8BGc04Sb6suYwjmkTl1krrezLfkGnQEBD2T5xEfml95O4oD3PF3JUR3iWgPboPdQyy3XKh6aW4u0_GWTy1RAkUi9VY7WoOWJHkPwyeUKmPBTeFmKcOeFpc5jCeELwIwnVOrXoJcDZmG7NZUw4qpwN-AlSWV3VsIRb8I8owNCb2rGgmI-zguZHNEzCWncDekPgOO_WhTbNs5-O3-IlNPDBObiqpqWqG-e1VaDSW0ebcy_M64OEnKoUToMpZ2dw0h_38Z_hsSaaeVDsNbnUPPnAhajZhdnx-F3XL51EZV7kOahv2syAqmCUUSSrWrc1Z8QIqomBKsW5_1HxFGcbdXkZc77tmxX6JbZbxE_sBkkylB7q9n-qcfumZGB6hqBQHvY5u8S1oIG9BGxsHaFYR63FuHPD8RGx5pCyWW_iYDzAN617zy-5kRrSq2wBdcXTV5gh7U3WBkmdZUZjigwjHVgz8sOWHlPLdZoIy_pdbWwcoL5UvC_IVMTpDO4Fw0-fWMjpTT628d6lI8OY3oy1q8BauaY07nWk8dC5ksKvZpFbMqK8QtnMcCRHL2iDLhFrxpkiWFZxpWDL4Eby8ur_5MJfr4NIhfG6Y6gHRq4dqaSAV0PwQh0uk9wvN23llGEq46TYOrE8toxrId19bTmeRhh98N3TVO6hY3INVeZ9KjTwRUXuNLX_FimOphZQeZXXisa_OQoQDt6ECtV6fAqbYn4LybzfPGi65RK9lbFPwKauIzQaTu2nN5U0MlWVuPkvv1r8hQUO_KC2tKkmB5bfRUcwFpPkzM6g2T8nz-SW4NwpCjGD8-3PBe40yyOrnfA6v72Xw8h1fd68iBKN8c1YYnyqSiFlE3AljNNSxB8Wl6Sr8y0jF-jQxlXB457RdCd6YUpcGxs8EiGTGIIzNUJvFF4HD6_iF6Uy3yKNNQAVOv8p9HE40SHRQT1A&cid=CAQSTwAvHhf_TLXCr178vkgHYspNEZrw6ZKqVOByT16ZnRMKLuPl_RYaOoae_1JaD018l1kXq-10mQ-tACipwqFJLt1dwzmswehNdYrwQDe8jaIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsousou-no-frieren.com%2F&ds=l&xdt=1&iif=1&cor=13432946504860373000&adk=1761367584&idt=168&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 01:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
69759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 01:43:50 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 907E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
112633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:49:16 GMT
truncated
/ Frame 907E 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
657fde7e6a7b4cedca3c0e02c94b91b72b621983c23f069e1f66cbc6f0402974

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame B0E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3016253941172615&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 04E4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
110751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Dec 2023 14:20:39 GMT
expires
Wed, 25 Dec 2024 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 4CA5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Zl-AGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame BEBF 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
112634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 13:49:16 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 04E4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 15:53:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
18772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 15:53:38 GMT
containr.js
cdn.mookie1.com/ Frame 907E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mookie1.com/containr.js?tagid=V2_581277&tagType=imp&host=no-gmtdmp.mookie1.com&src.rand=4097586255&src.campaignID=31052869&src.placementID=383489214
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-12.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 21:06:30 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
2941
Last-Modified
Tue, 08 Sep 2020 10:42:20 GMT
Server
AkamaiNetStorage
ETag
"6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Cache-Control
max-age=60
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 27 Dec 2023 21:07:30 GMT
index.html
s0.2mdn.net/sadbundle/15402133379827368673/ Frame F9F0 		2 KB
805 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d84680cc08e8d0b28a4abc7e9637907f63802e8e882535a3bb208932dcbcfe1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
776
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 21:06:30 GMT
expires
Thu, 26 Dec 2024 21:06:30 GMT
last-modified
Fri, 24 Nov 2023 09:24:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 907E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuD1tkDXgLln6pBqTQySKP_RH7nNbhXH-Kl1F4Ppfnc6QMXf-RikiCYqjBy22u3eyUP-3Mw97IoO4Bwkx8aIpzNd9AII4lgz80jf8-Y8D8frr1tllLuhmdX9T_YHss-ICPe8-YZAZvdny55VePgGVcWbjJcOBo95k43jLhXWOjLXselr02FOBDz3bS_GAGn8Pku2Elioatj2al3hgYip16kDv5Abq6gZdDe7E8dV6wMP8zEFYfMpC5U-QqiX8bzA1wo4mOO4j-XhY4cj8xHFKQ_Z1CYMJPwvQ-aoO9wib6YZLv-ULhQQ6CLz5qSHSyLNo6c7kWqu3EfPEVvfEOERqxyJYvng4diHBu07V5rBRrS-kr4-tu7fh8k_sZ1lwTRfOXhekB3trX_gIl7Va_-uzSdhonSKztd2fm-o5aFZtu-EFAwkKZ2ccKKQjRdHvguxhCBgTNYztQdcjUJa9Nm7pPLp_bcBRWiM2u7AG_6wiM9woLOXQk5XApbKPuDgR6OL_6jp2ayCHWHTpGuUCapsez4u-U9w4g86m_8Wl8gWYoRKzI-Ct1JgDrwRWvZ_zNbi8BU0ELlKYpL5WBmvfilA2KyCl2lT1-v4AExVl8gXj1ge849yik4C3O9J-npVtOOXs9M4a2GzNWqi7GDvdA2qBdp4TAXei6S9VhVYGvDEq8V1nC8LsH_pfHdTNSmSvuHaNKMSW_bbPrCLcdDG6Mli55mBvHZjyC7Y-lCI27v_eY6wh7KF1EDkhd7BoXzqXwQwrGC68r3Aw_D4WomJcEzXRWuuQgKTuKLCvYNdWsmKE2Y0yyaXDPCKvRZOlxfZL3ZqqMNwyzOKBGT9i2awx7mLq32Fk1BrT7fZosfoa93_PLI-kAKFvtlM3XCLqiSvWq-UuPuqo_ACxtIvEAycy3B5qxGuPWi7xn_viK-tHUPCfdxjtPmVIO83PFgmLVc1TmcVir14h9NcAAo36HjNtwenF83U1UXwCyEVCzGNqc5p6zLfr1yE69Y-DGWpNZwpWx1ih_lEdVcR-2A4RH654JFmhY4B18tP4prRE39Wpdqo4BaqHJgnCv6ccxL8Ib6Bi30zna0Uh5UPBb6eVYD5POfx5EB13RKfc2zgLp8RqWpMVlSOW4mD1xdo3vpLQQcBc0ANiTFdj467drhep714f-CcZJdX-ydLD5XMmHmC8AQfU6OQ1YyJYtjpeD8SgxZe4yrSNdJif6Ch-r3s28qpT66OydbArCihvJhNwffxnuOu4zHu-Hbdb5as7I0DKcCSEGBX7g5c9iIPzZg50QjGZNPzZlRJq-DAn9Rl07z5NZq-cpLOAY4PKFyB8dCdMvYRu1YMY0ZbpxnB0FFuwtpkqIRw6m5RZhE&sai=AMfl-YSQm2MTg1k8CfifsaAKLeioueicS1zsuT1S1IznS72cSqxAdJvwS7I-sgGRLR4X9rhZoKDyVgMu3SOpciJUKr6wiQbhiE5sIHVM2uF9CeMotS-rZpuAGT8gFPgw29KPllmQLa9wXEw2cm4_wGKaAC_OkX7tjLgsVALz_9gDDlHcsUk5M0PV7wWJEDJsfsH-GKdBlpPAYDOTzStj8oaKm-3AHU4bLnUpYTdOAtJM16GEcSDrVY8ikUbfoFZODbuVelTXDKhkyc6MCpfoWRGSFIkPYmgpKsM2vF1HMH0kVuEK3i8IfbAN9k4TAWxc9u4liUKT&sig=Cg0ArKJSzORdEHOB-pylEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=375&cbvp=1&cstd=366&cisv=r20231207.53684&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 27 Dec 2023 21:06:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4a.js
static.adsafeprotected.com/ Frame 907E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1876851/77077875/4.js?adContainerId=brand_safety_1ZGMZaS8Le_ox_APkcmg6A4&cbFunctionName=goog_wrapCb_1ZGMZaS8Le_ox_APkcmg6A4&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:9000:223f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
wqioRwQ6PjOF0ajiBJeUY9WeHXPgiZbY
content-encoding
gzip
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
date
Wed, 27 Dec 2023 19:37:40 GMT
x-amz-cf-pop
FRA56-P5
age
334975
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 13 Dec 2023 19:37:38 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
hiHJX9oFyeAldj-Nnr7EQvyRX1nwaPCHT-o8wYmV3Tq9tRv8OA8J-Q==

Redirect headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B639 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
8456240
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
1ActTX5lQMsZp4-K5zpbFEx9_tU1dYiG7KbS1wLfueILioXCix7F_Q==
dt
dt.adsafeprotected.com/ Frame 907E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1876851&asId=683bf6e3-9424-ed02-8a9c-66552bc92747&tv=%7Bc:y2nalV,pingTime:-3,time:44,type:v,im:%7BpBlk:38%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZFYwO7+11%7C12%7C13%7C1411%7C1412%7C151*.1876851-77077875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8654:ca58:77f:995 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 907E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1876851&asId=683bf6e3-9424-ed02-8a9c-66552bc92747&tv=%7Bc:y2nalY,pingTime:-6,time:47,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZFYwO7+11%7C12%7C13%7C1411%7C1412%7C151*.1876851-77077875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&tpiLookup=ao:sousou-no-frieren.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8654:ca58:77f:995 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04E4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJ6jX1ZGMZaS8Le_ox_APkcmg6A4AAAAAOAHgBAI&bg=!AgGlAU7NAAY3kmNgF5I7ADQBe5WfOLrXPXjTUrN3uyUod0mrtsKzgZs8Ep2uFjCDfiBZxl8JRy44EOjCG0DtjAIxEgA2AgAAAEVSAAAAAmgBB5kDR6vZbLYJV5_lEc25cdtCbD1ZyzswTmVQVAOZ6xj-GvGKrk505dO9WSNotolQ0M0sNtohX8ZYgW20ZkvicBVxXdexr6Zr4slRSBfAfF560s5__gnvxVZNs49BdXT7qePARLzxVTq-f0SOH9ecObpaZm04seTd3uDrPO3coWLIHX3PMpbKWWmtK9YeoKr-1L5B8JpRliKmzlMFkp8PQ1mFMXKh3XCa-C4ajSe9DTAmpTIv59BytTv3RShEU-89KVUc8NziW5yWGWjneUHhvADioxQklOkOn3o0JUXd6zrQzA-JcWi0S2NkUViQ7rVEejf62_5U7Uu6w2vQ-0VmcqBBut7cMB_TAT9EW1BwrvlVgpFHpT_3mo2JLsHpaQsp8scHcdy7T6X4FQpEHW3PjXgAfpS_zZoTPO5rstOD7omJfj-YO3NiLcxq2yns2udbmeFJrF2hIAPFa19_ZBYpkvhsGFpSGcAU0TKzQV7LpkQFR6cKpEz1Xmn4Kr3jkRW0NtGq5yWNu57jR64V3RmvF2SAVzDNuVoOidu_z_MnNQBz1Ljc4dVRZCI58WklGATLnfpTJNz7Xzl_PgMbJ0G68NR5L5y22hlU0UWes3oNbtLEifXtYBM6abenwtWP1714gIkzG4QM8pHyXJpW305_K2BHBQBW_PfEqC363FMQDWDr_H2VZAADghJKFWJqh-rV9r4dGVU-JhMwhVgAsf1Zl-XlWH20mnOr8WdCnk-wa39h0BQsUC7xXIt0cT3j8CYHptcKjsP8NDv7XCvtynVF-ia8ahGg9Xjh5azSlJOC3luiQMJPoqG5jcntCg-6EH3ZTaI5MxELAYermTUqzHP_ljYrtfCltVYdZ7Wx-WsdRkypd9fbzGdO8ciMepWIj7qEeLLfQOgfTH95fM-H5x4XVHPIn34zdtN_U7JaLT_AfH3ytyw_Bad1VjBclO8Hwo9RSTkoWryiGgGmEHV60vdYu_Y003eq2vVsMqreuup5tvGH7oAB8g-UcKA9_5w03fe7cxeSdA37vBczo_9lD5tDTpDTl-RYHAEhUYdjJNcbueyjGmK6I2iRKmg83TpfUYuKj2nnHcOQtggQz9IBbFNeFgH2mQ579RFSbIfa
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 907E 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1876851&asId=683bf6e3-9424-ed02-8a9c-66552bc92747&tv=%7Bc:y2nam3,pingTime:-2,time:52,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:373,mdZ:746,beA:761,beZ:762,mfA:765,cmA:766,inA:766,inZ:770,prA:770,prZ:774,si:779,poA:780,bl:799,poZ:800,cmZ:800,mfZ:800,loA:807,loZ:810,ltA:812,ltZ:812%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZFYwO7+11%7C12%7C13%7C1411%7C1412%7C151*.1876851-77077875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:19,sinceFw:32,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8654:ca58:77f:995 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 907E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1876851&asId=683bf6e3-9424-ed02-8a9c-66552bc92747&tv=%7Bc:y2namR,time:102,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B95~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZFYwO7+11%7C12%7C13%7C1411%7C1412%7C151*.1876851-77077875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8654:ca58:77f:995 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enabler_01_250.js
s0.2mdn.net/879366/ Frame F9F0 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 12:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Dec 2023 12:23:29 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F9F0 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Dec 2023 21:06:30 GMT
script.js
s0.2mdn.net/sadbundle/15402133379827368673/ Frame F9F0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15402133379827368673/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7192dc1f4c88d8654d896cff65fcf0f5af1920ff3e5eeabfc1d1503c18b3c557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15402133379827368673/index.html?e=69&leftOffset=0&topOffset=0&c=eVMtuofGkJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 13:17:31 GMT
date
Mon, 25 Dec 2023 13:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4628
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 09:24:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3016253941172615&bg=!_v2l_bLNAAY3kmNgF5I7ADQBe5WfOB1OlwHjeVj1LFMwFn-478_1jCqW4oWRmS0zXucySXZ9DFi5ViR-LAE2iIWnwi31AgAAALlSAAAABGgBB5kDB65ZnqmeyoISLnHDpw1ov2UE9fsA2gcqtPnZBWLVTT_fmLIjZtfieKPdf90z8v_v-4Lkta-jisS3kyFaS6wLKzIvmN0juBBCOr8iZkpZAz7LmZG1I6O-4UtQunaoqLflWJExgw50llg2h5Q2jYa-zCWqpCarIa9v9Jv-20plMQlyNtCW4IcjgiP9_Q1ahivTAGZaqws7rZtNkyoeeBd_5CrCaXwXRwuIzuHhoulNjuPlQ7k1OYvtzFg5MkfZsZkbmLLLg1abPRYeaRr8QMvFV3raeft9YReuZ04r4JEofIjpM5-UIODJQqexNq9xIt-0Ak2jBx1EHlHkYwM2JKv2ig8NiycEJu51p7_MzyNqOE1EKc7ZwEolYbq9-GRN7EDSl2lVFXluUIgsJL1X28Gy1r7CjeM8Pz7s3b8HwcoWca51iRSN-tEXk-yioABfLJ2lHEUvd3P2liEhGWOv1VH4uDmMQEnCnkbmD4gJDz6AR47W7LfNOo0Rh6_QxwNtWkFvLhDm_DJPpyma0sAgEPZBp94u9fYzPRay3daBZupe18XTQYdQGL5wksMh11_svV3eS9DaOmY9RbdbxYCip9dySwNbc_MIoEaq7L9NhDwvMJd5q8Um8vRtICoefYPTgK2kP301rHvsP-gAwxvyLcGN7Qh9BDvWw9_rmHtHg-Lvb9_SM04a-vm4Jsit4I3zPv41HUbaNQpxtglLEypmcAagYVkox1X-k9IEMp9Cc3RDD5FrDpzk8yRGsxlUfTgwr3-3KH4iP5G3a6RCZYOsNq_aL39fNLjxCAtknVw5JQo4-TVyBbvmQLqEo36YGVgr8C115l_c-h9VY13IJqQ77OVzXBPrBBKSL8eILycLR0eKenNSlip0qq2gKmY_1RSiQ1TlvyQEclBnmrmmaI5p5fynIVz_TUlGcRaJHlLkgZC3rK85nRDm1bVvCWJAxMVs03ONjAFLfCLShP_vlKACzn3F8emYf-D1pLcFsvGcgwHNKaQFFnU3IdDcv7uHJgdfQi3VhHSR4kXjifM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sousou-no-frieren.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame F9F0 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 907E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuD1tkDXgLln6pBqTQySKP_RH7nNbhXH-Kl1F4Ppfnc6QMXf-RikiCYqjBy22u3eyUP-3Mw97IoO4Bwkx8aIpzNd9AII4lgz80jf8-Y8D8frr1tllLuhmdX9T_YHss-ICPe8-YZAZvdny55VePgGVcWbjJcOBo95k43jLhXWOjLXselr02FOBDz3bS_GAGn8Pku2Elioatj2al3hgYip16kDv5Abq6gZdDe7E8dV6wMP8zEFYfMpC5U-QqiX8bzA1wo4mOO4j-XhY4cj8xHFKQ_Z1CYMJPwvQ-aoO9wib6YZLv-ULhQQ6CLz5qSHSyLNo6c7kWqu3EfPEVvfEOERqxyJYvng4diHBu07V5rBRrS-kr4-tu7fh8k_sZ1lwTRfOXhekB3trX_gIl7Va_-uzSdhonSKztd2fm-o5aFZtu-EFAwkKZ2ccKKQjRdHvguxhCBgTNYztQdcjUJa9Nm7pPLp_bcBRWiM2u7AG_6wiM9woLOXQk5XApbKPuDgR6OL_6jp2ayCHWHTpGuUCapsez4u-U9w4g86m_8Wl8gWYoRKzI-Ct1JgDrwRWvZ_zNbi8BU0ELlKYpL5WBmvfilA2KyCl2lT1-v4AExVl8gXj1ge849yik4C3O9J-npVtOOXs9M4a2GzNWqi7GDvdA2qBdp4TAXei6S9VhVYGvDEq8V1nC8LsH_pfHdTNSmSvuHaNKMSW_bbPrCLcdDG6Mli55mBvHZjyC7Y-lCI27v_eY6wh7KF1EDkhd7BoXzqXwQwrGC68r3Aw_D4WomJcEzXRWuuQgKTuKLCvYNdWsmKE2Y0yyaXDPCKvRZOlxfZL3ZqqMNwyzOKBGT9i2awx7mLq32Fk1BrT7fZosfoa93_PLI-kAKFvtlM3XCLqiSvWq-UuPuqo_ACxtIvEAycy3B5qxGuPWi7xn_viK-tHUPCfdxjtPmVIO83PFgmLVc1TmcVir14h9NcAAo36HjNtwenF83U1UXwCyEVCzGNqc5p6zLfr1yE69Y-DGWpNZwpWx1ih_lEdVcR-2A4RH654JFmhY4B18tP4prRE39Wpdqo4BaqHJgnCv6ccxL8Ib6Bi30zna0Uh5UPBb6eVYD5POfx5EB13RKfc2zgLp8RqWpMVlSOW4mD1xdo3vpLQQcBc0ANiTFdj467drhep714f-CcZJdX-ydLD5XMmHmC8AQfU6OQ1YyJYtjpeD8SgxZe4yrSNdJif6Ch-r3s28qpT66OydbArCihvJhNwffxnuOu4zHu-Hbdb5as7I0DKcCSEGBX7g5c9iIPzZg50QjGZNPzZlRJq-DAn9Rl07z5NZq-cpLOAY4PKFyB8dCdMvYRu1YMY0ZbpxnB0FFuwtpkqIRw6m5RZhE&sai=AMfl-YSQm2MTg1k8CfifsaAKLeioueicS1zsuT1S1IznS72cSqxAdJvwS7I-sgGRLR4X9rhZoKDyVgMu3SOpciJUKr6wiQbhiE5sIHVM2uF9CeMotS-rZpuAGT8gFPgw29KPllmQLa9wXEw2cm4_wGKaAC_OkX7tjLgsVALz_9gDDlHcsUk5M0PV7wWJEDJsfsH-GKdBlpPAYDOTzStj8oaKm-3AHU4bLnUpYTdOAtJM16GEcSDrVY8ikUbfoFZODbuVelTXDKhkyc6MCpfoWRGSFIkPYmgpKsM2vF1HMH0kVuEK3i8IfbAN9k4TAWxc9u4liUKT&sig=Cg0ArKJSzORdEHOB-pylEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=819&vt=11&dtpt=444&dett=3&cstd=366&cisv=r20231207.53684&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 907E 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssruFb4kFsBJ3r3CUkep1WJxoAQnZ1WJ0qLrNIEe4GhdQcN7FnZxpjTItFBa20yBuIgSDKMqFISKQJ8HnCSHii8x9aZnwPQ0_bEdj6wPXLISSIdx6sAt1YRSsWEyqT3Lyozwa1lOShYDg33INQQuDZL4T2CsstTQ3_RoTjH2oIwfs1cVrHuh0-Q4XzJ00r4uT0LTVLOSwdCpSRkd1Hqp_SPHGba1wF9&sai=AMfl-YQuvUYyVwf-ictcdDtuhBwV5bB_b3kBMFdevcrw6XdxZeeqRKKrm8kqMpvaJWKmTbnqfGoVbL87r1medCXWS1bh1myMLjBsF3qhOftk1CTzJY2C7OOvpDZA_GBxLNyN0wyK8VcdPd1dhIa4eSN73EHmIGwh&sig=Cg0ArKJSzFHHACRCyNZpEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=
Requested by
Host: sousou-no-frieren.com
URL: https://sousou-no-frieren.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:06:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 907E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1876851&asId=683bf6e3-9424-ed02-8a9c-66552bc92747&tv=%7Bc:y2natT,time:538,type:e,im:%7Bimprf:%7Bttecl:901,ecd:490,tsecr:4%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:538,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B531~0%5D,as:%5B531~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZFYwO7+11%7C12%7C13%7C1411%7C1412%7C151*.1876851-77077875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:19,sis:513%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8654:ca58:77f:995 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:30 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 907E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1876851&asId=683bf6e3-9424-ed02-8a9c-66552bc92747&tv=%7Bc:y2nay9,pingTime:-10,time:802,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703711191061%7C%7C52e66ef62aaf477059acbc849e91b2fb%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C5c90fedf96e968f253e2114795e2455d%7C%7C5bfdcfc032896198da641e00fc7e1c33%7C%7Ce2aba8d4dd060ae999c41683cd5170c2%7C%7C71e04d72492b6ab7267be2b1783261b6%7C%7Cb1cf3613e73560822aab835e5d998cd8%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8654:ca58:77f:995 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:31 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 907E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCU9XlJu0qMe72bFYeNoZNA7bj1U6FLpSoMGSXf02_qIKq2lq7w7ub7S3umJKjsZfvnLNR_yo65Fpw-a6u5g1gs05kp_ZSZD_Bh8clA6ThADWBxi2cV-DbZ8ho4TULvZ-vtEoHnJbZT8-6dtSR3g5HdmCo&sai=AMfl-YSyfyMrvjybBPU00urf6To_D10IfRBJ1JydBmZeJRwdS39HLivRnvm3CZsCnXjaGE2xwIS5sz-eDhPmSmnentx2D6K12hLRfdDGWe6PW1TG5wWC7Xfpxs1vWn0LMsCfc49g7BW7rDu79BBJQ27EGA&sig=Cg0ArKJSzFsXmVcxX5dBEAE&cid=CAQSTwAvHhf_TLXCr178vkgHYspNEZrw6ZKqVOByT16ZnRMKLuPl_RYaOoae_1JaD018l1kXq-10mQ-tACipwqFJLt1dwzmswehNdYrwQDe8jaIYAQ&id=lidar2&mcvt=1020&p=0,0,90,728&mtos=651,1020,1020,1020,1020&tos=651,369,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703711189499&rpt=537&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 907E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1876851&asId=683bf6e3-9424-ed02-8a9c-66552bc92747&tv=%7Bc:y2naBZ,time:1040,type:e,im:%7BpLoad:1013%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1040,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1033~0%5D,as:%5B1033~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:207,fm:tZFYwO7+11%7C12%7C13%7C1411%7C1412%7C151*.1876851-77077875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:19,sis:513%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8654:ca58:77f:995 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:31 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 907E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9892820236027&version=m202309260101&ct=76&x=1&cor=13432946504860373000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 21:06:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
-egg.com
URL
https://-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture function| $ function| jQuery object| DarkMode string| GoogleAnalyticsObject function| ga object| essb_settings function| documentInitOneSignal function| OneSignal function| loadCSS function| _storage number| amountScrolled object| jQuery111309226072675514096 object| adsbygoogle object| wpDarkMode string| popns boolean| ppuDisableTrigger object| ijoawc object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| wp object| SUShortcodesL10n object| SUImageCarousel object| lazyLoadOptions function| LazyLoad number| height object| gaplugins object| gaGlobal object| gaData object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| dataLayer function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| google_tag_manager object| google_llp object| GoogleGcLKhOms object| googletag

15 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: nXgzjncTYeSeXC8av.WioYfFqTtuOKFWx4BhZbwKfdg-1703711188-1-AX4BXxZlv+UJ93I154w7184sHjgTGrUW/u/dU01MHIdfbWxr4zKcEA8L4bVFupBbFCguuYb47RdUXfRmpxGGQuA=
.sousou-no-frieren.com/ Name: _ga
Value: GA1.2.429877986.1703711188
.sousou-no-frieren.com/ Name: _gid
Value: GA1.2.331848382.1703711188
.sousou-no-frieren.com/ Name: _gat
Value: 1
.sousou-no-frieren.com/ Name: _ga_466YVPYP3T
Value: GS1.2.1703711188.1.0.1703711188.0.0.0
.sousou-no-frieren.com/ Name: __gads
Value: ID=911126119cf38649:T=1703711188:RT=1703711188:S=ALNI_MbcpVIRjG_bnPoAN8QyXew5KO2ahQ
.sousou-no-frieren.com/ Name: __gpi
Value: UID=00000d2cb22ba4a1:T=1703711188:RT=1703711188:S=ALNI_MbxdhBOboluoewLZtAE9Cl1mG9YGA
.doubleclick.net/ Name: IDE
Value: AHWqTUlvp21u6XCXDM_xDVT-KRE4ZlB1SjhSPCvVZ3cNSPRsBPRMHT8YjAK58M3R
.casalemedia.com/ Name: CMID
Value: ZYyR1fHe8Qxi0oTMA-qoAAAA
.casalemedia.com/ Name: CMPS
Value: 5071
.casalemedia.com/ Name: CMPRO
Value: 5071
.doubleclick.net/ Name: APC
Value: AfxxVi6Xq191tO7bqiC4s0m7nQ_0iKiJCZ08c86L3eQuHl2LiNt-fA
.adnxs.com/ Name: uuid2
Value: 2279592430935676013
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVQuqh]_!]tbPl1M>e)ZlrFUfJ+tGXxoD:)QR6J-Y5BEZ@[T9xA@+>Ywi(YZTJ!W*Ak<3If)y3KL9D3I?+_bKFX2
.doubleclick.net/ Name: DSID
Value: NO_DATA

2 Console Messages

Source Level URL
Text
network error URL: https://-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
deprecation warning URL: https://sousou-no-frieren.com/
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

-egg.com
cdn.mookie1.com
cdn.onesignal.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.imgur.com
ib.adnxs.com
img.onesignal.com
onesignal.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
sousou-no-frieren.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
-egg.com
pagead2.googlesyndication.com
142.250.185.162
142.250.186.98
146.75.120.193
172.64.151.101
185.89.210.212
2001:4860:4802:32::36
23.36.162.12
2600:1f13:800:7780:8654:ca58:77f:995
2600:9000:223f:7a00:8:48e:53c0:93a1
2606:4700::6812:d63b
2606:4700::6812:d73b
2a00:1450:4001:803::2006
2a00:1450:4001:808::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2001
2a04:4e42:600::649
2a06:98c1:3120::3
2a06:98c1:3121::3
52.214.121.166
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05614e931955c71e4f9c792381923a5556b19bf372ae3f834d735f5939bb3447
07c7cf0bcdb262bb9296591239a74888beed73e423bc4e8bd40f0c6c417303ec
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
1690266a4def354da2feda545468781eefe065dab28c28e115ef23160308206b
175becf213b86cefc4c9311f266bbd52160a242c77082909728f5935294e7a21
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18af68cdb5928416d802fc42962839755ce2517700538de10b8ad28db5ae7e15
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f
1cb90d387cae95ecb2fe2aacb4cdd199873b8fb62f77427b58cdbdded8c85a2c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d3476db1f13a153b033ed8f4deef7a4bce2fbf48a3316b9f6bf25708a33bf87
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
368844fc3c1b4d0cbe6f963818ee9c45134348dd744481578a733cf71e4bd7bb
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4a1c02813fd47455b70afa1adc9f476e2646f10a56d8ec778ddfe8118d937ef4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657fde7e6a7b4cedca3c0e02c94b91b72b621983c23f069e1f66cbc6f0402974
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6de91cc679c05f589449ae7e246ef42411de2ff3db8e238f2de43106449edeee
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7192dc1f4c88d8654d896cff65fcf0f5af1920ff3e5eeabfc1d1503c18b3c557
79aa589ea67e7cf0948e93747d340979e46b9ea4542c3755abc1ac09e4ec0ecb
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
846bb8e6d88c53a345ab5091fcaed82ab3a7460e4993ff62daa81a73228ea72f
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
86820ecdb1522eca1bd651b864b6a2847de2c3d6e5496cc6bcd77fa6bf6318c8
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9246a3a72c7a4d7ff84a694de71b80d2d895fdb66d16ecf39d65b53427fae6b2
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c661376fd6275029eba6e35e45ab10a8f70b857fb53dcf442781ab3937231b7f
cfa73c11a976d01ae1278df2317f722c36fb825ab244694ca7dddc1ae94a9343
d499434d838c500a9911c5d9d0d45d4f090b0e7a81e0af77b3c8a671c69a6777
d5a6d5271e675e56a1da3ab0ddac24e70a88e7581adf9affc809d147780bef1d
d84680cc08e8d0b28a4abc7e9637907f63802e8e882535a3bb208932dcbcfe1d
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd82f6fc030a4b38eca7176b079619808ba33965e942cf6273c18dac1ddb39c9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8d41eb43d715f41aa6a2f05ca10b37a556debf3cb3be69cc34eb771f2bfa0a
e1d9183dac3e1ddde897b5a1718d18f42b50c6ab8fe9deab8b29f04bd2cb2d8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e83964f9cba2d0aba6b916c9b48eddcad99779f9b56794134c7a1e0b13f5ce
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e913a8990c885bd71ef289a424530af23b9aa3e431085874a2ed8681d93f95b7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1526a7a7d55c85044688dd32d05f976d5ab0768d4e801c3c81046544e02fb0a
f44cd6d91d41fe82d88e18673fa861f49e59eb90a6234ccfa2ef8271ff41dc45
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717