www.decencydefied.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.decencydefied.shivtr.com/
Submission: On January 08 via api (January 8th 2024, 11:13:18 pm UTC) from US — Scanned from US

Summary HTTP 95 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 95 HTTP transactions. The main IP is 45.33.21.148, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.decencydefied.shivtr.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 8th 2024. Valid for: 3 months.

This is the only time www.decencydefied.shivtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	45.33.21.148 45.33.21.148	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
12	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
13	52.217.10.38 52.217.10.38	16509 (AMAZON-02) (AMAZON-02)
11	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
5	104.26.7.108 104.26.7.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
5	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
24	172.64.172.36 172.64.172.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.35.164 142.251.35.164	15169 (GOOGLE) (GOOGLE)
95	11

7 45.33.21.148 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com

www.decencydefied.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.217.10.38 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.26.7.108 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.algbid.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.algbid.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.64.172.36 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.164 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	345 KB
24	bidbrain.app cdn.bidbrain.app — Cisco Umbrella Rank: 43436 g.bidbrain.app — Cisco Umbrella Rank: 39931	665 KB
13	amazonaws.com s3.amazonaws.com	74 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	78 KB
7	shivtr.com www.decencydefied.shivtr.com static.shivtr.com	225 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	324 KB
5	algbid.app cdn.algbid.app — Cisco Umbrella Rank: 26652 g.algbid.app — Cisco Umbrella Rank: 25694	56 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
0	xivdb.com Failed secure.xivdb.com Failed
95	10

	Domain	Requested by
16	cdn.bidbrain.app	googleads.g.doubleclick.net
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	s3.amazonaws.com	static.shivtr.com
12	pagead2.googlesyndication.com	www.decencydefied.shivtr.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.decencydefied.shivtr.com
8	g.bidbrain.app	www.decencydefied.shivtr.com cdn.bidbrain.app
6	static.shivtr.com	www.decencydefied.shivtr.com static.shivtr.com
5	www.googletagservices.com	googleads.g.doubleclick.net
3	cdn.algbid.app	googleads.g.doubleclick.net
2	g.algbid.app	www.decencydefied.shivtr.com cdn.algbid.app
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.decencydefied.shivtr.com
0	secure.xivdb.com Failed	www.decencydefied.shivtr.com
95	14

This site contains links to these domains. Also see Links.

Domain
shivtr.com

Subject Issuer	Validity	Valid
www.decencydefied.shivtr.com ZeroSSL ECC Domain Secure Site CA	`2024-01-08` - `2024-04-07`	3 months	crt.sh
static.shivtr.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
algbid.app Cloudflare Inc ECC CA-3	`2023-11-02` - `2024-11-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bidbrain.app E1	`2023-12-31` - `2024-03-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.decencydefied.shivtr.com/
Frame ID: B60199C3CDCA3A2B4ABED80D45F03677
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: CBB8822C879C90D4C4749A3EB71F0319
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1704755593&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593369&bpp=5&bdt=1123&idt=406&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2938189876253&frm=20&pv=2&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=433
Frame ID: 00C5536C0CD56259B381D9CDA1F463F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1704755593&format=728x90&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593374&bpp=2&bdt=1127&idt=433&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938189876253&frm=20&pv=1&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=442
Frame ID: 1B3FBB79F09B08655DCAC3AE193C98E8
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 79B1F9B9C9F1D39ADC964F9D3EDD0D81
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 487D0733A16DB1B12C41207F1B8770B1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 95FAB0C4E33C0E6AEDE187B6A02D8F2F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 86081729FD3368D9FFF10634FF6FF814
Requests: 13 HTTP requests in this frame

Frame: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Frame ID: 6CA2638D657AA14D3AB6D6222E795196
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2DDA2AEB8BF50FD67AEABDD709C71560
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCC8864CEBFA7D2BA41CB5D3F9BBE068
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Decency Defied

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

95
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

11
IPs

2
Countries

1768 kB
Transfer

4384 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://shivtr.com/group_pay/7877/payments
Title: Donate Days

Search URL Search Domain Scan URL

URL: http://shivtr.com/
Title: Guild Hosting

Search URL Search Domain Scan URL

URL: http://shivtr.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://shivtr.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://shivtr.com/legal
Title: Legal

Search URL Search Domain Scan URL

URL: http://shivtr.com/security
Title: Security

Search URL Search Domain Scan URL

URL: http://shivtr.com/help
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.decencydefied.shivtr.com/ 8 KB
3 KB 433ms
179ms Document
text/html 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.decencydefied.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li975-148.members.linode.com

Software

Caddy /

Resource Hash

c9806b9891143bb78b0d266327c038c9dd66143b11280002d98b74b298240953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 23:13:12 GMT
etag: W/"c9806b9891143bb78b0d266327c038c9"
referrer-policy: strict-origin-when-cross-origin
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: acc7100d-b131-4a71-b45f-79adf8d3a750
x-runtime: 0.072122
x-xss-protection: 1; mode=block

GET
H2 200 guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/ 218 KB
38 KB 309ms
106ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:12 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq4s2q"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 1545-1687776013.css
static.shivtr.com/css-cache/site_themes/ 25 KB
5 KB 296ms
94ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 395a57e23932bc66a3e00e7499f4df59218776013a6eddcc7842b1cd8efb6cac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:12 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 10:40:13 GMT
server: Caddy
etag: "rx7uz1jk0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js Show response
static.shivtr.com/assets/ 608 KB
166 KB 360ms
158ms Script
text/javascript 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:12 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgqdcmv"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 449ms
178ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

602589c57da4da8f4ad43ba8c58d7ac226126f52ad44e4a984545eaed01493b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51316
x-xss-protection: 0
server: cafe
etag: 11993292970226548203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:13 GMT

GET
H2 200 favicon.png
static.shivtr.com/s3/missing/ 382 B
460 B 226ms
224ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/s3/missing/favicon.png
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:12 GMT
last-modified: Wed, 28 Jun 2023 04:24:58 GMT
server: Caddy
etag: "rwy49mam"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 382

GET
H2 200 home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/ 250 B
291 B 226ms
225ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/assets/mobile/toolbar/home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:12 GMT
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq6y"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 250

GET tooltips.js
secure.xivdb.com/ 0
0

GET
H/1.1 200
OK 17370.jpg
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 64 KB
64 KB 572ms
149ms Image
image/jpeg 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17370.jpg?1383700728
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6a6ef7b481aace1f3aae99051ee4a3eb75ed613e53a240984418b2e933d06182

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:49 GMT
Server: AmazonS3
x-amz-request-id: N37N75084D9J2JXR
ETag: "b7bb0d5f6532cbf6ab86537e847fd484"
Content-Type: image/jpeg
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 65588
x-amz-id-2: H95kHyLDd1UvxhWMz4gSMYSi4lLyKuqw7YuTwWd+VjvAZ6hWB2lo3O5k2quM1Dbis4sA7tgxmFI=
Expires: Mon, 05 May 2014 23:37:49 GMT

GET
H/1.1 200
OK 17378.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 422 B
873 B 729ms
159ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17378.png?1383700730
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7aec358ff3140eddbdbc0e3fe27f8503d70327dae78a6b611bff3ab510c53226

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:51 GMT
Server: AmazonS3
x-amz-request-id: N37PDZ46VZFRJD0F
ETag: "4a4b8bfa0917b11d0c566e46fd078b7a"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 422
x-amz-id-2: SQbFBK0+WrLsKQ3SmJRtX1Ef0Wmm+yKjtMc6H3uYVZHzrqWvnsjPFXAWKMyzNNxhcmt/H4tvHJU=
Expires: Mon, 05 May 2014 23:10:52 GMT

GET
H/1.1 200
OK 17379.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 449 B
900 B 586ms
154ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17379.png?1383700730
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 76c001f1ca0862a209ba90914439764536887aa1888ddbf98fa4bb2888d1ac31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:51 GMT
Server: AmazonS3
x-amz-request-id: N37TMK8E80X4WX67
ETag: "c5e2d2c410dcfb133278039e2faa9328"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 449
x-amz-id-2: REhvviX64lhdEnXoqQF8lrG8Gnnecj7bo99xPEFmdjlL58+BDRS5+Q44TysSlLAyUY079bQLnq8=
Expires: Mon, 05 May 2014 23:37:49 GMT

GET
H/1.1 200
OK 17377.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 216 B
667 B 567ms
149ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17377.png?1383700729
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5582017e43464f17b0b9e6bedbce329014aff87c7cef787273710a9d64e80d82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:51 GMT
Server: AmazonS3
x-amz-request-id: N37PJ1QTA18B372Q
ETag: "70d089f34374720a2ed37885dce66e69"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 216
x-amz-id-2: Po7oHPWycylNWFS5ZfjLKjv1BB19gtTKTLjgCJNYYFQmC0+NVLtggRLtg8FgwtdggMqdT3QLYe8=
Expires: Mon, 05 May 2014 23:37:36 GMT

GET
H/1.1 200
OK 17372.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 146 B
597 B 576ms
159ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17372.png?1383700729
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a0ab3f8f3fe9fcacba9e149f8642cee5bdddc3c96696b1c835474fda4aa10ef9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:50 GMT
Server: AmazonS3
x-amz-request-id: N37G3Q0BA05RXDFF
ETag: "5d3828fe4ba1dc246edf1caeee75c429"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 146
x-amz-id-2: OSsijlyvNwTPOQ1V3Jr8I6pmYPgVRIqbtJeALQNU0d990FjCaG4hFkLVORFaItBFZ3nZ6gccch4=
Expires: Mon, 05 May 2014 23:38:06 GMT

GET
H/1.1 200
OK 17373.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 146 B
597 B 611ms
192ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17373.png?1383700729
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2a69354f160dcdb9328a9cc0c863f26f767518a6c5ebe331ce89cdacca2cd440

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:50 GMT
Server: AmazonS3
x-amz-request-id: N37S259HDJYF12YR
ETag: "2bb0ffcb76fcee930b050f6229838291"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 146
x-amz-id-2: InlK9RcqvJpjYr/5NuM5Psz5Q2N+pXcCPWy2P2Qc/wAEvjD1B12zRkJyfvp4ZlGa9eoi/nRe3gA=
Expires: Mon, 05 May 2014 23:11:17 GMT

GET
H/1.1 200
OK 17371.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 114 B
565 B 402ms
168ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17371.png?1383700729
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09da367214a9f4198f731d3dc4b9bad9e480a3902f218980caba5983335bbd1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:50 GMT
Server: AmazonS3
x-amz-request-id: N37Z5AXPX9XMFPD2
ETag: "0d3cb5d318446fa8911e2765c1d7e9f3"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 114
x-amz-id-2: i0yh1B6cT0yU9KQzYEgUfHetBniJCSuN8ugrhuxU7S+a7gbZEss+Nob0PQZbFrgkOKayadYemNo=
Expires: Mon, 05 May 2014 23:37:58 GMT

GET
H/1.1 200
OK 17375.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 366 B
817 B 405ms
162ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17375.png?1383700729
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e6371400c7c2f3090de70cf741f1a9f0ec6ea712668c32da5c7735d275ca67f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:50 GMT
Server: AmazonS3
x-amz-request-id: N37YTQJBYTYRMM94
ETag: "49ffeec40d8842a478568369ed288820"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 366
x-amz-id-2: B2y8fA0Sh4yec53WMjX3sw5QLSTr80vGBlch0OI/dS+vvLR1wwvabXLTdf1BIpNxI0Mt8U6vT3c=
Expires: Mon, 05 May 2014 23:38:12 GMT

GET
H/1.1 200
OK 17376.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 341 B
792 B 414ms
174ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17376.png?1383700730
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b63f1a9773a981c000c5837b28a4f413afd690a593df8750b8e4a5e4c2021cdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:51 GMT
Server: AmazonS3
x-amz-request-id: N37MG1CKYR6596F2
ETag: "1d7d6aa8e41ea0da249704a5bb35ceb6"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 341
x-amz-id-2: vemR7rl3TXWA6Nghbtpk+vXli4HZV0T7P9NVUs++MGE+HupG3VF3syXu1S0TeGtzpgzvSLo3D0g=
Expires: Mon, 05 May 2014 23:11:24 GMT

GET
H/1.1 200
OK 17374.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 202 B
653 B 403ms
156ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17374.png?1383700729
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 76448a768a8d6a29d26beba2594d9850afaab9116dd7dd688f6e18a451c9effa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:50 GMT
Server: AmazonS3
x-amz-request-id: N37P55BTN1H9ZN3B
ETag: "bf4a76b3cfcbad9f53b3eafd67cfec53"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 202
x-amz-id-2: 2urdxe5JdMOAqZvTw64QUqfvqjrSFWgsBYaQXqUQeQ74Od6H9PcRTHWPj8PJqH/ZNhRYA3l8DZY=
Expires: Mon, 05 May 2014 23:37:52 GMT

GET
H/1.1 200
OK 17382.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 749 B
1 KB 577ms
176ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17382.png?1383700731
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b41ff57ae55fcd43297fa87d8685fc0c231b9214aba978c4781e37a50af6b17e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:52 GMT
Server: AmazonS3
x-amz-request-id: N37Q5YBTHG4N08WD
ETag: "f64492c764f12f8ea3930b7edd66bac0"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 749
x-amz-id-2: IYPli0YsT2ACTGQeTw0BwBkpNtgtIVoWF9ivhhPQ5rxNViQ3UtNEGM1DSxt+fNyTbWkH+rrSySo=
Expires: Mon, 05 May 2014 23:37:52 GMT

GET
H/1.1 200
OK 17380.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 203 B
654 B 400ms
168ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17380.png?1383700731
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a1b5169f3b94d6a3f3b96173e8df6ef29fc482c9e240d024537d5f89c2121f1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:52 GMT
Server: AmazonS3
x-amz-request-id: N37QE3392KWHS8Y7
ETag: "814dae65587e029015ab5ca02fe5eeb7"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 203
x-amz-id-2: Lj5EjA3tWZQ/YuahgkzTDvlLtRXa4KFpKe2K5Q6u9EKGKG1j11TaLjvwhdin4xPDI8vA1qSMD1o=
Expires: Mon, 05 May 2014 23:38:06 GMT

GET
H/1.1 200
OK 17381.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 568 B
1019 B 401ms
161ms Image
image/png 52.217.10.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/17381.png?1383700730
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/1545-1687776013.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f0ace250121a3e485061835cd2fb15104bbb686fed83def2c70f84b780a20954

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 23:13:14 GMT
x-amz-version-id: null
Last-Modified: Wed, 06 Nov 2013 01:18:52 GMT
Server: AmazonS3
x-amz-request-id: N37WMN23ZMR2B3JK
ETag: "6a454a35045e124b7c67b42aa5f13a94"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 568
x-amz-id-2: 5yiD+GP504rjOZOyK9uJlcSE4afBrRD80Bdwz4rmQoI+nyS6vh5vz8umIjmKuhrOcVYUdeLaKeU=
Expires: Mon, 05 May 2014 23:37:58 GMT

GET
H2 200 Noci12-c421b186f617e706af05c6d5e3dfa9089d37cd80f27a9899866f991602d9f8d3.woff
static.shivtr.com/assets/ 13 KB
13 KB 288ms
95ms Font
font/woff 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/Noci12-c421b186f617e706af05c6d5e3dfa9089d37cd80f27a9899866f991602d9f8d3.woff
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 3a1bbd03003833a6dfbcc82556fe57bb353c3b7480bfdd133a055b315207a5cc

Request headers

Referer: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Origin: https://www.decencydefied.shivtr.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:13 GMT
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgqaac"
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 13332

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 181ms
180ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

03e148538b9fcf13db5414fb932c570c1bb6a2e6584f88e66c85714a7ab6b8a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139390
x-xss-protection: 0
server: cafe
etag: 11280755194163862085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:13 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame CBB8 9 KB
4 KB 405ms
130ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 41430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 11:42:43 GMT
etag: 9219409622527106327
expires: Mon, 22 Jan 2024 11:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00C5 289 KB
39 KB 611ms
607ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1704755593&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593369&bpp=5&bdt=1123&idt=406&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2938189876253&frm=20&pv=2&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=433

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

5134570227afba46b72b8939516e6ace9c3733d41e2b33b0905f6d5e9fbb4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39510
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:13:14 GMT
expires: Mon, 08 Jan 2024 23:13:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 160ms
158ms Image
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=status_bar_position&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:13:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B3F 44 KB
18 KB 551ms
547ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1704755593&format=728x90&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593374&bpp=2&bdt=1127&idt=433&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938189876253&frm=20&pv=1&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=442

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

92c6c828fc6117057fc4322c4455384e9bd92a00fabcb46222344f14394dee26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17846
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:13:14 GMT
expires: Mon, 08 Jan 2024 23:13:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index-9054913c.js Show response
cdn.algbid.app/ng-assets/creative/assets/ Frame 1B3F 107 KB
40 KB 225ms
76ms Script
application/javascript 104.26.7.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.algbid.app/ng-assets/creative/assets/index-9054913c.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1704755593&format=728x90&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593374&bpp=2&bdt=1127&idt=433&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938189876253&frm=20&pv=1&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=442
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1086
x-guploader-uploadid: ABPtcPrjzt60S4DCBD-XqPqqQcmFg-1vUP933RXzz2RV6j-ffbqJtc3OlQnMOs3SWFgaYsEk6Ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 27 Dec 2023 15:31:02 GMT
server: cloudflare
etag: W/"40e352943a9eb2976fe265c973a285f1"
vary: Accept-Encoding
x-goog-generation: 1703691062394998
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=qIxOWA==, md5=QONSlDqespdv4mXJc6KF8Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg8bAM4s9JusJ5J5ktBGH3twXVbx%2FQs8DUeh3CH5%2BDXpLwVPwTeiH7cppF2inWxpowR%2FpHwIn%2FaSd9oVAwPQC7u1iMlB6WxeuIUi4Pi5gm2zvkhY3Mua3j7mKqIhKGWq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 109104
access-control-allow-origin: *
cf-ray: 842821422da67d58-LAX
expires: Mon, 08 Jan 2024 23:20:57 GMT

GET
H2 200 index-af5b3122.css
cdn.algbid.app/ng-assets/creative/assets/ Frame 1B3F 13 KB
4 KB 227ms
79ms Stylesheet
text/css 104.26.7.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.algbid.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1704755593&format=728x90&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593374&bpp=2&bdt=1127&idt=433&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938189876253&frm=20&pv=1&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=442
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2567
x-guploader-uploadid: ABPtcPoDCj-9i9ngvjB1u4l4EjUgvI3b8v4UfVH7F7e-HiRV87nPpS7V-2umirVvRwfKJSGvBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Mon, 11 Dec 2023 09:35:44 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
x-goog-generation: 1701096253798128
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvqQDqsBU1gqLyCYE9C%2BtsJUKug1FNT184taZ2mhD4HG%2BTHsmwysOZXY5YPpiJ2sitMmk5vf7Yct60xjnTz2VajCyaVtL%2FAjiSANoQqWhg3eJjEnmIzCNS5oXKLPvc7U"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 842821422ffa2f17-LAX
expires: Mon, 08 Jan 2024 23:21:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 1B3F 3 KB
1 KB 423ms
145ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1704755593&format=728x90&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593374&bpp=2&bdt=1127&idt=433&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938189876253&frm=20&pv=1&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 1B3F 20 KB
9 KB 408ms
130ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B3F 205 KB
65 KB 426ms
148ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:14 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 161 KB
55 KB 180ms
179ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

0142d9421cbe91db2256a41e6882308a2be01a41ff9da25d16e386b98e2846b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56246
x-xss-protection: 0
server: cafe
etag: 11147977314768400817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:14 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame 79B1 9 KB
4 KB 132ms
131ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:01:04 GMT
etag: 9219409622527106327
expires: Mon, 22 Jan 2024 23:01:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame 487D 9 KB
4 KB 132ms
131ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:01:04 GMT
etag: 9219409622527106327
expires: Mon, 22 Jan 2024 23:01:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame 95FA 9 KB
4 KB 140ms
140ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:01:04 GMT
etag: 9219409622527106327
expires: Mon, 22 Jan 2024 23:01:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame 8608 9 KB
4 KB 140ms
140ms Document
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:01:04 GMT
etag: 9219409622527106327
expires: Mon, 22 Jan 2024 23:01:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1B3F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f26ae796465e6d21859bf5c67ac14c0521429c5f8a2d0f548f8e72622ebb94e6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 79B1 4 KB
1 KB 432ms
145ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 22:46:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 23:13:15 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/elements/html/ Frame 79B1 16 KB
7 KB 151ms
143ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:48:07 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/elements/html/ Frame 79B1 22 KB
9 KB 133ms
132ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:48:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:48:00 GMT

GET
H2 200 index-9054913c.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 487D 107 KB
40 KB 230ms
79ms Script
application/javascript 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168
x-guploader-uploadid: ABPtcPrjzt60S4DCBD-XqPqqQcmFg-1vUP933RXzz2RV6j-ffbqJtc3OlQnMOs3SWFgaYsEk6Ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Dec 2023 15:31:02 GMT
server: cloudflare
etag: W/"40e352943a9eb2976fe265c973a285f1"
vary: Accept-Encoding
x-goog-generation: 1703691062394998
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=qIxOWA==, md5=QONSlDqespdv4mXJc6KF8Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8LCG%2B3Ap0yA5BwJZUwTfTTE2EEMz2z4NBOxF50iJ2sNy3FFOjmrbAXcwRaxtOXZa76y5TcMfC8rbhXJeG%2FggXtJ0Y8Z1Ss%2BaMun6oLlDqnXk9GuFD5pHlGpSuMVmrtSB9hk"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 109104
access-control-allow-origin: *
cf-ray: 842821467fae2b60-LAX
expires: Mon, 08 Jan 2024 23:20:57 GMT

GET
H2 200 index-af5b3122.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 487D 13 KB
3 KB 233ms
83ms Stylesheet
text/css 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433
x-guploader-uploadid: ABPtcPry2zRjc9B7fxmbztB_3CmgrdEcRkquEC60Jsg6-Eh3gOsaB7CwWfExs2w_Yg-38ibSZcg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 09:35:44 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
x-goog-generation: 1701355216717373
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYkHh1277Z%2FF%2BZqvARoFOgAE9k%2F%2FkO%2BTUIY%2BZdFr7vuCQVpalUOfGCj%2BRdeLKokt3e%2BXUogabKr8w8ZmZeplFzKrgcLN6DKmWYmO%2FFEc9zTO2xtiDLomIeiKiM%2F7DfMCrS7D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 8428214679d97e89-LAX
expires: Mon, 08 Jan 2024 23:40:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 487D 3 KB
1 KB 168ms
166ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 487D 20 KB
8 KB 151ms
150ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 487D 205 KB
65 KB 146ms
145ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:15 GMT

GET
H2 200 index-9054913c.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 95FA 107 KB
39 KB 365ms
229ms Script
application/javascript 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168
x-guploader-uploadid: ABPtcPrjzt60S4DCBD-XqPqqQcmFg-1vUP933RXzz2RV6j-ffbqJtc3OlQnMOs3SWFgaYsEk6Ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Dec 2023 15:31:02 GMT
server: cloudflare
etag: W/"40e352943a9eb2976fe265c973a285f1"
vary: Accept-Encoding
x-goog-generation: 1703691062394998
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=qIxOWA==, md5=QONSlDqespdv4mXJc6KF8Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M5ApUVzFSqettC8Uh%2B5W7IELj6AdazZPS848prv4ZB63JyopCS1pIy30zbnXzFJA2nsM5jFoBSea3z1ju3s%2BBsZXzVnCvhQUv%2BHa0VaGoXi6iqkgz9GVZWdvsKqjye%2F6bwl"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 109104
access-control-allow-origin: *
cf-ray: 842821467fb12b60-LAX
expires: Mon, 08 Jan 2024 23:20:57 GMT

GET
H2 200 index-af5b3122.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 95FA 13 KB
3 KB 212ms
78ms Stylesheet
text/css 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433
x-guploader-uploadid: ABPtcPry2zRjc9B7fxmbztB_3CmgrdEcRkquEC60Jsg6-Eh3gOsaB7CwWfExs2w_Yg-38ibSZcg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 09:35:44 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
x-goog-generation: 1701355216717373
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNUi97tlB69kCOJGPNnMVQ3m%2FunXC2VvlxQYIOZprevTRNwYTiimSHxWWS%2BU058fqQaKcFfeLR484qNoDO2nxqLg5gXfEARap4ngbOJGZET9%2FSF4yt2He4DFMGY%2Bn8Jm4v93"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 8428214679db7e89-LAX
expires: Mon, 08 Jan 2024 23:40:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 95FA 3 KB
1 KB 183ms
182ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 95FA 20 KB
8 KB 155ms
154ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95FA 205 KB
65 KB 193ms
193ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:15 GMT

GET
H2 200 index-9054913c.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 8608 107 KB
39 KB 291ms
177ms Script
application/javascript 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168
x-guploader-uploadid: ABPtcPrjzt60S4DCBD-XqPqqQcmFg-1vUP933RXzz2RV6j-ffbqJtc3OlQnMOs3SWFgaYsEk6Ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Dec 2023 15:31:02 GMT
server: cloudflare
etag: W/"40e352943a9eb2976fe265c973a285f1"
vary: Accept-Encoding
x-goog-generation: 1703691062394998
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=qIxOWA==, md5=QONSlDqespdv4mXJc6KF8Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrHZjjW3Zj11xpbRZeOXdHGHNa82pNKWSdzf%2Bm0SBHzEcF0TZiWkxlfNhD0ZapJEsREmr6v2W87Jy9%2B6SPFoOWwVKFmxU7g7fXd2ZHRMvzXbkao6ESlPxwseMSBhbgWPovu6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 109104
access-control-allow-origin: *
cf-ray: 842821467fb02b60-LAX
expires: Mon, 08 Jan 2024 23:20:57 GMT

GET
H2 200 index-af5b3122.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 8608 13 KB
4 KB 187ms
74ms Stylesheet
text/css 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433
x-guploader-uploadid: ABPtcPry2zRjc9B7fxmbztB_3CmgrdEcRkquEC60Jsg6-Eh3gOsaB7CwWfExs2w_Yg-38ibSZcg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 09:35:44 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
x-goog-generation: 1701355216717373
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZQk6%2F4lSY7jEexmrf8AmcKFQ4Z6FvtyIv6BMRkDgCo6ljGbMCxrSTnR%2B0ZEbjNMpl57qRu8MNubAShiiT3TQdZ2Tb2wiBUh9Kr0Gi77xvU%2FrbpIl2DI3%2B33DT7QX2WYPTUl"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 8428214679dc7e89-LAX
expires: Mon, 08 Jan 2024 23:40:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 8608 3 KB
1 KB 174ms
173ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 8608 20 KB
8 KB 162ms
161ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8608 205 KB
65 KB 207ms
206ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B3F 0
23 B 168ms
164ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfXKCiYGcZbXxOMyM6tkP8sqbwAGLv4iuZvG66fX_DsCNtwEQASAAYMmO-obIo5AZggEXY2EtcHViLTIzNjcxMDgwNDgyODc1MTXIAQmoAwHIAwKqBIgCT9AVXJcohF1DZa8CJSC7I0DZ3uMIQm3T9ylk3zCvQ6185qlLWUb8RxscvY_c_Nyphn51lQNqw2-IJ_dEv7W7cnNoINPCZdrGCpDXGiyWPVZUM8Gw16B2czxLixmYsqjnDGRAHb7osYGfXTt85Gighrx-xUJg-B3M-jQU3FZK7rw1O8EkK0bIxhhs7Z4XMscUltkY9Ph3Pqf2g0Bj7b69zit9xysFNIRhdOiV23bHbcgUmofOm5BCKcuN0ZzfBiOujdyJItS73NQ_XjCv7DERA6-6XHFLjHbgFScDLtZOOVi-BOV63VrNR80DaJv78WeHzzEHZetB8spC7Zn5Ry3G9Dm415NAi1XbgAbHneX5_P3jgsIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WLno6bz1zoMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIzNjcxMDgwNDgyODc1MTUYAA&sigh=nsfYvNhFgT4&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_xqQ-jgVu2fLdWhE1gHHbeFCSK01PNgF9fuynscE26hBWSmd1Kuqbxe-vnJqfemoZCmndyhaYjMEWTE3HA7T57wMkfoaVdyNgLBgB&cbvp=2&vis=1

Requested by

Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1704755593&format=728x90&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593374&bpp=2&bdt=1127&idt=433&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938189876253&frm=20&pv=1&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 23:13:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 23:13:15 GMT

GET
H2 204 rtimp
g.algbid.app/ Frame 1B3F 0
933 B 172ms
159ms Image
text/plain 104.26.7.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.algbid.app/rtimp?sid=7fa288da-ae7b-11ee-b977-12928a5ced8d&d=www.decencydefied.shivtr.com&cr=rgn_gen14__2&a=imp&p=ZZyBiQAOOLUFOoZMAAblcqeZ3xxslUPx0-wvAg&im=60NPjtNXc-xPhFgtxFuF_Lze6VBWAClXzzauslYqsPyyxNj2Yam8KnY2OphGcZFZBJB87C-Xaffje2lAs1SeviuHQvCHKjLQRiIvAQxvsv2MPZf6I-TiPeUfMrsfOkusWeY0bucIcWrflPr9bXfBiNxHMrOgRWCytG5qJHO75-Ur_MJX_MxxcdlFLTWYbdB7n4PNTnAAc3XQ5EREffMf49v_agqMohFTbAB5WXJJKTyIJ6S7tx7LptiCHygzF1AoRDF-Ha462VZH2ru34-6zFVY47Il3KIbi43OhbrybB4UdpZUkmA2R_bUPsKkWnI7h_Bku-O5FDrPizbIZNDRUhN1b9LYGVCxy1bLqREbj7C4&cbvp=2
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reoSnaKS3apUw2tTgjPstRFjzVFRSnKewl1rW9a3N7%2B7bciT9v5iwBoFStz%2BOfoJIBq1Y9bUgpuf0swXn4Nq%2BfN8y7XQrnI5kYvzeXfgXBVyD2eb8gfssas50%2BvRfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842821464f702f17-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
expires: 0

GET
H2 200 SecularOne-Regular.woff2
cdn.algbid.app/compressedFonts/ Frame 1B3F 11 KB
11 KB 73ms
71ms Font
application/octet-stream 104.26.7.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.algbid.app/compressedFonts/SecularOne-Regular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1704755593&format=728x90&url=https%3A%2F%2Fwww.decencydefied.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704755593374&bpp=2&bdt=1127&idt=433&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938189876253&frm=20&pv=1&ga_vid=698215793.1704755594&ga_sid=1704755594&ga_hid=164844034&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080114%2C31080259%2C31080262%2C31080263%2C31080265%2C44809530%2C95320890&oid=2&pvsid=2839463092911107&tmod=1837682095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=442
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc7dce977f59400faff7e273b7a8d692c65151f0bf48fcd1b22dcf2a82ad47e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 338
x-guploader-uploadid: ABPtcPp8GqCLR17Kcc2ODfrzTVy3jvBeO86WO7Om1MZIEJw7Ci1DiHPGk6tui7jjgdIM3C91IOpVojViTS7gQVU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 10940
last-modified: Wed, 29 Nov 2023 09:57:53 GMT
server: cloudflare
etag: "d8e1da2cfc1b90675464b327065f29c7"
vary: Accept-Encoding
x-goog-generation: 1701251873117491
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Qk9Bcw==, md5=2OHaLPwbkGdUZLMnBl8pxw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxpbdu5B1YXE9seXfWDsEeS3CtT9BKfzxJtxW%2Fl510%2FhJl1Jm9JlMzmKpKGXWcLaMzQWlU9I5ncasVsPuEOeZqZTS0PZkm%2FdOfMlJJALnnOPibBeDKMqOu78JI48Jks0"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 10940
accept-ranges: bytes
cf-ray: 842821467a487d58-LAX
expires: Mon, 08 Jan 2024 23:28:12 GMT

POST
H2 204 rtimp
g.algbid.app/ Frame 1B3F 0
459 B 149ms
139ms Ping
text/plain 104.26.7.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp
Requested by: Host: cdn.algbid.app
URL: https://cdn.algbid.app/ng-assets/creative/assets/index-9054913c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYryiY5KaQL3dTbf7zIhaHrSjG8b72YYbtOSBVnDtevtReulDSPgyGW1bhK4lew%2FMlusHhG6w3PFre0elyFf0DkIB%2BDWhVxAPv0eJwCmK1EZj6YShr7cIUTmWCQHkw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842821469fc82f17-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 8608 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c62dd54eb843e3b735ff1dc83a523eeaf1884071ac18f56e227c71ffbd70a89b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 487D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2227380cfe06091de6d94b915f702989539cb9767046862a7e00f5ead8923536

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8608 0
19 B 168ms
167ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNFrwiYGcZenQOKu8odAP6tWYkAeLv4iuZvG66fX_DsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTIzNjcxMDgwNDgyODc1MTXIAQmoAwHIAwKqBIoCT9DxEZpmMWQLpWzZJr2eBjfr0CuRbIx5iCuf1ecIX_CLeIQiS4mjF4WPb4b0760hv2dCmecp69axz38PuG3BqBvepsj-8JrtGKbsckK2l0sV2vlXH0ceFcBvr21wrof-TZa0AuCtYZLTaFsPFl2ytCBI6W8I0fMx3VB_zqxlMNUv-z0itEBoeqDH42XUDzS6TceQMCbGwwf76lKspNpU2XJI7OYA5BY47BbC5uQD0kiIBbREB7Bd02WxaP6p5qvKODRO3mZF0vXgfP1ulmyGUI7iZs19DFumfrPoObfOoKeE5u145R6qUN4SaBU1EgslxjSzRI6AaTZ8yHKf2IAgmrgi3OD-R2s-Nc6ABv71k9LN7qGMf6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlibqum89c6DA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzY3MTA4MDQ4Mjg3NTE1GAA&sigh=a4A3SCMdybw&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_G1bNx42pS0BYnrOpK9kHJCPq74Ezfo2CroVbapZkykHgswilqxJ8SPzW52mJnA0VQ1JEVCrl8_ghG8QbSrVjX6LerrsujAySLRgB&cbvp=2&vis=1

Requested by

Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 23:13:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 8608 0
920 B 144ms
130ms Image
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=7fa399c3-ae7b-11ee-86ae-86d9ad89f958&d=www.decencydefied.shivtr.com&cr=ext_ng_start_sec12&a=imp&p=ZZyBiQAOKGkECF4rAAYq6sCSG18UQPfbu71zyw&im=rO-Ctfhd6hQeupWLLJ13jd55BL-Svx5mEkscj-bb3dIQUTezwLhx_cagTofLpdjMWYc0v756SYifRG9E_RyH6FWehFqmaFvF9vRbeR53WSg5LFa4cBlc3O96_CTkj3B-pR94LvXvBZa7x_XeOGY-XjHdI1064XiTRiGhpnduH-GzW3Gi52UJxfWwz6zRiqyXBKhRA2E7zNb8Y7QjEXfGTmiwSzNhszZq-1ZuVrK2eNad06WGu601FQhOrdEjEdiwT43nmpARikBmRrKzmw4NgpRRN4FvAwYg5kRX0wVStU9oGwgJXP0mEboEo6CGWtnHaJECwIS084SMKl00KoSD7zmPAqAJ81UQ_3X3Bjlixis&cbvp=2
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ms3V3ZzPivKHZ8bagsXZIu10sV2rYDGaaOkY2VtOPOg%2F%2FRnMHJHfapXMgLrKcUxxe3GLQVxaXNmm328qkU7DfdT6YCNR8XzcK81nrfWNin0fulSKL9T4njU7Sd05cl40w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842821488bba7e89-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 8608 60 KB
61 KB 73ms
71ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149
x-guploader-uploadid: ABPtcPp4ue0PzHLey_a29-YzKNxdByYBRcZssUbfDx5RFlLS-mA6TwAI3DmjRmpsGswTVdrmZ4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5dfvQTJiQ%2BU7c8M6i7ykrJY5%2FlpglBbQW3yMEfLfB2LIBi61%2F8Ba0nRI%2FSsPoE2AUhlUxKSdDjt4CctoAafAej%2B9eDjlLk9WVN1%2BTPTolJePoqYOfUhZ%2BNabt6NL6ThG%2BP7"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 842821488af52b60-LAX
expires: Mon, 08 Jan 2024 23:40:47 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 8608 60 KB
61 KB 96ms
95ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
x-guploader-uploadid: ABPtcPo8PZoMMYB8zKAdKi2HbW3nFufbD8b8loBiBNGCbaiAb1s4fQ4jM9Lz0kTZL1bH9MMfZ9Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjhPGla94H6qS2Qv4QMqmMXBElzXhdZNPycYIkXRr%2B8ohLOFVNm3ZJM%2FaerAKONbybfdsL38wF7S3Fahfr6p2ylffXGRbATCl5GhwLJiA6X22ZghJBVe04dsad1mPnLFrk%2BM"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 842821488af62b60-LAX
expires: Tue, 09 Jan 2024 00:05:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 487D 0
19 B 165ms
164ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGgTqiYGcZefQOKu8odAP6tWYkAeLv4iuZvG66fX_DsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTIzNjcxMDgwNDgyODc1MTXIAQmoAwHIAwKqBIkCT9D8mRoDgzMEjXpbuv-LH_oi8BTDXO9A4R2vvNrlu0gisTSr-TZPgbVv9PiZsPBiEzAayrZlTOosdFt4eDTfpW5s-wj3kHCzqccBSK-6cVcuL_H3DcyvFfDkU7_rHSCX0TLsUOT0N2Rw-bKLT6pEZqyFjofH_uD7yvet0I5WF9m_vgW_LlZlhsLMBXqRP5dEQxCgGf15vSG7daBXdNOtCMwoj5Mt0LyBr-NeZ_4-ZYAlRSfgsh2YJOTloS77zZhOTZwk40RrOU7Y0YwAW8M7egQQe9s2UDEdF-0UgHF0npL98JW0xQLg22wKxid1yxAIpx8KfdyCMpRPJr0dNzQGTJt7aG2U8Nxl0IAG_vWT0s3uoYx_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJuq6bz1zoMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIzNjcxMDgwNDgyODc1MTUYAA&sigh=mw-_I15ZAYQ&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_G1bNx42pS0BYnrOpK9kHJCPq74Ezfo2CroVbapZkykHgswilqxJ8SPzW52mJnA0VQ1JEVCrl8_ghG8QbSrVjX6LerrsujAySLRgB&cbvp=2&vis=1

Requested by

Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 23:13:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 487D 0
672 B 147ms
146ms Image
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=7fa3317c-ae7b-11ee-b7d7-ead3311cdef3&d=www.decencydefied.shivtr.com&cr=ext_ng_start_sec12&a=imp&p=ZZyBiQAOKGcECF4rAAYq6nj6JB4s9ISfxsseZA&im=uWRb9xatRTHnsShqscZUTs8oej1_Qel_PrcX35KnLCXK1FwDc6nMXG1UaiiPcNgcnyuk4GiYqvBQlRGHpLT-6edVenep45MUo6JtvAZgTabldmRX_hb1d6a5hSc6Ei5vxoNDaPr1FTrCtjyTA5Gyl45ptYCSD3b76P9y25PLopcIWQahLp60kAJcAPnNZcOWIT4SffpM4BO-UIAqK96E8QOFTpJ3zenKt13A9fO4nlD6FWklZ2IM9qmnhphORJqC-F4OfC1BIuwJItsxIALrs3pjeCa-s46_h39EFgNDZsZtm2bHgbGHExGTXhGyGpvr-EUFXiojI19IdD14zFuEIzxAfrlOv7bXgfWvJHUXMZ4&cbvp=2
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VafkLe88Ajvngf%2FqnSUe2%2B9go%2FVMcEagK2jqmJ9Vx35kLv%2FETmxlAJSBrnOd1ds2rm%2Fw2Eac1Y5DCHnkG%2FDd56%2BXAMF4hZ%2FPzTy%2FUWd4hCFUCSn1GZwUYhsXhh5Qwlp%2BxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84282148abd27e89-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
DATA 200
OK truncated
/ Frame 95FA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfebd365f29fad440de1124ec579d2c0926e31a2c1a927b41c68c6c84eba5fc9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index-9054913c.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 6CA2 107 KB
40 KB 79ms
75ms Script
application/javascript 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168
x-guploader-uploadid: ABPtcPrjzt60S4DCBD-XqPqqQcmFg-1vUP933RXzz2RV6j-ffbqJtc3OlQnMOs3SWFgaYsEk6Ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Dec 2023 15:31:02 GMT
server: cloudflare
etag: W/"40e352943a9eb2976fe265c973a285f1"
vary: Accept-Encoding
x-goog-generation: 1703691062394998
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=qIxOWA==, md5=QONSlDqespdv4mXJc6KF8Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjPVI3pUVYYCgVRstReGTdb31wWGh08tFBu9eR5h7BZF1gw6FPnLWC63UGwaTZtvGbZAoAszTXnssfVAiI0XbyCrx0vauY8nChDRWtfYZ3xr6wX4maE9O%2B2YC5OZhpb3IQ88"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 109104
access-control-allow-origin: *
cf-ray: 84282148db612b60-LAX
expires: Mon, 08 Jan 2024 23:20:57 GMT

GET
H2 200 index-af5b3122.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 6CA2 13 KB
3 KB 76ms
72ms Stylesheet
text/css 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433
x-guploader-uploadid: ABPtcPry2zRjc9B7fxmbztB_3CmgrdEcRkquEC60Jsg6-Eh3gOsaB7CwWfExs2w_Yg-38ibSZcg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 09:35:44 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
x-goog-generation: 1701355216717373
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Uqfd0TxzroD2vZ9%2BZjzePyfBa9ztKZXEuVA5b3Yl140LR77AhiLkrkXcpggBrGUQw9oxThqL1PdS6fuLtKX6gz2WJNRvfGzwYC6RRHqewtgLNycx6419tMAwmaRRg3BQL7S"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 84282148dc117e89-LAX
expires: Mon, 08 Jan 2024 23:40:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 6CA2 3 KB
1 KB 134ms
132ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/ Frame 6CA2 20 KB
8 KB 134ms
133ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240104/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 20:46:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CA2 205 KB
65 KB 153ms
151ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:13:15 GMT

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 487D 60 KB
61 KB 82ms
81ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149
x-guploader-uploadid: ABPtcPp4ue0PzHLey_a29-YzKNxdByYBRcZssUbfDx5RFlLS-mA6TwAI3DmjRmpsGswTVdrmZ4g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnWsD%2FMaRArmM9KTW01G9b50RunIHKI50b5YF5cHOnoxgEGxHGIU69fN0f%2Fdnt6A8fRayyYSAMlNUdoIa023eJ6GggK8jQdIjN7RJ1HnYbSz6%2BumOtb04byLfkBXewEgjRDa"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 84282148fb702b60-LAX
expires: Mon, 08 Jan 2024 23:40:47 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 487D 60 KB
61 KB 103ms
102ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
x-guploader-uploadid: ABPtcPo8PZoMMYB8zKAdKi2HbW3nFufbD8b8loBiBNGCbaiAb1s4fQ4jM9Lz0kTZL1bH9MMfZ9Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsoPUDva8gwCQhiJX1sbRztOgrBc0rwxZlnXl7HXsntEyFlZMbhwOse2ZGjmWr49AsEOMpRiy4uJQKElCWIezuuHsRycYLNjC3T4upw5%2BHuKw1E1cgIecWsqxjEE99vzOVq2"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 84282148fb742b60-LAX
expires: Tue, 09 Jan 2024 00:05:59 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame 487D 0
501 B 137ms
136ms Ping
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rln%2B9hZiLY%2BVdT1vOs2QacoNZ3NUI42skVEtQVZZiC4rFx9S9lTxSnnkjaLp7kpLfn8pliIAdDqjET5zRUWpj3ZTa%2FS9zNICFLrBCwEgbX%2FT2gGkXc1RE8pZ%2B0ypF3lH1g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842821492c4d7e89-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 8608 0
441 B 152ms
151ms Ping
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8kC0h3y5TgOL1akk1gaudw9%2Fvxi%2FZcKfffcz1iIa7FjJkEdr7A4pRpoqco6S1QE4aw8DhP1xX6uxfsqBkor8gT3bg65%2FVaHMGnoSI9WxMMQrPGINMzaTs68%2BOD1VgOeiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842821492c4e7e89-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 95FA 0
19 B 169ms
168ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoLQ8iYGcZejQOKu8odAP6tWYkAeLv4iuZvG66fX_DsCNtwEQASAAYMne6IbIo5AZggEXY2EtcHViLTIzNjcxMDgwNDgyODc1MTXIAQmoAwHIAwKqBIkCT9DfaxlMUKzBm2lEwTklUVHxtSOczYV-a6Wey1i7_u2VkjuLWoTKnnwKgSNLBfHSjYPXXwWrz2xl4QZU__Hnc-TT03Y0fNP-Ac7dOyy3gdrNYAIq4XcAiceYBHmJGNjwqvRR7IuvGgBnnof4j37uoB-Ay-NPy6zT34O5rUJZacoOKRsWhP81fBATZ6J1cnYZVtl-sVU4U2mZDjeEVO7kqBrG8bGm4TXChmNEP_u6cA1mB2Q9X4LAMFMOMpat43dBXZ-mNxHTlB3x77ro5Y1GccYw_9hVmnsTpNlzT5RA7fZaLmoRmave5ax1t-ul7L4yOk26hZZUmcYvCOjrhOUYtbWOhYJ7C84npYAG_vWT0s3uoYx_oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJuq6bz1zoMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIzNjcxMDgwNDgyODc1MTUYAA&sigh=du9H1vWVeo4&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_G1bNx42pS0BYnrOpK9kHJCPq74Ezfo2CroVbapZkykHgswilqxJ8SPzW52mJnA0VQ1JEVCrl8_ghG8QbSrVjX6LerrsujAySLRgB&cbvp=2&vis=1

Requested by

Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 23:13:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 95FA 0
934 B 194ms
193ms Image
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=7fa690b5-ae7b-11ee-b289-62d671aef0d0&d=www.decencydefied.shivtr.com&cr=ext_ng_start_sec12&a=imp&p=ZZyBiQAOKGgECF4rAAYq6rXbGakAjuJIz4LtUw&im=s18Yd9gV7i9rDOL2MwE3NUjzGMWafRiQAxRHwjZZGhQMbSo3CKVYXqwNNcVYZgE5jwKFvzUfUDgDoKTUY7DSVsXiRxXCSIC-OhzHLKsLzI_tKRP066SURpLL4iOqQNANPehs51OwOFQtCuFFSH1sP4NRf9Axbeq4ydIvwo6fetbMJPcsnv4qGxjF6s1bKzEklpUXbG1w3X7yc44ThnRrZcRffnCoOI84qH-Htrz6S_slW7drIj554R7r0soSLIfyKTQ69GP0Myap4704xQlKx82GVrrDqLjsmct-6tc2f3AlGkZZjTUdeyJvj2VXuV6Cs-F8gXyRnzGEM8_WjC41LvbDrpRBsoKi7VSR2PW5cHY&cbvp=2
Requested by: Host: www.decencydefied.shivtr.com
URL: https://www.decencydefied.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynMAVIEvaRuPx9JE3LVhP8K2z8mhVAQpVMahDSrVFcdbmXrUSNXN3%2Fj763lvckiZhW1Pp2aYMUbGDGlIDOakPCsq6a6ziSUXEgZ%2BtNdulBMbqt%2FPGWwpde0t3F7zyfc3jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842821498c9f7e89-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 95FA 60 KB
61 KB 139ms
138ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1199
x-guploader-uploadid: ABPtcPowjynvpIGjNhtHItg5cqXLmEQlvPcAjW6b6SLEFMIb119-hJoUvkZZjYqZ9d5e50CrgFY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7WEkLWfcQMTgQAwqpfok0KDZWbDzCZwFik%2F846yj4FHaFf0TlwNeuya76mv6ED8aENEVl1F4y%2BZSKjwAxz6SkkthYJT8eCRL6JQdkzmwr2CT%2BbnTfapmG8tgiu5TF%2FdddOh"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 84282149691f7ba4-LAX
expires: Mon, 08 Jan 2024 23:40:47 GMT

GET
H3 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 95FA 60 KB
61 KB 74ms
73ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 435
x-guploader-uploadid: ABPtcPriDbicZTgQcqzG3FPFdRZUPJ97QIcB4uR6igjj0qjaq4f685g76SO2o1DWskJ5in0cNGoC3UVDLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8x1psgXZ3Fi9%2FwMKePOtaGxaE0GRCmyNsZo5ffz%2B5679oqkqiTNTEZT3TmjjtJSoGDbKDg2V0NRJVltczHFwum1XP69bTsb5lUwtAakzlWM9HoT7ZmHmxgldltNtzOFsNQf"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 8428214969217ba4-LAX
expires: Tue, 09 Jan 2024 00:04:11 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame 487D 0
946 B 130ms
129ms Ping
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pk9IAy2xO%2BkDOWQOZgymHaVGUgnFk2Ptec12llHjIYr7pMb8jg3iYiqvCXTEufMHYKBARecQ4Mba%2B2TQdThE4oe26OKdle73r078bLzT3CbQjadvDG19ULHNzFdMdx5NHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842821497e7708f8-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 95FA 0
913 B 131ms
128ms Ping
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 23:13:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtKi0iyxB2X8bR%2FqDmBABqUqlGRMW8S6vs8gJWrqv7zXAVS2%2FOu11QvmnBZQkPnr6WlPTdsHhHrxVuhpaNmXsZVY6DkQdsKHybFEknmKjq%2FpAEEts4o%2Bd0rdCJmoxFO7iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84282149df0508f8-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 428ms
163ms XHR
application/json 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

936eda223dd18657facd0c2e6babe575aa155107cf99b67cd8103743d2f09a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12278
x-xss-protection: 0

GET
H3 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 6CA2 60 KB
61 KB 75ms
75ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1200
x-guploader-uploadid: ABPtcPowjynvpIGjNhtHItg5cqXLmEQlvPcAjW6b6SLEFMIb119-hJoUvkZZjYqZ9d5e50CrgFY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzQDvEUO0FhI%2F5KImsYbg%2FKdLE7PkqRAyiK%2BoclrcmNjTTMoGxedgCMNTWL6bm5to7WF%2FM9KyCt2WWPYLHe04mTjbWsCeXPorqt0f3bEBkj0QhIBOgMYRmhuVNc8CNu%2Fdjlu"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 8428214bcbdf7ba4-LAX
expires: Mon, 08 Jan 2024 23:40:47 GMT

GET
H3 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 6CA2 60 KB
61 KB 73ms
73ms Font
application/octet-stream 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436
x-guploader-uploadid: ABPtcPriDbicZTgQcqzG3FPFdRZUPJ97QIcB4uR6igjj0qjaq4f685g76SO2o1DWskJ5in0cNGoC3UVDLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrfR661MKlRv2camjcYPgadKZdik%2BLnr1oxmklURuKr2gG7GQDmrh5mVjUpOtnATOIWOqfncQCNhzc%2FHKGxpsSz8sRmP%2BxC%2Fe53%2FEEvB7y7EQZE6uEz1soPKNjSNrSaVqRzW"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 8428214bcbe17ba4-LAX
expires: Tue, 09 Jan 2024 00:04:11 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame 6CA2 0
913 B 133ms
132ms Ping
text/plain 172.64.172.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 23:13:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO9C5Fj5UvmGL9E%2BzPvL8ZRR5F2FV0pJXp0ghZk8GpeE6d7M4VstbmL68J5yUJlVU2j4Q%2FuJdKfFk8Ham1sn4LCFqQBaLYhNgfqzXqap7XIfI15qTAEh%2FFbHAEWzsWZK0w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8428214c5a2b08f8-LAX
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B3F 42 B
64 B 220ms
163ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstM2WJuHktLjAQW6e_v5Qxn30KVXnFcya3KAybnr8lFNKdUDLaT06pxVyRmNje3Bh_XWt4I0MZ_TABiDPul5uEWa60rA0sqWxlRz3okDO_eqLc7qXDRYV6D&sig=Cg0ArKJSzNLKuHgiTcSHEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2184809105&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704755593817&rpt=1353&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:13:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 160ms
160ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 23:13:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8608 42 B
64 B 161ms
160ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXIaYCHNPBIPMib3sjGCdZStWOdiesbFwZ5q0nDDDy9Yrvw19Ay_nWUyEMnHVb83Jat0KwBp7mVvtym3hENOgrw_wTliYULGHtzhbN71rfSaKxhfTsedQr&sig=Cg0ArKJSzNM2NGmtbN_nEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=436,1000,1000,1000,1000&tos=436,564,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704755594873&rpt=678&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:13:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2DDA 13 KB
5 KB 133ms
130ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 32847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:05:49 GMT
expires: Tue, 07 Jan 2025 14:05:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BCC8 829 B
1 KB 429ms
152ms Document
text/html 142.251.35.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f4.1e100.net

Software

GSE /

Resource Hash

c898a7bfe7c34197b029ef98e0563ccf3c0bdd6754ca6b6eba8bfe8375a73696

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hbBH-v0JzsRDjXzotefK4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.decencydefied.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hbBH-v0JzsRDjXzotefK4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 23:13:17 GMT
expires: Mon, 08 Jan 2024 23:13:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 487D 42 B
64 B 160ms
160ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVoMCVm-X1LBd9hdx8nP9Jf80kXiPUmpHkDbMvwJV7tAktrf3jOerVtKsUor_RppZ9oE4XM2GrN_8xL1Z5r7G-M22s91VvCTiSGr6PsAlbCXY-gogO_WXv&sig=Cg0ArKJSzISpxP89GcMJEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704755594867&rpt=666&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:13:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 95FA 42 B
64 B 184ms
183ms Fetch
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJvZB3OGrlBXTPR0KHmdAQ3l3gWWpc55LAGOR3XbDyOLtLFWpJ1KDtT89GxfV2JG8T9wjvoSHy_X8EWDYtm-kUBS3stMHhXPKIX6C5Bj1Zg-nBih7JbZTe&sig=Cg0ArKJSzAA5zr1_pbaSEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704755594871&rpt=721&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 23:13:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DDA 39 KB
15 KB 131ms
131ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:05:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BCC8 0
0 175ms
159ms Image
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=2839463092911107&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2DDA 0
10 B 132ms
131ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wnAuFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 23:13:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 162ms
160ms Image
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=2839463092911107&bg=!yMuly4TNAAY3kmNgF5I7ADQBe5WfOGwcf5T7UiYHcPZR7pfW-rAessRAY-y7UgYsJzLWuqhsT7vWXTxpl5yQzyV7ysgcAgAAARhSAAAABGgBB5kCxDODuCqoGqRfHIvtgnSfDpBMoDjMupXVnO3QsdQ13Ma0jbDi6wrOXeb8ZHfcTKEfZCr2YpNiuu5Qke4-lMpN-92KDr7TWf3sqFgNTFUqdY65D1djun2tN68XAY6DrlKPCwJc-dxRfD2-uboKEszJxI7K6HZYyn8Lw_WJwXkLKHM30K-Xsu0_HI1114lhFcxD2RRxNxnPQ326hTlCaxc0TeyYJ1hMnc8eeHXf36Yol3Mv-g6xYYiPMIHyvCSmE6gxTQ3H3LyxNjr5_pJ8oyd9vA-NJ8VHT6nxxTxDA7f8RnHNBBP-nJqbLVsICZDV6vG7JZOng3Hfgya09lNI0UGAJwhTxhx02_Sv9Q5X-70bmVcf8RiaewFyaSXSRUn6TbT5mlgdnFNMZXGOFcb9YP3qxUv874F_f2-06i4HPnI3UwqEB5PvZ8GiZDri8w72Xy1WV_MPUbtdFCuIBxJKarg84XYDHH_0_0n0jZqKUjXunp3AF0e2kPPPC25DDUaKo1ndXmPQatf7IqdmfWDjJC8Gpc4U75vrmhLXNFdwv7w71XZVSSzN48CDkjQL8yboUYifhWMeYtRXd6ozYxM7D--zLrCXyPA_dfeND_7StMxRvShs0BN4zCSAE4x-EKUpIMwPH6oLkpmu0DefwY9NvCq6bGinrZH_YUqu3dsKKiVUuJrcRmuPrQ4XXKox4jDYni-GiXwtXJuYLKSn6Tc4ioIRd81QCxSXQDguU1oFB5yAuKXkvAt-0oOHLkmYznR2fT8S2-BSL10YUCnOSru-xKVVb8xEDBKSoGK151OLBAdq4OOETkoUcxPJF-7Mcn4khq_LOfF5ls15zblsHOepyOv9RMDiCSpQDxJCCmSjV7gqrJq9DErNHoMeu9SIWHvs2wSb7ZWaMoPgpEngTRiETaicmYd_j-u81IrYtbaIY9gyu1IGYTTucA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.decencydefied.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.xivdb.com
URL: https://secure.xivdb.com/tooltips.js

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.decencydefied.shivtr.com/	1969-12-31 23:59:59	Name: site_game_id Value: 1633
www.decencydefied.shivtr.com/	1969-12-31 23:59:59	Name: _shivtr_bakery Value: eh4BKzOe7sKzB%2B1OMbNJFmblEKc6sAOE%2FJWRFGFPsunf9U3UYbsh3FxN9wZunfIhUUQWcUJI35KICs65TE1qBE5tE2zn8BA4aNo0xyUUGHCtXPKpmkYAQ8BTaBzqq1FQH0cxTflL2%2FXMfKeiR%2Fux7JU1fCGOAkFRSh606cDPH9MIhcbFiQZ8NUyAnSsyVRJY4JFJ44qE1WoaT%2F8cewpqROk7xVweVTHWA2SnNSZEqjcPqasu9M88WeJbKivgNQutc9hN2rlXHvdYA3l%2Buz%2FS0KsGRD4%2FudyZ6oWRMx%2FrccppnbngiMSqTcQ%3D--JEL58ZSQltq6bfxo--Yh54A7PWdG7IHE66LMrP%2FA%3D%3D
.shivtr.com/	1970-01-21 02:54:11	Name: __gads Value: ID=376ed412bec34f03:T=1704755593:RT=1704755593:S=ALNI_MaoGw6gdBQ-LuP-_oYvEV77AYNkEQ
.shivtr.com/	1970-01-21 02:54:11	Name: __gpi Value: UID=00000db576d4735b:T=1704755593:RT=1704755593:S=ALNI_MbWh07Cerh2AbfsQGvCM0QsqnuMcg
.doubleclick.net/	1970-01-21 03:08:35	Name: IDE Value: AHWqTUkcY6iMUyRB5MziiIlVKp4pEd2fSB9f6KauBjOHRB-1fE7LRPRG2Dyb3A_iJuI
.algbid.app/	1970-01-20 17:32:42	Name: sid_cross Value: 7fa288da-ae7b-11ee-b977-12928a5ced8d
.algbid.app/	1970-01-21 03:08:35	Name: uid_cross Value: 8066ab1c-ae7b-11ee-93c7-523448c33506
.bidbrain.app/	1970-01-21 03:08:35	Name: uid_cross Value: 80ad2bb4-ae7b-11ee-aae1-36cd80dbb1a9
.bidbrain.app/	1970-01-20 17:32:42	Name: sid_cross Value: 7fa31a59-ae7b-11ee-a364-da5cfbc7a612

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.xivdb.com/tooltips.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.algbid.app
cdn.bidbrain.app
fonts.googleapis.com
g.algbid.app
g.bidbrain.app
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s3.amazonaws.com
secure.xivdb.com
static.shivtr.com
tpc.googlesyndication.com
www.decencydefied.shivtr.com
www.google.com
www.googletagservices.com
secure.xivdb.com
104.26.7.108
142.250.176.202
142.250.72.98
142.250.81.225
142.251.35.162
142.251.35.164
142.251.40.130
172.64.172.36
45.33.21.148
52.217.10.38
0142d9421cbe91db2256a41e6882308a2be01a41ff9da25d16e386b98e2846b9
02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e
03e148538b9fcf13db5414fb932c570c1bb6a2e6584f88e66c85714a7ab6b8a3
09da367214a9f4198f731d3dc4b9bad9e480a3902f218980caba5983335bbd1d
0dc7dce977f59400faff7e273b7a8d692c65151f0bf48fcd1b22dcf2a82ad47e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
2227380cfe06091de6d94b915f702989539cb9767046862a7e00f5ead8923536
2a69354f160dcdb9328a9cc0c863f26f767518a6c5ebe331ce89cdacca2cd440
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
395a57e23932bc66a3e00e7499f4df59218776013a6eddcc7842b1cd8efb6cac
3a1bbd03003833a6dfbcc82556fe57bb353c3b7480bfdd133a055b315207a5cc
5134570227afba46b72b8939516e6ace9c3733d41e2b33b0905f6d5e9fbb4164
5582017e43464f17b0b9e6bedbce329014aff87c7cef787273710a9d64e80d82
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
602589c57da4da8f4ad43ba8c58d7ac226126f52ad44e4a984545eaed01493b8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798
6a6ef7b481aace1f3aae99051ee4a3eb75ed613e53a240984418b2e933d06182
76448a768a8d6a29d26beba2594d9850afaab9116dd7dd688f6e18a451c9effa
76c001f1ca0862a209ba90914439764536887aa1888ddbf98fa4bb2888d1ac31
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7aec358ff3140eddbdbc0e3fe27f8503d70327dae78a6b611bff3ab510c53226
7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
92c6c828fc6117057fc4322c4455384e9bd92a00fabcb46222344f14394dee26
936eda223dd18657facd0c2e6babe575aa155107cf99b67cd8103743d2f09a03
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
9e6371400c7c2f3090de70cf741f1a9f0ec6ea712668c32da5c7735d275ca67f
a0ab3f8f3fe9fcacba9e149f8642cee5bdddc3c96696b1c835474fda4aa10ef9
a1b5169f3b94d6a3f3b96173e8df6ef29fc482c9e240d024537d5f89c2121f1d
af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87
b41ff57ae55fcd43297fa87d8685fc0c231b9214aba978c4781e37a50af6b17e
b63f1a9773a981c000c5837b28a4f413afd690a593df8750b8e4a5e4c2021cdb
bfebd365f29fad440de1124ec579d2c0926e31a2c1a927b41c68c6c84eba5fc9
c62dd54eb843e3b735ff1dc83a523eeaf1884071ac18f56e227c71ffbd70a89b
c898a7bfe7c34197b029ef98e0563ccf3c0bdd6754ca6b6eba8bfe8375a73696
c9806b9891143bb78b0d266327c038c9dd66143b11280002d98b74b298240953
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ace250121a3e485061835cd2fb15104bbb686fed83def2c70f84b780a20954
f26ae796465e6d21859bf5c67ac14c0521429c5f8a2d0f548f8e72622ebb94e6

www.decencydefied.shivtr.com Open in urlscan Pro 45.33.21.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

99 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

11 IPs

2 Countries

1768 kBTransfer

4384 kBSize

9 Cookies

7 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.decencydefied.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

11
IPs

2
Countries

1768 kB
Transfer

4384 kB
Size

9
Cookies

95 HTTP transactions
4 data transactions