Submitted URL: http://demonic-empire.shivtr.com/
Effective URL: https://demonic-empire.shivtr.com/
Submission: On June 27 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 55 HTTP transactions. The main IP is 45.33.21.148, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is demonic-empire.shivtr.com.
TLS certificate: Issued by E5 on June 26th 2024. Valid for: 3 months.
This is the only time demonic-empire.shivtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 45.33.21.148 63949 (AKAMAI-LI...)
14 142.250.186.66 15169 (GOOGLE)
25 52.217.228.104 16509 (AMAZON-02)
1 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
1 46.105.124.43 16276 (OVH)
3 13.33.187.11 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.193 15169 (GOOGLE)
55 10
Apex Domain
Subdomains
Transfer
25 amazonaws.com
s3.amazonaws.com
138 KB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
271 KB
7 shivtr.com
demonic-empire.shivtr.com
static.shivtr.com
211 KB
3 zamimg.com
wow.zamimg.com — Cisco Umbrella Rank: 95750
322 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 4434
169 KB
1 wowfan.cz
www.wowfan.cz
99 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 3546
32 KB
55 7
Domain Requested by
25 s3.amazonaws.com demonic-empire.shivtr.com
static.shivtr.com
14 pagead2.googlesyndication.com demonic-empire.shivtr.com
pagead2.googlesyndication.com
5 static.shivtr.com demonic-empire.shivtr.com
3 wow.zamimg.com demonic-empire.shivtr.com
wow.zamimg.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 demonic-empire.shivtr.com
1 i0.wp.com demonic-empire.shivtr.com
1 www.wowfan.cz demonic-empire.shivtr.com
1 res.cloudinary.com demonic-empire.shivtr.com
55 9

This site contains links to these domains. Also see Links.

Domain
armory.warmane.com
shivtr.com
Subject Issuer Validity Valid
*.shivtr.com
E5
2024-06-26 -
2024-09-24
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2024-05-25 -
2025-05-02
a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2023-12-18 -
2025-01-13
a year crt.sh
wowfan.cz
R10
2024-06-26 -
2024-09-24
3 months crt.sh
*.zamimg.com
Amazon RSA 2048 M01
2023-09-21 -
2024-10-18
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
tpc.googlesyndication.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 10 frames:

Primary Page: https://demonic-empire.shivtr.com/
Frame ID: 869DA46F6556E235A09F0CB988EF9887
Requests: 47 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: DE0F939654D220FAE85CA4BEC72F4265
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719513742&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~29_10&aiixl=30_6~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513742327&bpp=44&bdt=1945&idt=432&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3005983554874&frm=20&pv=2&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=471
Frame ID: C74B38439592C8824015BC2F015FF38A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&abgtt=3&lmt=1719513742&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513742371&bpp=7&bdt=1990&idt=447&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3005983554874&frm=20&pv=1&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=460
Frame ID: 1E2433E716BD14D6BCB90995967662B7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&h=280&adk=3809598800&adf=1604629528&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1719513743&rafmt=1&to=qs&pwprc=9183188665&format=1200x280&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513743458&bpp=2&bdt=3077&idt=-M&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3005983554874&frm=20&pv=1&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Frame ID: E0D17595736A516D9BF4E57C0F0F0EDA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&h=90&adk=1152246153&adf=513501529&pi=t.aa~a.2817085865~rp.3&w=1000&abgtt=3&fwrn=4&fwrnh=100&lmt=1719513743&rafmt=1&to=qs&pwprc=9183188665&format=1000x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513743458&bpp=1&bdt=3076&idt=1&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C728x90%2C1200x280&nras=3&correlator=3005983554874&frm=20&pv=1&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Frame ID: 049AB7749E2B4BD30486E469BC612281
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 7D1B965CFBDF2A057732E6879209E87D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: BF53F7624757D80ABA36D6AC1B4EE000
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 270F70DC83AECF412DC3AD3C41E1C2DF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D66CF0820DFA710429CBA91DE9A48EFA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Demonic Empire

Page URL History Show full URLs

  1. http://demonic-empire.shivtr.com/ HTTP 307
    https://demonic-empire.shivtr.com/ Page URL

Detected technologies

Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

55
Requests

98 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

1243 kB
Transfer

3308 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://demonic-empire.shivtr.com/ HTTP 307
    https://demonic-empire.shivtr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
demonic-empire.shivtr.com/
Redirect Chain
  • http://demonic-empire.shivtr.com/
  • https://demonic-empire.shivtr.com/
13 KB
4 KB
Document
General
Full URL
https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
bc6af01c8614be314b571c2b2591ec7a987fc5353dc5eae02ddd5431449ae10c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 18:42:20 GMT
etag
W/"bc6af01c8614be314b571c2b2591ec7a"
referrer-policy
strict-origin-when-cross-origin
server
Caddy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
f105902b-09a4-4ed8-8cff-cf7762dbd1e0
x-runtime
0.060573
x-xss-protection
1; mode=block

Redirect headers

Location
https://demonic-empire.shivtr.com/
Non-Authoritative-Reason
HttpsUpgrades
guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/
218 KB
38 KB
Stylesheet
General
Full URL
https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:20 GMT
content-encoding
zstd
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgq4s2q"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
614089-1687777479.css
static.shivtr.com/css-cache/site_themes/
30 KB
6 KB
Stylesheet
General
Full URL
https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
bd777b49e978d13efd23e3c33717d52238ff7f3d31d5085f7a2069f6de94c48f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:20 GMT
content-encoding
zstd
last-modified
Mon, 03 Jul 2023 11:04:39 GMT
server
Caddy
etag
"rx7w3rnem"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
static.shivtr.com/assets/
608 KB
162 KB
Script
General
Full URL
https://static.shivtr.com/assets/guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:20 GMT
content-encoding
zstd
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgqdcmv"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
90954cdc490d0f6fbcdb0864768c2a0c863c564b76402cea35547d8700f5cfcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52759
x-xss-protection
0
server
cafe
etag
16772965589237305660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 27 Jun 2024 18:42:21 GMT
favicon.png
static.shivtr.com/s3/missing/
382 B
447 B
Image
General
Full URL
https://static.shivtr.com/s3/missing/favicon.png
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:20 GMT
last-modified
Wed, 28 Jun 2023 04:24:58 GMT
server
Caddy
etag
"rwy49mam"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
382
home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/
250 B
327 B
Image
General
Full URL
https://static.shivtr.com/assets/mobile/toolbar/home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:20 GMT
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgq6y"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
250
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/17/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/17/out.png?1356759142
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d75a105ae665367fed5c8b4f861ef14368df2ddc603b7777140164b0d57c333a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:22 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:24 GMT
Server
AmazonS3
x-amz-request-id
SMT0W4PNX75YRWVN
ETag
"b349535acc00a6991ef2fb4df319d70a"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1233
x-amz-id-2
v7EM0RXiaxKsGcII/xUO9aexnXSV2pkzoNZOQAbOT4ExHW/BD0k3XPi8jkOq+i63PLJFdw9UOpQ=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/22/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/22/out.png?1356759148
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
54cc0e7807cf8bdf5d48a2930fbcd3b5a30b0dae8cc3bbab2efcee6fad1a092d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:22 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:30 GMT
Server
AmazonS3
x-amz-request-id
SMT8V4G2BNH5PW31
ETag
"e6796325284cc94e9c47abfafd14f1cf"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1192
x-amz-id-2
7RGFaHDPDHXqwdROayDb3E6cJ27bR8tPP1Z7zvPmVDbTXxAr8okC4PvCgcWaN7x+iKLabHFxe2E=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/1631/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/1631/out.png?1712097998
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ae0c6ce14006233c2c5c589c2adc34ff83d44169366a8e18d3e212a1bf5f9789

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:22 GMT
x-amz-version-id
gROG25qxuU0hRW0MJDzUcs6tvFaSMYps
Last-Modified
Tue, 02 Apr 2024 22:46:39 GMT
Server
AmazonS3
x-amz-request-id
SMTFBT9PFRDRDQB4
ETag
"61a4e4783310ea41740d56bcfef0b1d5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1406
x-amz-id-2
EfbvwQMKDdIa4H3Ass2PSFnhInRCBkwQwCLhe+H7g2L2DT0zyWRyF+Xs4LnK52aXrh1OhulOKlc=
Expires
Fri, 12 Apr 2024 22:43:48 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/14/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/14/out.png?1356759154
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff4094a2d0a0df94d358f9363bafe98fb4ed45601b46456651bb7ae23a48f625

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:22 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:35 GMT
Server
AmazonS3
x-amz-request-id
SMT11CK96MPAXVBB
ETag
"f8e2fc8f735480d867ad95834fbd6924"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1097
x-amz-id-2
/1m/K2FFZJdqfkY09YqzucwX3Jg0mCONTWvuU+N48NLvQknWFkjelIGeYK4YechtMW64mChY9xw=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/19/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/19/out.png?1356759160
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7088d6c86fda7a1dbd11ce4ec06ab4cf62f816203c1a68092d8b87bb847d2ec7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:22 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:41 GMT
Server
AmazonS3
x-amz-request-id
SMT7M6R68P8H9822
ETag
"08eaa3fe5ce8ec8c0118f5badcf2e38c"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1219
x-amz-id-2
1kfzdon2YZ1JfRcFuffxeJ/ACaVcp33IOuimpJhtxKak776Mw2r8SVMnCSUH2r+BwRwsYDTevJg=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/13/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/13/out.png?1356759171
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
38444148a2237a29af423edbe716ea9587872041585593d569fa13206db7a80e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:52 GMT
Server
AmazonS3
x-amz-request-id
VQ15CP1Z95SVD779
ETag
"522333c5b6abf6697e0894a433613b82"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1237
x-amz-id-2
30mqN6YpGdB4VfqXcjg4W233CtKUJV8dmm9nLozxwDPKPAmKXX59SOBOR5n2IbRVLaSnDgXyg0s=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/16/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/16/out.png?1356759178
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0101f1a2e65d66a8af54470ef2853f727dbaed3caf9aabaa522c9c46880f7e58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:59 GMT
Server
AmazonS3
x-amz-request-id
VQ17PKYT0SS9P5WV
ETag
"3fa41138fa5d03f5edd315ba0eaf4a4e"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1221
x-amz-id-2
0dimRz346tRMfq/zdfb7bJGMHGbZL+sPynYiRX8QTpaPSeyaaROySgcstjgL+I7Om0meBZ7ZIu8=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/15/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/15/out.png?1356759184
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a4acdbc5956c3196a8c4327078b5364d58362446a3620aa375085c0b4a4411d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:05 GMT
Server
AmazonS3
x-amz-request-id
VQ102MT432PQSBT1
ETag
"1baa44b20b606bacfa0507ae4b1d3c90"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1247
x-amz-id-2
FFoR+FBjnB1T0stC1hxzqe2lufRarzcDyKCxwiwQFAos380iZF8poUkBc+todv5sWzbNCG6l614=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/18/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/18/out.png?1356759190
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a24b219c5dd7b0c9efdb2ffb85e250809341705b37781e9b00435f9b8c5e2e3f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:11 GMT
Server
AmazonS3
x-amz-request-id
VQ1E074KV0EE49PH
ETag
"dee117fe859968bfadeff49c57963aad"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1232
x-amz-id-2
KquOsdRZ+uPZgoK5BnYwMWuttVM/J/uoBLNX3/1HagPIAdYdF+Aj1FqXwQoaaYZabETg0QhW/2U=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/20/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/20/out.png?1356759196
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6eade1ffe31d8226156f5c00fb48810841b02e60dd16f190205b162e8f73dc2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:18 GMT
Server
AmazonS3
x-amz-request-id
VQ183A1T675KQRXQ
ETag
"d6cfb94525c3d56d1d4220f50a282006"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1283
x-amz-id-2
3SCzjHRDhiHJNcdCnjNLeVmY7sko6GjoG4NyeSs09teq4QK43lzEUuqXF+h0vUHy/ZmjLnbNVew=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/12/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/12/out.png?1356759203
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
160f9c28c35e4390cd35e90cf1ccb3d80a58de14da97300d738b4e65cf54c7aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:24 GMT
Server
AmazonS3
x-amz-request-id
VQ149TVEJ7PD3VJN
ETag
"cfae4b32504ea00fbd74e4d8ecdd3a52"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1192
x-amz-id-2
ccqQaNeXAXXRVr5iTzebkjQ82Js9wzQJeeeIXyuvfkSsacKOW1bEkJU36jFRZNjrctayvKb/dZo=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
loadscreen-icecrown-citadel-full_lueuqz.jpg
res.cloudinary.com/mesorchoo/image/upload/c_crop,dpr_auto,f_auto,q_auto,w_1200/v1588050970/mesorchoo.com/artwork/instances/
32 KB
32 KB
Image
General
Full URL
https://res.cloudinary.com/mesorchoo/image/upload/c_crop,dpr_auto,f_auto,q_auto,w_1200/v1588050970/mesorchoo.com/artwork/instances/loadscreen-icecrown-citadel-full_lueuqz.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:12d:594::523 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
95177cb9a19bb527f7ba16b9f0d2ff334091efc9c01ecd2bef69435fd3be7126
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:22 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="loadscreen-icecrown-citadel-full_lueuqz.webp"
server-timing
cld-akam;dur=21;start=2024-06-27T18:42:22.726Z;desc=miss,rtt;dur=37,cloudinary;dur=85;start=2024-06-25T08:17:14.854Z
content-length
32394
last-modified
Tue, 28 Apr 2020 05:45:12 GMT
server
Cloudinary
etag
"46a1aa1daa83765dd2bd82bab390fa07"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
ruby.jpg
www.wowfan.cz/pic/uploaded/
99 KB
99 KB
Image
General
Full URL
https://www.wowfan.cz/pic/uploaded/ruby.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.105.124.43 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3056850.ip-46-105-124.eu
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ee3affa7a75a5dab262c3796ec8926c8852a2040a013cf9421e284e88ce0930e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:22 GMT
last-modified
Fri, 30 Dec 2016 21:24:49 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5866d0a1-18b12"
content-length
101138
content-type
image/jpeg
138506-trial-of-the-champion.jpg
wow.zamimg.com/uploads/screenshots/normal/
219 KB
219 KB
Image
General
Full URL
https://wow.zamimg.com/uploads/screenshots/normal/138506-trial-of-the-champion.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-11.fra60.r.cloudfront.net
Software
/
Resource Hash
9301f07ce28c09e87781be0f793b1eec60e04eb986e7b58bb99aeecfc1b7669a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 00:49:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
last-modified
Fri, 08 Feb 2013 03:23:53 GMT
x-amz-cf-pop
FRA60-P9
age
1446771
etag
"51146fc9-36ac8"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
223944
x-amz-cf-id
NG-oCd4FjZTJC7_M0OZ2mVz6LQZRdMtVC5G8sPZFyQ11rOiL5ZwIWw==
expires
Thu, 11 Jul 2024 00:49:31 GMT
Yogg-Saron_Blizzard_com.jpg
i0.wp.com/images3.wikia.nocookie.net/wowwiki/images/3/38/
169 KB
169 KB
Image
General
Full URL
https://i0.wp.com/images3.wikia.nocookie.net/wowwiki/images/3/38/Yogg-Saron_Blizzard_com.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
74c3eeecd923e56f2d4796ea18d4acd478cc329cdbdca2e51b55573a69f301c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:22 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
172906
x-nc
HIT ams 8
last-modified
Sun, 28 Apr 2024 19:26:57 GMT
server
nginx
etag
"de74aff6ce782cca"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://images3.wikia.nocookie.net/wowwiki/images/3/38/Yogg-Saron_Blizzard_com.jpg>; rel="canonical"
expires
Wed, 29 Apr 2026 07:26:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
90954cdc490d0f6fbcdb0864768c2a0c863c564b76402cea35547d8700f5cfcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52759
x-xss-protection
0
server
cafe
etag
16772965589237305660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 27 Jun 2024 18:42:21 GMT
power.js
wow.zamimg.com/widgets/
183 KB
58 KB
Script
General
Full URL
https://wow.zamimg.com/widgets/power.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-11.fra60.r.cloudfront.net
Software
/
Resource Hash
71761a0a10ea2298673ff10a99c7fe595ad40b6c869039e5efac2b900e687d8f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:13:06 GMT
content-encoding
gzip
via
1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 26 Jun 2024 21:09:55 GMT
x-amz-cf-pop
FRA60-P9
age
1756
etag
W/"667c83a3-2dab4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
-uLMSe1Lxkn9mCycfY9LTFPIpe704mepWiC-uR2BwrOQU0hdK9rqdw==
expires
Thu, 27 Jun 2024 19:13:06 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/
425 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
569634b2850014163d478120a020943f117efb55f40a3ff5a703e335e47d0630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146812
x-xss-protection
0
server
cafe
etag
4834988859376611754
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jun 2024 18:42:22 GMT
3930056.jpg
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
105 KB
106 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/3930056.jpg?1548602383
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8026b77a36d1a7e20e512f163552d9b6634d5437c0fb7b18d6aeb0650cb92ca7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
ClPnM4XHJqHQtpQpGfsGAAZOyAVA8AYG
Last-Modified
Sun, 27 Jan 2019 15:19:44 GMT
Server
AmazonS3
x-amz-request-id
VQ15H05T6EJKNHF0
ETag
"bc0594e47c957793e78027cfc1414289"
Content-Type
image/jpeg
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
107952
x-amz-id-2
tbdjX+viEupu49Kyhu8AmFXaqcU4eN49oJ1NAA1BJULxOI2mK8xBu4tYr2WewIFXFzKowiefx4I=
Expires
Sat, 27 Jul 2019 12:11:45 GMT
532207.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
2 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532207.png?1383940811
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
920a3defda6e075bd5ce32ebb4def4352b165fade37338fb91758aaedc1fc098

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:12 GMT
Server
AmazonS3
x-amz-request-id
VQ1156089TGX5QHW
ETag
"d6a1d3e270f4da6d5893fa7b94728025"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1915
x-amz-id-2
kTr3tQdOWjzplJ/0BFjRb6VGj901PWzq3L299jarcgFohsmOQ5B9J8/sonj7GHek6xW2cy7DnNk=
Expires
Mon, 05 May 2014 23:11:24 GMT
532208.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
2 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532208.png?1383940812
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d03b6e90b232fb83c1da9981b5cb4012063ad310ccf71e33b5e8fd1fe2d8fb9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:13 GMT
Server
AmazonS3
x-amz-request-id
VQ13AV6P1CDQ55JS
ETag
"4930ddbe02b550ef85bcc1d0c03c4a5a"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1971
x-amz-id-2
9cmwKRao1Q2dRPx10hLzulh6K/Ydj7/6TTXz/HAC6sDTTUUfI+Fvb1TPNMfeEVm7plVBW4HF8B8=
Expires
Mon, 05 May 2014 23:11:17 GMT
532205.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
199 B
650 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532205.png?1383940810
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a45b9f8f42c2dba06a065e38d99ff5521de332c3197f9fb4ab8801ab4970e041

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:11 GMT
Server
AmazonS3
x-amz-request-id
VQ158WKZZZPVC415
ETag
"b793897a973fe7efd6aed16f8809898b"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
199
x-amz-id-2
PNAEm3M/O0P3RFqF5ZdFXKCDLsgsU1eiisvTr3iMIXubyNZ1kpNYblzhtlKHNWp995EHeNWbtLQ=
Expires
Mon, 05 May 2014 23:11:17 GMT
532206.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
515 B
966 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532206.png?1383940811
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2fd319c7809baaf44380af89d4d6cc83eead0773f5942ac01b8b5931c7abc336

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:12 GMT
Server
AmazonS3
x-amz-request-id
VQ19DZM7E06E5A1H
ETag
"f5922a2b5d1fc74d17afe68c9fa5222c"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
515
x-amz-id-2
fhJM8hEpXZzOOisAAdWLSIL2XSmuOaxjUCe/mTP5T8t1xTbXHQJa1C90enttPFySnzM6Uw1+qKE=
Expires
Mon, 05 May 2014 23:10:52 GMT
532216.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532216.png?1383940816
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
748d77ecc9866e292c4ae69636ea30b6fb1e6af8d88a8059e0af2176429648c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:17 GMT
Server
AmazonS3
x-amz-request-id
VQ1D1XKFHZ8Y7138
ETag
"54fcfdf44787e7ebb805284cb89208e1"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1317
x-amz-id-2
zd0N2ZbNoJFR4PiL3N2TpJmt9v7WxN8smD/efkawSKYGPjMyx8bi5kyuAq0xmrCf2p1QHGiuowE=
Expires
Mon, 05 May 2014 23:10:52 GMT
532217.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
1 KB
2 KB
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532217.png?1383940817
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
240ac5cfe833b81f6607a9f702f7b30bc7383485fe86af4cd21b7c6d9cd2e3e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:18 GMT
Server
AmazonS3
x-amz-request-id
VQ18S8Q81BE6M1P3
ETag
"177bfb2a48dfcd9a39ff8f3d2fe61c33"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1395
x-amz-id-2
FDqZwO0E1WjIRkuXo3Q2o9AcbWPROJjAGzSBiwXh48n6Q1IOdtIv9VGnTMMtYseSuXiyrnV+8ik=
Expires
Mon, 05 May 2014 23:11:24 GMT
532215.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
207 B
658 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532215.png?1383940816
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7c328c382892475e77d0d96832bfa0b35612da6a9705f013d588ef0393c04b88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:17 GMT
Server
AmazonS3
x-amz-request-id
VQ13Q6PDJ77JE9M4
ETag
"0ce032c0be41099a5ace5b7039c3f1bb"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
207
x-amz-id-2
kPQCyGAhriR9amukLwUEOczDMZ65Yvdc27SW/sDtY4m8Fxzf32uJ978bVIDVMSqHZd6sKL1/P2Y=
Expires
Mon, 05 May 2014 23:11:17 GMT
532210.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
115 B
566 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532210.png?1383940812
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b033555869a4e4bbf069af142ba979c054fcff8d0f4d83b14d99a71b9ab07ca2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:13 GMT
Server
AmazonS3
x-amz-request-id
VQ14ERH81P6CPRVW
ETag
"1b4f940be0a40f3f4ae32b79b4c8a418"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
115
x-amz-id-2
sbAu65RIaZsThbjFO6W0NiE1NEtFDt7hMMZhIRtjUEr3kN4eco6plmDCiklcxiL3/haTokEMioI=
Expires
Mon, 05 May 2014 23:10:52 GMT
532211.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
117 B
568 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532211.png?1383940814
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e97fba31c1c44783c4852e361c7be30f2282ddcd4eb99dceb3ee9ca0aa94331

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:15 GMT
Server
AmazonS3
x-amz-request-id
VQ1EGHS3P61B1V5T
ETag
"7ba893c24882fc773894c658a5890c33"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
117
x-amz-id-2
oHC8vFCOunlDm/V2ha87JbkcK+9GJFhXf9wGT7wR4XIy/Qml2y2XEJc5ZrgUBmUdByQ67GwYMcY=
Expires
Mon, 05 May 2014 23:11:24 GMT
532209.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
108 B
559 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532209.png?1383940812
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4817af49d2bea29e98e801b84209ed1623aeb8d5e90d1ca362b7966166fb5824

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:13 GMT
Server
AmazonS3
x-amz-request-id
VQ15YKYPTCV2X7WZ
ETag
"1104b117d715aa58327a3a44467b49b9"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
108
x-amz-id-2
MEXmlxnkNMCgpd9vCl/xMaJay9r5Mh1K4JMfwEFxC3QtcKDVzJSfKjhXIq3L50k1EtLSqI7wFiY=
Expires
Mon, 05 May 2014 23:11:24 GMT
532213.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
147 B
598 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532213.png?1383940814
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
444c4c7901307178ed2d1362b09d15f689d48c3a4bed4e7513431ce155dc5778

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:15 GMT
Server
AmazonS3
x-amz-request-id
VQ12YMB6V27BBSB8
ETag
"d7170d3aa6b438e090ecff1acacb540e"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
147
x-amz-id-2
bNSf688CPUWK3cKLTScwUVlXo0oebMW5BtKYQJ3FLWltsHV1gZGVcHvWjwogwon6k0zti/ZX6rI=
Expires
Mon, 05 May 2014 23:10:52 GMT
532214.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
144 B
595 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532214.png?1383940816
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
85e41af2f1124000f87c8a5caab08cd7568e2eeda71879c623fea4fbce4c469d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:17 GMT
Server
AmazonS3
x-amz-request-id
VQ16BBF0BC5WG05A
ETag
"3f1d53e8dee0438ffac5f80923889582"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
144
x-amz-id-2
kzqUP2MA6eUzWIwDofmnxRgxjhbWNhlj9fOZdwsGzODZJ6gNdm8XwOkpGT35LU3oKbfxi0IfMxs=
Expires
Mon, 05 May 2014 23:11:24 GMT
532212.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/
154 B
605 B
Image
General
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532212.png?1383940814
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.228.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0635d732c479b8b327cc7ef699d1983cf37dd191c0cb911134d7be5d595a2bb9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 18:42:23 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:15 GMT
Server
AmazonS3
x-amz-request-id
VQ1ERQNSAQ01W6Z6
ETag
"9e1acdf4639abbc765ccea573e6335c3"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
154
x-amz-id-2
QzXZr3kNPXGJzeiO2cA2IU9WbaPLdGI6ybZsLTYX1MW4UrEbq6wVbmcrtl6KIZG5klfLYKzPv3g=
Expires
Mon, 05 May 2014 23:11:17 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame DE0F
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
83064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jun 2024 19:37:58 GMT
etag
9187630395144177108
expires
Wed, 10 Jul 2024 19:37:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=status_bar_position&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 18:42:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame C74B
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719513742&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~29_10&aiixl=30_6~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513742327&bpp=44&bdt=1945&idt=432&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3005983554874&frm=20&pv=2&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=471
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
74344
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jun 2024 18:42:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 1E24
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&abgtt=3&lmt=1719513742&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513742371&bpp=7&bdt=1990&idt=447&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3005983554874&frm=20&pv=1&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=460
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
41673
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jun 2024 18:42:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
universal.css
wow.zamimg.com/css/
669 KB
44 KB
Stylesheet
General
Full URL
https://wow.zamimg.com/css/universal.css?19
Requested by
Host: wow.zamimg.com
URL: https://wow.zamimg.com/widgets/power.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-11.fra60.r.cloudfront.net
Software
/
Resource Hash
caeafbb4be2d826e9d58946176e33f001f1f06dd16aa5c3d6cffa4ddf1a54621
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:15:47 GMT
content-encoding
gzip
via
1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 26 Jun 2024 21:10:04 GMT
x-amz-cf-pop
FRA60-P9
age
1595
etag
W/"667c83ac-a7217"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=10800
x-amz-cf-id
DnzrHjR4tYFWJgo8KysrMUR6zQZKdhPvhsj-OgY_vpoTUEogD4iH0A==
expires
Thu, 27 Jun 2024 21:15:47 GMT
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/
169 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/reactive_library_fy2021.js?bust=31084857
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
125b344b865c8ce1dd6aa9a74123d9d75734b68c8f7512b3e041b09f14a391be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58346
x-xss-protection
0
server
cafe
etag
12555338663798247438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Jun 2024 18:42:23 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame E0D1
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&h=280&adk=3809598800&adf=1604629528&pi=t.aa~a.1182920990~rp.3&w=1200&abgtt=3&fwrn=4&fwrnh=100&lmt=1719513743&rafmt=1&to=qs&pwprc=9183188665&format=1200x280&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513743458&bpp=2&bdt=3077&idt=-M&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C728x90&nras=2&correlator=3005983554874&frm=20&pv=1&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jun 2024 18:42:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 049A
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2367108048287515&output=html&h=90&adk=1152246153&adf=513501529&pi=t.aa~a.2817085865~rp.3&w=1000&abgtt=3&fwrn=4&fwrnh=100&lmt=1719513743&rafmt=1&to=qs&pwprc=9183188665&format=1000x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719513743458&bpp=1&bdt=3076&idt=1&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C728x90%2C1200x280&nras=3&correlator=3005983554874&frm=20&pv=1&ga_vid=1441922619.1719513743&ga_sid=1719513743&ga_hid=1610767905&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084863%2C42531705%2C44795921%2C95331688%2C95334511%2C95334524%2C95334564%2C95334573%2C95335896%2C31084857%2C31084187%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2565961845897246&tmod=1397446308&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
43269
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jun 2024 18:42:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame 7D1B
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
83064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jun 2024 19:37:58 GMT
etag
9187630395144177108
expires
Wed, 10 Jul 2024 19:37:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame BF53
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
83064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jun 2024 19:37:58 GMT
etag
9187630395144177108
expires
Wed, 10 Jul 2024 19:37:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame 270F
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
83064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jun 2024 19:37:58 GMT
etag
9187630395144177108
expires
Wed, 10 Jul 2024 19:37:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
68674ddc0b589862d52edfc68333d18f57b691c49c5963705f6a3748ea612e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12622
x-xss-protection
0
favicon.png
demonic-empire.shivtr.com/s3/missing/
382 B
432 B
Other
General
Full URL
https://demonic-empire.shivtr.com/s3/missing/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:25 GMT
last-modified
Wed, 28 Jun 2023 04:24:58 GMT
server
Caddy
etag
"rwy49mam"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
382
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&aplac=true&bust=31084857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://demonic-empire.shivtr.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 18:42:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D66C
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
40067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jun 2024 07:34:38 GMT
expires
Fri, 27 Jun 2025 07:34:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=2565961845897246&bg=!aWqlaiXNAAb64txl2uI7ADQBe5WfOPkbeLLK6EK9blC09Jq3lcSBqUytv1FcNt2DhCFj7vZnKYnPtd593dNun9SSckEiAgAAAZhSAAAAGGgBB34ANQLBQCdixxJyktAXb4C3f0FVL9tkP1YnOYWc2h-G5CqPB9UR606V_hRaxCX1O_TjP1pCa5XXCgBXsmz6jhNDjHfX8nm52YyjogaSr2U0Xc1EPmZHtgPeg-pMId_igXeogOpApHhPB9MMiimo26-VhHYfYnPvZdEdT0jLdE8Uv3iUQTnmeONvDmUkQbiToNBPmQLN_qizirXZT0ucA69NTXiRzuxF_JtaJybtp8lU6RpkzHohYitS910HZesKn78KZqkRhbclu_bFlS9v_IL0_vMD86aSExu-1WQ7PxsPWrIBm0N2psjg2XTpmUsw0ua1AfIgg-W_spvaLdQzf3_QZC9jsX9Va0nrJ5cqD21mApS6fTTaA66ZMidUmPxR8ar6RZpsdsHyKo5S-JwwoTrYd6YTZRgOSRndRnYksg8zsfHribhMitMJy_Jl_Gv1s2nI26DZoE2GvUZJ5xyS7QAsWdSvxe69aw8JfOBaWnLTBQRo8yPgON20CTqEL0g4Bqwy4jB6-93dvc89nJH6OcFIwXIw9eQUcXReFapSanvcTa65Xm671m-hvm8hSOtQJXx43SRMFtbIhmMssLEIKL38sBggz-J8TJiqBGmdB3q1sh46CTqGSYrKG-C0gv-IrmBrAu-DoRDzN6vtEh0NPJXJ5j3sq-weXcASg-sDzRd-KW02zhpNCAty2oonj-ODovSWaXG-81HQYOQR29KrK5k6S9Gm5DHvs8KEiHmnwmSOauh_A_Ult0DGznxemwRwPH8Z4kLtALnao8fPxYf5_gZggoPww633lF6rI6rcuz6AP50k66Rs3BKxmCn6uco65V-Gu92Aqgc8PVT49pYSFZXYhuQEmmIERySDm_ZGPGuN01NUkJhtiOnEiS5cUTC3U5tCj-ErYCN68aaSgWsW6kSmv0NcTc5-LCyd0q_RZSNbGzOZ5K_Hsaqnj5l8IWauU2GrBBEA1jpZQ4j_TDMU8Vd2t49VKEid3-7fbrYW0tkm0G7B2ISoND7bZz2Q_mdsSBWFtCLJYwR2CuH_UevgX8265weRrp7exr5-1p-Z0m1fTOpd6Pbx4pqu-22JQ8UTpQRF4FWpeeL2GPfVLOYHFGPT-pjo2bq_If4229wHMQxGT1lc8xzaJoJep5JhoOl9nfI6

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 undefined| event object| fence object| sharedStorage function| setCookie function| getCookie function| deleteCookie function| bbcodeHelp function| getVideoParam function| centerModals function| get_time_difference_in_minutes function| get_local_time_for_date function| distance_of_time_in_words object| Duration object| TZTime function| $ function| jQuery object| jQuery112403244426424042852 function| tmpl object| App function| _ function| Class function| Picker object| hopscotch object| bbcodeSettings object| bbcodeSimpleSettings function| positionFooter object| AionItem object| Gw2Item object| RomItem object| VindictusItem object| WowItem object| ClassicItem object| ItemTooltip object| Shivtip object| MainTooltip object| ProgressionTooltip function| Chat object| ChatEmotes function| ChatMessage function| Pusher function| WhosOnline object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| miuScript string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Icon object| WH object| g_itemScalingCallbacks object| Locale object| $WowheadPower object| google_llp object| googletag object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
demonic-empire.shivtr.com/ Name: site_game_id
Value: 184678
demonic-empire.shivtr.com/ Name: _shivtr_bakery
Value: LaJzvhp%2FGjmhuDOo%2FRVNuwjxU0sxKd4TANzF8gSECQ0NvZN%2BL2GA8zz7GBF9jSbHLb0p2wSpCtKl8yFrsxDOouoH325cmF1jkFRDS4XnbAZhNuQ3eF0Jy3JMGPduEKpaAAbCySvmPQCoJwNhjqkRsr8pCeGZ%2B5Mnvhf9WDg1sgMbb%2FWRgdtBtS2AymThjMc0Qw1M5EFrGipApSot3JlP5M%2FR11Nq%2BlFFdhyy7AixJKjwVUO3UZJl%2BNrdnbhzp%2Bj1BAQk951xt9BpKdEQ2WWBPD46SJSUthvIxia5SIPQU9nlVwXiBPY%3D--9wD4iD8ch6lyjIlp--u6ss2NMD4x%2FsPSL2lYsHww%3D%3D
.shivtr.com/ Name: __eoi
Value: ID=c77cce1326e7321b:T=1719513742:RT=1719513742:S=AA-AfjYSGSEAHUxIpt2w4angijd7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demonic-empire.shivtr.com
i0.wp.com
pagead2.googlesyndication.com
res.cloudinary.com
s3.amazonaws.com
static.shivtr.com
tpc.googlesyndication.com
wow.zamimg.com
www.wowfan.cz
pagead2.googlesyndication.com
13.33.187.11
142.250.185.193
142.250.186.66
192.0.77.2
2a00:1450:4001:812::2001
2a02:26f0:12d:594::523
45.33.21.148
46.105.124.43
52.217.228.104
0101f1a2e65d66a8af54470ef2853f727dbaed3caf9aabaa522c9c46880f7e58
0635d732c479b8b327cc7ef699d1983cf37dd191c0cb911134d7be5d595a2bb9
125b344b865c8ce1dd6aa9a74123d9d75734b68c8f7512b3e041b09f14a391be
160f9c28c35e4390cd35e90cf1ccb3d80a58de14da97300d738b4e65cf54c7aa
240ac5cfe833b81f6607a9f702f7b30bc7383485fe86af4cd21b7c6d9cd2e3e8
2fd319c7809baaf44380af89d4d6cc83eead0773f5942ac01b8b5931c7abc336
38444148a2237a29af423edbe716ea9587872041585593d569fa13206db7a80e
444c4c7901307178ed2d1362b09d15f689d48c3a4bed4e7513431ce155dc5778
4817af49d2bea29e98e801b84209ed1623aeb8d5e90d1ca362b7966166fb5824
4d03b6e90b232fb83c1da9981b5cb4012063ad310ccf71e33b5e8fd1fe2d8fb9
54cc0e7807cf8bdf5d48a2930fbcd3b5a30b0dae8cc3bbab2efcee6fad1a092d
569634b2850014163d478120a020943f117efb55f40a3ff5a703e335e47d0630
5e97fba31c1c44783c4852e361c7be30f2282ddcd4eb99dceb3ee9ca0aa94331
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68674ddc0b589862d52edfc68333d18f57b691c49c5963705f6a3748ea612e2d
7088d6c86fda7a1dbd11ce4ec06ab4cf62f816203c1a68092d8b87bb847d2ec7
71761a0a10ea2298673ff10a99c7fe595ad40b6c869039e5efac2b900e687d8f
748d77ecc9866e292c4ae69636ea30b6fb1e6af8d88a8059e0af2176429648c4
74c3eeecd923e56f2d4796ea18d4acd478cc329cdbdca2e51b55573a69f301c2
7c328c382892475e77d0d96832bfa0b35612da6a9705f013d588ef0393c04b88
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8026b77a36d1a7e20e512f163552d9b6634d5437c0fb7b18d6aeb0650cb92ca7
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12
85e41af2f1124000f87c8a5caab08cd7568e2eeda71879c623fea4fbce4c469d
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
8a4acdbc5956c3196a8c4327078b5364d58362446a3620aa375085c0b4a4411d
90954cdc490d0f6fbcdb0864768c2a0c863c564b76402cea35547d8700f5cfcf
920a3defda6e075bd5ce32ebb4def4352b165fade37338fb91758aaedc1fc098
9301f07ce28c09e87781be0f793b1eec60e04eb986e7b58bb99aeecfc1b7669a
95177cb9a19bb527f7ba16b9f0d2ff334091efc9c01ecd2bef69435fd3be7126
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
a24b219c5dd7b0c9efdb2ffb85e250809341705b37781e9b00435f9b8c5e2e3f
a45b9f8f42c2dba06a065e38d99ff5521de332c3197f9fb4ab8801ab4970e041
ae0c6ce14006233c2c5c589c2adc34ff83d44169366a8e18d3e212a1bf5f9789
b033555869a4e4bbf069af142ba979c054fcff8d0f4d83b14d99a71b9ab07ca2
bc6af01c8614be314b571c2b2591ec7a987fc5353dc5eae02ddd5431449ae10c
bd777b49e978d13efd23e3c33717d52238ff7f3d31d5085f7a2069f6de94c48f
caeafbb4be2d826e9d58946176e33f001f1f06dd16aa5c3d6cffa4ddf1a54621
d6eade1ffe31d8226156f5c00fb48810841b02e60dd16f190205b162e8f73dc2
d75a105ae665367fed5c8b4f861ef14368df2ddc603b7777140164b0d57c333a
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3affa7a75a5dab262c3796ec8926c8852a2040a013cf9421e284e88ce0930e
ff4094a2d0a0df94d358f9363bafe98fb4ed45601b46456651bb7ae23a48f625