urlscan.io logo urlscan.io
SecurityTrails logo

www.guiltypleasure.shivtr.com Open in urlscan Pro
45.33.21.148  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.guiltypleasure.shivtr.com/
Submission: On March 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 12 domains to perform 112 HTTP transactions. The main IP is 45.33.21.148, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.guiltypleasure.shivtr.com.
TLS certificate: Issued by R3 on March 24th 2024. Valid for: 3 months.
This is the only time www.guiltypleasure.shivtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 45.33.21.148 63949 (AKAMAI-LI...)
22 2607:f8b0:400... 15169 (GOOGLE)
13 54.231.164.240 16509 (AMAZON-02)
2 18.154.227.82 16509 (AMAZON-02)
3 12 2607:f8b0:400... 15169 (GOOGLE)
1 2620:1ec:46::40 8075 (MICROSOFT...)
1 23.220.108.248 16625 (AKAMAI-AS)
28 2607:f8b0:400... 15169 (GOOGLE)
2 5 2620:1ec:c11:... 8068 (MICROSOFT...)
4 68.67.181.211 29990 (ASN-APPNEX)
4 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
6 172.253.62.154 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
112 16
7    45.33.21.148 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com
www.guiltypleasure.shivtr.com
static.shivtr.com
22    2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    54.231.164.240 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    18.154.227.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-82.iad55.r.cloudfront.net
wow.zamimg.com
12    2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    23.220.108.248 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-108-248.deploy.static.akamaitechnologies.com
cdn.adnxs.com
28    2607:f8b0:4004:c1f::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
4    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
4    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
www.googleadservices.com
2    2607:f8b0:4004:c06::69 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
858 KB
13 amazonaws.com
s3.amazonaws.com
117 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
148 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
198 KB
7 shivtr.com
www.guiltypleasure.shivtr.com
static.shivtr.com
215 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 168
5 bing.com
www.bing.com — Cisco Umbrella Rank: 74
7 KB
5 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 2556
nym1-ib.adnxs.com — Cisco Umbrella Rank: 2510
30 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
2 zamimg.com
wow.zamimg.com — Cisco Umbrella Rank: 90558
102 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 7641
39 KB
112 12
Domain Requested by
28 tpc.googlesyndication.com googleads.g.doubleclick.net
www.guiltypleasure.shivtr.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
22 pagead2.googlesyndication.com www.guiltypleasure.shivtr.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
13 s3.amazonaws.com www.guiltypleasure.shivtr.com
static.shivtr.com
12 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 www.gstatic.com www.guiltypleasure.shivtr.com
googleads.g.doubleclick.net
6 www.googleadservices.com www.guiltypleasure.shivtr.com
6 static.shivtr.com www.guiltypleasure.shivtr.com
5 www.bing.com 2 redirects googleads.g.doubleclick.net
4 fonts.googleapis.com www.guiltypleasure.shivtr.com
googleads.g.doubleclick.net
4 nym1-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 wow.zamimg.com www.guiltypleasure.shivtr.com
wow.zamimg.com
1 cdn.adnxs.com googleads.g.doubleclick.net
1 adsdk.microsoft.com googleads.g.doubleclick.net
1 www.guiltypleasure.shivtr.com
112 16
Subject Issuer Validity Valid
www.guiltypleasure.shivtr.com
R3		 2024-03-24 -
2024-06-22		 3 months crt.sh
static.shivtr.com
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-02-08 -
2025-01-11		 a year crt.sh
*.zamimg.com
Amazon RSA 2048 M01		 2023-09-21 -
2024-10-18		 a year crt.sh
adsdk.microsoft.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-01-08 -
2024-07-06		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://www.guiltypleasure.shivtr.com/
Frame ID: EFE52E55BCC767D859B2592E57A6ECCA
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1711360447&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447120&bpp=5&bdt=692&idt=429&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3748915134399&frm=20&pv=2&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=460
Frame ID: F6C4AC6B9713865642BFE987B7C1989B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Frame ID: C9CE8622AE706A3ABA9A997773799BA9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: 1F009575A508620BC615A20638C5856F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: 039D657EB2731F76375E1D5924739C19
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: C05184C3F98322939D85AC7813B1A452
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: C9C78C2C3719441AB612DA0598BBD67D
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 0F68AD2127822E339532927B4F454B8E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 36EB82AFFCE0F89671B1264B6691E406
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: 3991D0317F5BC3C7BBFA18C0848E3E6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: 8AF80ACA8B6C0DA703EE5489A3B53F24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: 3B3B91A6FD4CAC9AE5AEE92CD4F630E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: FABF1FA3D4D5F8EBADCD7ADB592562CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4C21DF216C947C5D994E481743A6BCA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 612CEED7DE0BB0EAF6A689164F39ACAF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Guilty Pleasure - Home of all your Guilty Pleasures

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

112
Requests

96 %
HTTPS

60 %
IPv6

12
Domains

16
Subdomains

16
IPs

1
Countries

1719 kB
Transfer

5566 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3b420530-2b6d-4b68-b422-ec6e5bbd688e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=fc6b25d2-3437-4a06-811f-e06620d80a37&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D62053173df59438a8003c3d96b0603dc%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7240145&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_gznk&aid=4534913511481401801 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=62053173df59438a8003c3d96b0603dc&SNR=1&GV=2&med=10
Request Chain 93
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Che-Kv0kBZtqDK8PMoPMP4KC2sASm09qCbe234-HmD77ZjKesCRABINigpgRgye6Oi8CkjBCgAd3WvLcoyAEBqAMByAPLBKoEnAJP0DVi2udF8dBtLcG_YSUsQFlnYAYMIA-f_ME4S6ZhZeZNCJ2r5LNCm2avfQnniSJr1uHiorGO6z3WU3FlxMYt5KxVH4zldaL4i_PgaCuO_NIWijiVZLdaEFFuLGnNYWebN0BhXXN3vQy31UGW0lZo-hZhYGyufXY4FNp9uz68okpAmhF6zFcLix42f2dYSlniKspfEQ9tymz3wU7cU3HheCMRzOy-idcizXxT9OTMsw6G1SgNvT5Kbp32SFXxX7DX6V77YMNNoCrQOhh_kBm5bpXyzDEHU26vtUK3NUUO4nbFOjedS8wXJxQL7aZeVabHDSm3obYeBB8Nm_hYJoofoYwrTtH2C08I042M0W5ajXJMT0RW3-qw-tRKs8AExdO0p_EDiAWs3N-VQJIFBAgEGAGSBQQIBRgEoAYugAfdjo2XA6gH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEIbCBNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOlimvcW8ko-FA5oJQ2h0dHBzOi8vd3d3LnRvdGFsYWRibG9jay5jb20vX2ZfLzYyMGU2MjUwNTZjYTQvY2xpY2svZGVza3RvcC91c2EvMjWACgHICwHaDBEKCxDAq8P7wuuoorQBEgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMzY3MTA4MDQ4Mjg3NTE1GACyGAkSArBTGC4iAQA&sigh=tzmMWhlvoTU&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqZ5TqAaYMn1rWThvb0nJROYnNr3Qzmm5b9y_WU5pYmqNgkamptXeDIFcKG-LLor7nigl4-0mdQ6G7rt1BZRdY-wBlgGjflwsttiYYAQ&template_id=5021&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3271346fe150000000000000000%22,%224%22:%220x853944b4a6c281020000000000000000%22,%225%22:%220x719411e9f5705b3e0000000000000000%22},%22debug_key%22:%225534067482669127355%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210853755741%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227754760564145940113%22}&andc=true
Request Chain 95
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CuvBWv0kBZtmDK8PMoPMP4KC2sASm09qCbe234-HmD77ZjKesCRABINigpgRgye6Oi8CkjBCgAd3WvLcoyAEBqAMByAPLBKoEnAJP0Cz2g3_2t5tq2ks1-rTp9Z89GdzgOXrt0oTdMrVkR7GwJk5PkNf6UcY3Nzqf9TUvDkjwyMm0BZRQ8QYQcl6yRE-8ph4DG8QR59zloCsmFiTuhhrv1yrJevEfqi1BvWl-5xCx55KWCaO9vZkPPK3-stmfjOtqHscZGSd8Mid70auyHNrgGw2l48Lu5Fnh6VRJlYtgWrT25oxDBGa7ScnKt_-cuzGHDCJHnC6wLeYWrhFQf0CwgFhl13zgJtVhVSb0v-bQJdFMzGeyZ8MyEmV2Gz8q0kZAYUiI-SnaG1Q4lfYOiyvfL4oMnvs6WHxzj7j-pmnE_nyJPsJI6sv90azdQXVu6m4-ALWC2YOynh3VhwdAru1eOF3ecMeduMAExdO0p_EDiAWs3N-VQJIFBAgEGAGSBQQIBRgEoAYugAfdjo2XA6gH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEOOZA9IIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOlimvcW8ko-FA5oJQ2h0dHBzOi8vd3d3LnRvdGFsYWRibG9jay5jb20vX2ZfLzYyMGU2MjUwNTZjYTQvY2xpY2svZGVza3RvcC91c2EvMjWACgHICwHaDA8KCRDAnfzUjJXhJxICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjM2NzEwODA0ODI4NzUxNRgAshgJEgKwUxguIgEA&sigh=R6ZXR3YNtSE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqZ5TqAaYMn1rWThvb0nJROYnNr3Qzmm5b9y_WU5pYmqNgkamptXeDIFcKG-LLor7nigl4-0mdQ6G7rt1BZRdY-wBlgGjflwsttiYYAQ&template_id=5021&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3271346fe150000000000000000%22,%224%22:%220x853944b4a6c281020000000000000000%22,%225%22:%220x719411e9f5705b3e0000000000000000%22},%22debug_key%22:%2212306611891210985630%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210853755741%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228448992207177731873%22}&andc=true
Request Chain 96
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 99
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Co9nCv0kBZtuDK8PMoPMP4KC2sASb0dy-dvfnqP6BErHR_d8FEAEg2KCmBGDJ7o6LwKSMEKABt5SCwgPIAQGoAwHIA8sEqgSVAk_QNBdPcBkKaj4ALHgnxl1ixJGEj-AxPrc7LeEPeffB_1zD0DFmtbCLlkqHeXv4cWB1ICNvqpHTleRWccGLXg47V-ose9zYectUVYkDg5Ddyr4WBzQFrQnDC9dwanDUp83XdvxQq_5emZJNCbXUKGg9JjSrHRDNxYo0ZCqXCQPxbi90KuW63_w93yvTwP9p1zHbtcf9_11jvJK-OqI7BjBMiPJ1aRpmqMxAbDa52k4wTtCVvYZeYYVE_bkKuuggv43glBrIhUPQrxgNOmUEwRd01azpOSg38wcaIk5t8VqCflAVmNdyVspWbUmHtMZtq8WoLZtcYm3O3O4gpGIkJUrLaQ68d1Nduz8TxMz2D2BcyzRxSkfABN2Hioi2BIgF68L-g02SBQQIBBgBkgUECAUYBIAH7ZSZ7wOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAfIHBBCDkATSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYpr3FvJKPhQOaCX1odHRwczovL3d3dy5sYXN0cGFzcy5jb20vcHJvZHVjdHMvYnVzaW5lc3M_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPTIwNjc3ODk0NTA3JnV0bV9jb250ZW50PTY3ODk5NTYzMTI4MYAKAcgLAdoMEQoLENCTgdLljru4gAESAgED2BMNiBQE0BUBgBcBshccChoIABIUcHViLTIzNjcxMDgwNDgyODc1MTUYALIYCRICpGYYASIBAA&sigh=0RD2mGLXYcg&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqZ5TqAaYMn1rWThvb0nJROYnNr3Qzmm5b9y_WU5pYmqNgkamptXeDIFcKG-LLor7nigl4-0mdQ6G7rt1BZRdY-wBlgGjflwsttiYYAQ&template_id=5001&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8875953d143ffcdc0000000000000000%22,%222%22:%220x4a4aa65f5ebec03d0000000000000000%22,%223%22:%220xdb8953b23ad682b00000000000000000%22,%224%22:%220x2e0a8ba7f1ec550e0000000000000000%22,%225%22:%220xeaf3a74a80b07e6f0000000000000000%22},%22debug_key%22:%2216943956009356088481%22,%22debug_reporting%22:true,%22destination%22:%22https://lastpass.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22943753783%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214455623769539230913%22}&andc=true
Request Chain 103
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3b420530-2b6d-4b68-b422-ec6e5bbd688e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=fc6b25d2-3437-4a06-811f-e06620d80a37&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D62053173df59438a8003c3d96b0603dc%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7240145&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_gznk&aid=4534913511481401801 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=62053173df59438a8003c3d96b0603dc&tids=15000&med=10

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.guiltypleasure.shivtr.com/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
de5b04094f0280bfc545b19db776ad940c438aaed7edac8df71461cf53038727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Mar 2024 09:54:06 GMT
etag
W/"de5b04094f0280bfc545b19db776ad94"
referrer-policy
strict-origin-when-cross-origin
server
Caddy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
f6784e3e-b741-461c-bc83-ccf45148b2ee
x-runtime
0.066870
x-xss-protection
1; mode=block
guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/ 		218 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:06 GMT
content-encoding
gzip
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgq4s2q"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
10343-1687776119.css
static.shivtr.com/css-cache/site_themes/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.shivtr.com/css-cache/site_themes/10343-1687776119.css
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
87e9bed949ecdeb320cf54d799d0550e994caf0dc572903f4189b29030e171bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:06 GMT
content-encoding
gzip
last-modified
Mon, 03 Jul 2023 10:41:59 GMT
server
Caddy
etag
"rx7v1zgw3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
static.shivtr.com/assets/ 		608 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.shivtr.com/assets/guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:06 GMT
content-encoding
gzip
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgqdcmv"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5d31b6d8e3d1cdab78aa72e3c4e595ecbfa3b3c515a8818c255c90d35a372d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51099
x-xss-protection
0
server
cafe
etag
18058408646013750716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 25 Mar 2024 09:54:06 GMT
favicon.png
static.shivtr.com/s3/missing/ 		382 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shivtr.com/s3/missing/favicon.png
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:06 GMT
last-modified
Wed, 28 Jun 2023 04:24:58 GMT
server
Caddy
etag
"rwy49mam"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
382
home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/ 		250 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shivtr.com/assets/mobile/toolbar/home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:06 GMT
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgq6y"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
250
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/17/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/17/out.png?1356759142
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d75a105ae665367fed5c8b4f861ef14368df2ddc603b7777140164b0d57c333a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:24 GMT
Server
AmazonS3
x-amz-request-id
AJ83GKPTW500PWXM
ETag
"b349535acc00a6991ef2fb4df319d70a"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1233
x-amz-id-2
2FlJJ3yHEILdDj/Qb9uEeRzwqHtsxWcfnRDARo936caX/ru2m+mSILmUvjfWveGmvfjI6sNOe4Q=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/1522/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/1522/out.png?1468481724
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b05f3d2a40920486aba1a9355000e31e44f969dc713d5b1f230546056ac24c77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
SsflIWfUTcoG8eDwcRAeQJYgCdIq0uxo
Last-Modified
Thu, 14 Jul 2016 07:35:25 GMT
Server
AmazonS3
x-amz-request-id
AJ841S3ZT1Y1KA2Q
ETag
"e8bce116b41ba8665c4add446c4369f3"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1410
x-amz-id-2
JkkqBm8iSaKL78Jb+KzTWZuEZctuUlyP9r+TupOyRhoG1a95VnIUqfjIiVAiaPpdnUwyOED0Dpw=
Expires
Fri, 15 Jul 2016 04:30:18 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/22/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/22/out.png?1356759148
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
54cc0e7807cf8bdf5d48a2930fbcd3b5a30b0dae8cc3bbab2efcee6fad1a092d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:30 GMT
Server
AmazonS3
x-amz-request-id
AJ8EWT5QF56JJ5B6
ETag
"e6796325284cc94e9c47abfafd14f1cf"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1192
x-amz-id-2
A2MZY7z6J07E8ntuD2VoZJGdgITXbP78y1o0HkYvxqzUvRx38wT0yJFjnIJixm9RYtqMCzTBNrk=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/14/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/14/out.png?1356759154
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff4094a2d0a0df94d358f9363bafe98fb4ed45601b46456651bb7ae23a48f625

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:35 GMT
Server
AmazonS3
x-amz-request-id
AJ80GADVBKG9MRA2
ETag
"f8e2fc8f735480d867ad95834fbd6924"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1097
x-amz-id-2
HNfiz5PQeKxr9wkFidBMCbvk1D2umccTp1dh/OuqpIvENxzuT+3s4b5W5EEHS5yZhmSbTpyAUUY=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/19/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/19/out.png?1356759160
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7088d6c86fda7a1dbd11ce4ec06ab4cf62f816203c1a68092d8b87bb847d2ec7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:41 GMT
Server
AmazonS3
x-amz-request-id
AJ83TSCBH1ZE3MM1
ETag
"08eaa3fe5ce8ec8c0118f5badcf2e38c"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1219
x-amz-id-2
uVOkZDxl5Sq8HM+uyMvo3T3m1GwWihQ0G4NILGK/BJKOI0kZ+turyDiQdV5wmGSyaEtvuJvohaI=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/21/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/21/out.png?1356759165
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
00dbbd38d1dde161700c2b339d112c6243bc3dc0325e8446a5042b8f7eb8ff2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:47 GMT
Server
AmazonS3
x-amz-request-id
WEEGMT7BG75YA38Y
ETag
"6442f1af6ad3e331888ace5594f46d50"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1253
x-amz-id-2
3C4fXwwSx0lRcTBmX2qBtxVqT7jKWqE2mf4SiYCqzut1K2gdnJxPjJMVrtFWAGtYciuJXNbQIOQ=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/13/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/13/out.png?1356759171
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
38444148a2237a29af423edbe716ea9587872041585593d569fa13206db7a80e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:08 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:52 GMT
Server
AmazonS3
x-amz-request-id
WEEWW94FANQ3FXA8
ETag
"522333c5b6abf6697e0894a433613b82"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1237
x-amz-id-2
1RrtJDlCAHYEpn98T/YyaKfZuRL8i1JWguFQFXNESIf5faTHSVTha6S61IHyJ2wSwf3g7H0aUc8=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/16/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/16/out.png?1356759178
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0101f1a2e65d66a8af54470ef2853f727dbaed3caf9aabaa522c9c46880f7e58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:08 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:59 GMT
Server
AmazonS3
x-amz-request-id
WEEN8PG17C8K4MW2
ETag
"3fa41138fa5d03f5edd315ba0eaf4a4e"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1221
x-amz-id-2
VwOxeFPmGAZhm+YXlmGI3v4ipzUeTDdXSmzPuND1KhR34VtxmtaYyEDUAIkwBpaxqlzoBEs/alI=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/15/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/15/out.png?1356759184
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a4acdbc5956c3196a8c4327078b5364d58362446a3620aa375085c0b4a4411d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:08 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:05 GMT
Server
AmazonS3
x-amz-request-id
WEEZB07P0MEDW77J
ETag
"1baa44b20b606bacfa0507ae4b1d3c90"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1247
x-amz-id-2
TFjvKC1QZFCaOsScyxi0pyHgNag5ALCtm4JqeQBHrY9vlGtll12QdtfjoNL0ipt50chRKtHratM=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/18/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/18/out.png?1356759190
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a24b219c5dd7b0c9efdb2ffb85e250809341705b37781e9b00435f9b8c5e2e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:11 GMT
Server
AmazonS3
x-amz-request-id
AJ8BXVQH5ATH2XB0
ETag
"dee117fe859968bfadeff49c57963aad"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1232
x-amz-id-2
wLQeb9GAZZF7XUuxl/2wNzq4MPncGCec0/PRAV2OupRdg5NsR56t+hXCShJRdkVDe3k7E5P+K80=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/20/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/20/out.png?1356759196
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6eade1ffe31d8226156f5c00fb48810841b02e60dd16f190205b162e8f73dc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:18 GMT
Server
AmazonS3
x-amz-request-id
AJ8DTN35VQ319JCA
ETag
"d6cfb94525c3d56d1d4220f50a282006"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1283
x-amz-id-2
Qc3VbW9613NHpQm+kyNj94z439yRZevVUFZ2vu5dBOtmi2STACWPrW1Rq6mgHnkK37dCdHlZUbg=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/12/out.png?1356759203
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
160f9c28c35e4390cd35e90cf1ccb3d80a58de14da97300d738b4e65cf54c7aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:24 GMT
Server
AmazonS3
x-amz-request-id
AJ84DA73N0DGC0RH
ETag
"cfae4b32504ea00fbd74e4d8ecdd3a52"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1192
x-amz-id-2
nWPXAj7KzI4iC0hmm9WRQrQMe5+RNv00xGYA6HdHK87SUOu1wTTgX2BSE6eSf3KUl9zlbFdVn+s=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
btn_donate-ff621b62ff16bd4137804f849c5c84805be9e495aa49c789b397d1573b1f1e31.png
static.shivtr.com/assets/buttons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shivtr.com/assets/buttons/btn_donate-ff621b62ff16bd4137804f849c5c84805be9e495aa49c789b397d1573b1f1e31.png
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
f295898f1d51962ed958272ed398ce0c8b699fd543ff6ad4cd5b6f46fa85e299

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:06 GMT
last-modified
Sun, 02 Jul 2023 20:26:47 GMT
server
Caddy
etag
"rx6rgn1ia"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
1954
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d98e1a6f9514ced19653546af2a6d0addb7783e98c3c7bdbb1e72207aa72bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50926
x-xss-protection
0
server
cafe
etag
5015871697687629180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 25 Mar 2024 09:54:07 GMT
power.js
wow.zamimg.com/widgets/ 		181 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wow.zamimg.com/widgets/power.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-82.iad55.r.cloudfront.net
Software
/
Resource Hash
48317993f9810b06b5faa1692a39cc56288c6a3b9a145cc621122e41120a7c5c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:33:08 GMT
content-encoding
gzip
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 22 Mar 2024 19:31:35 GMT
x-amz-cf-pop
IAD55-P5
age
1259
etag
W/"65fddc97-2d4dd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
N2WvSQnfJKBMOBheimvMSBCHbtoUa5fTFkDQnhBZC9KGGn6i3x8TXg==
expires
Mon, 25 Mar 2024 10:33:08 GMT
119122.gif
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/119122.gif?1383721798
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/10343-1687776119.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62ba873afb2e3f6158099072e5657ee5b1d5fab1ce5ae9dbad26a86e6dbeadaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:07 GMT
x-amz-version-id
null
Last-Modified
Wed, 06 Nov 2013 07:09:59 GMT
Server
AmazonS3
x-amz-request-id
AJ85DDMP8WR2GVAH
ETag
"891b529752222f25133fcc16927b9347"
Content-Type
image/gif
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
99337
x-amz-id-2
eBQL9PWRTMS+awVXbuDyIgBeduRFGjid6a1ea4Uth6tw3voygqVlfT2OTcczI8s1GSJOvppmGsk=
Expires
Mon, 05 May 2014 23:11:24 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab0ad9bee95d906ed3438be619f8a95a2765487b108eb6f9e748674604ff03db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141396
x-xss-protection
0
server
cafe
etag
17747550397926424998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 09:54:07 GMT
universal.css
wow.zamimg.com/css/ 		650 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wow.zamimg.com/css/universal.css?19
Requested by
Host: wow.zamimg.com
URL: https://wow.zamimg.com/widgets/power.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-82.iad55.r.cloudfront.net
Software
/
Resource Hash
7798986cd57d838ed8c68451b0a69882856d6f0bb4b8df080e09a2cc1bfb1b28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 07:10:53 GMT
content-encoding
gzip
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 22 Mar 2024 19:31:42 GMT
x-amz-cf-pop
IAD55-P5
age
9794
etag
W/"65fddc9e-a26cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=10800
x-amz-cf-id
tJh637LI5KcwjLdtv5uNRDARAvTgHaMOTL7Q_kv2PQk6kLs5C28N8Q==
expires
Mon, 25 Mar 2024 10:10:53 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/webp
ads
googleads.g.doubleclick.net/pagead/ Frame F6C4 		692 KB
113 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1711360447&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447120&bpp=5&bdt=692&idt=429&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3748915134399&frm=20&pv=2&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=460
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd2d25def2fee047a9244f309a57849dc891edcd957a5d7eac3952eb8e109211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
115275
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 09:54:08 GMT
expires
Mon, 25 Mar 2024 09:54:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=status_bar_position&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C9CE 		45 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a31019ef287dbcadc7f0e7063aacd4538a084176669921e85b7a0e769ba84d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17794
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 09:54:08 GMT
expires
Mon, 25 Mar 2024 09:54:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame C9CE 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fbeab1f0e0d16ab6ad4b762b0ea2f43a9c01795def4573b6d1a772bd91e28acf

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 25 Mar 2024 09:54:08 GMT
content-encoding
br
last-modified
Fri, 22 Mar 2024 18:25:14 GMT
vary
Accept-Encoding
x-azure-ref
20240325T095408Z-aq4dxgwfrx5vm497crp2f8dgds00000008g0000000003zpm
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1e57d190-101e-00be-1f90-7cbee7000000
cache-control
private, max-age=3600, stale-while-revalidate=86400
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
67545430
trk.js
cdn.adnxs.com/v/s/243/ Frame C9CE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/243/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.108.248 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-108-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 09:54:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Mar 2024 13:23:40 GMT
Server
AkamaiNetStorage
ETag
"8ddbd8bafc2492a69e46a808a5e2a727:1709731420.917212"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Tue, 25 Mar 2025 09:54:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C9CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 06:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
11994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 06:34:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C9CE 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
21198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:00:50 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C9CE 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 10:21:48 GMT
c.gif
www.bing.com/aes/ Frame C9CE
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3b420530-2b6d-4b68-b422-ec6e5bbd688e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=fc6b25d2-3437-4a06...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=62053173df59438a8003c3d96b0603dc&SNR=1&GV=2&med=10
0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=62053173df59438a8003c3d96b0603dc&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 35C8E2EE565442EE9DDB093F162A5146 Ref B: EWR311000107053 Ref C: 2024-03-25T09:54:08Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 25 Mar 2024 09:54:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A9FD1101011F4F14BD9AADD671DCF08C Ref B: EWR311000107053 Ref C: 2024-03-25T09:54:08Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=62053173df59438a8003c3d96b0603dc&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
154
expires
0
th
www.bing.com/ Frame C9CE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7765383350965_1BU6W1G6M7HRC93MC2&pid=21.2&c=17&roil=0&roit=0.2378&roir=1&roib=0.7628&w=200&h=105&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1694d01d7552c7ee20b77b736ee7645db818531580566ce9a1ec28d87475a1c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:08 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB1C2D0A07B24C3BA6970D554C028CBE Ref B: EWR311000107053 Ref C: 2024-03-25T09:54:08Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_HIT
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
5355
rd_log
nym1-ib.adnxs.com/ Frame C9CE 		0
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?uask=1&an_audit=0&referrer=https%3A%2F%2Fwww.guiltypleasure.shivtr.com&e=wqT_3QKHBOgHAgAAAwDWAAUBCL-ThbAGEMnD39f8-c_3PhgAKjYJ-zM1N4wHhj8RXXig1TKAhT8ZAAAAoHA92j8hXQ0SACkRJMgxAAAAQOF6pD8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4AIABAYoBA1VTRJIFBvBbmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQwxLXNoaXZ0ci5jb23YAvAG4AKiqDHqAiVodHRwczovL3d3dy5ndWlsdHlwbGVhc3VyZS5zaGkNMfBYgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDjc0k4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQF3FiIBQGYBQCgBcTozK_S9Z-hIMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9fAh-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBaBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDRVjASQI2gcGAVyoGADgBwDqBwIIAPAHjYWHA4oIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=5135d2df4f3befafba8a7f054c5398f155b7093d&bdref=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2367108048287515%26output%3Dhtml%26h%3D90%26slotname%3D2876344136%26adk%3D2184809105%26adf%3D3985513262%26pi%3Dt.ma~as.2876344136%26w%3D728%26lmt%3D1711360447%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.guiltypleasure.shivtr.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1711360447125%26bpp%3D2%26bdt%3D697%26idt%3D467%26shv%3Dr20240320%26mjsv%3Dm202403190101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D3748915134399%26frm%3D20%26pv%3D1%26ga_vid%3D911354847.1711360448%26ga_sid%3D1711360448%26ga_hid%3D10766599%26ga_fc%3D0%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D219%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31082033%252C44795922%252C95326315%252C95320378%252C95321867%252C95326920%26oid%3D2%26pvsid%3D1614542967936251%26tmod%3D1397059826%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D473&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:08 GMT
an-x-request-uuid
c1214b66-4024-40cb-9fd1-e7b1751dc50e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.43; 96.9.249.43; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1f0e003fecf241e8f3fd10c328fd09845e9515e894936cbfa62f26f240927ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57624
x-xss-protection
0
server
cafe
etag
4152004353812337455
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 09:54:08 GMT
truncated
/ Frame C9CE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
892d97d05accf180096b1bab837c4a2b973091f25df85ba9c8ed8268e797c1f0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame C9CE 		0
681 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?uask=1&an_audit=0&referrer=https%3A%2F%2Fwww.guiltypleasure.shivtr.com&e=wqT_3QKqB-iqAwAAAwDWAAUBCL-ThbAGEMnD39f8-c_3PhgAKjYJ-zM1N4wHhj8RXXig1TKAhT8ZAAAAoHA92j8hXQ0SACkRJMgxAAAAQOF6pD8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4AIABAYoBA1VTRJIFBvBbmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCJWh0dHBzOi8vd3d3Lmd1aWx0eXBsZWFzdXJlLnNoaXYJMVSAAwCIAwGQAwCYAwmgAwGqA6ADCrYCLjsADGJpbmcBW_B5L2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWZjNmIyNWQyLTM0MzctNGEwNi04MTFmLWUwNjYyMGQ4MGEzNyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFUdXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBmjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzI0MDE0NSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA9CoBX2d6bmsmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NTM0OTEzNTExNDgxNDAxODAxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERXdPRGt4TURjeE1UTXlNekFqTWpNek1qZzRPRGM1TmpRMk1EZ3lOQT09wAPYBMgDANgDjc0k4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFxOjMr9L1n6EgwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9fAh-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXQAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkuJAAM2gcGCAktqAcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8c41845f4dc10708905cf9d7475d006351a10cf8&type=nv&nvt=5&jm=1003&px=0&py=0&bw=182&bh=90&sid=4795923871908441838&vd=ct~0|rr~0&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7240145&sw=1600&sh=1200&pw=728&ph=154&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:08 GMT
an-x-request-uuid
f39fff77-5c43-4dc0-b63b-b6d03896331a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.43; 96.9.249.43; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame 1F00 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
46109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 21:05:39 GMT
etag
5035419970550746386
expires
Sun, 07 Apr 2024 21:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame 039D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
46109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 21:05:39 GMT
etag
5035419970550746386
expires
Sun, 07 Apr 2024 21:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame C051 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
46109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 21:05:39 GMT
etag
5035419970550746386
expires
Sun, 07 Apr 2024 21:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame C9C7 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
46109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 21:05:39 GMT
etag
5035419970550746386
expires
Sun, 07 Apr 2024 21:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame C9CE 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CCbMPv0kBZqz7KpWGoPMPlMKjoATS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTIzNjcxMDgwNDgyODc1MTXIAQmoAwHIAwKqBIYCT9C5zGhvoBOS7mqlvjcgIXVUNWkzw0oXHfVzP3Vz3d5wrwmcaLnV3cje-9MsdxD7tS1v9V0g1c3mnkl93xSJzb9dTAuqZZkl_6dGp060tb349W_beQQGgfDFBTBkuFXKmdyacSyltm8wK1gz8vvMzaSns7x_b--z8wt0jRQhcB1zy_h0fKCpPwgqRWVBwbijdArEaLZJKGw1hoLEf1R-gPm6KNqePbm_owLYH9_RTUNhukQnWx6gpbd1gGmoP7ekDydiZPMNqAAqrS7hdKnENymWUQbJZYRMVkb6MAxYvNHd0fzfjuxztpfTuicTPks6TpAWi9RBQdFR02wpEkem2IAG1IS4PoAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WKS7xbySj4UDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIzNjcxMDgwNDgyODc1MTUYAA&sigh=BNFM8eoJYtI&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqf8UMj1SE27LXqc2_93tiV2ytzvO_a3u870Zv_hI8yimpXlryltYsTbt4txe0t4ZSo0uhXuLx-Gn2DUqBItsF_VQ1VLkkqDXA8BgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Mar 2024 09:54:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 25 Mar 2024 09:54:08 GMT
it
nym1-ib.adnxs.com/ Frame C9CE 		0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?uask=1&an_audit=0&referrer=https%3A%2F%2Fwww.guiltypleasure.shivtr.com&e=wqT_3QKqB-iqAwAAAwDWAAUBCL-ThbAGEMnD39f8-c_3PhgAKjYJ-zM1N4wHhj8RXXig1TKAhT8ZAAAAoHA92j8hXQ0SACkRJMgxAAAAQOF6pD8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4AIABAYoBA1VTRJIFBvBbmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCJWh0dHBzOi8vd3d3Lmd1aWx0eXBsZWFzdXJlLnNoaXYJMVSAAwCIAwGQAwCYAwmgAwGqA6ADCrYCLjsADGJpbmcBW_B5L2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWZjNmIyNWQyLTM0MzctNGEwNi04MTFmLWUwNjYyMGQ4MGEzNyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFUdXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBmjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzI0MDE0NSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA9CoBX2d6bmsmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NTM0OTEzNTExNDgxNDAxODAxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERXdPRGt4TURjeE1UTXlNekFqTWpNek1qZzRPRGM1TmpRMk1EZ3lOQT09wAPYBMgDANgDjc0k4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFxOjMr9L1n6EgwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9fAh-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXQAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkuJAAM2gcGCAktqAcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8c41845f4dc10708905cf9d7475d006351a10cf8&pp=ZgFJvwAKvawIaAMVAAjhFHyXehcSFPQ0rrCo7w&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkPPmv0kBZqz7KpWGoPMPlMKjoATS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTIzNjcxMDgwNDgyODc1MTXIAQmoAwHIAwKqBIkCT9C5zGhvoBOS7mqlvjcgIXVUNWkzw0oXHfVzP3Vz3d5wrwmcaLnV3cje-9MsdxD7tS1v9V0g1c3mnkl93xSJzb9dTAuqZZkl_6dGp060tb349W_beQQGgfDFBTBkuFXKmdyacSyltm8wK1gz8vvMzaSns7x_b--z8wt0jRQhcB1zy_h0fKCpPwgqRWVBwbijdArEaLZJKGw1hoLEf1R-gPm6KNqePbm_owLYH9_RTUNhukQnWx6gpbd1gGmoP7ekDydiZPMNqAAqrS7hdKnENymWUQbJZYRMVkb6MAxYvNGf091NTEiJ2wMpzpKNZ8-MSrMcD91vWQjzVTWtrseM9JjGVWbVqh398YAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WKS7xbySj4UD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3txZz09S4oLNNMzprihYnNXQsVqw%26client%3Dca-pub-2367108048287515%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=3985513262&pi=t.ma~as.2876344136&w=728&lmt=1711360447&format=728x90&url=https%3A%2F%2Fwww.guiltypleasure.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711360447125&bpp=2&bdt=697&idt=467&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3748915134399&frm=20&pv=1&ga_vid=911354847.1711360448&ga_sid=1711360448&ga_hid=10766599&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082033%2C44795922%2C95326315%2C95320378%2C95321867%2C95326920&oid=2&pvsid=1614542967936251&tmod=1397059826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=473
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:08 GMT
an-x-request-uuid
6a724507-66f6-45c4-b1c2-741c7b05de83
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.43; 96.9.249.43; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 0F68 		2 KB
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 09:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 08:42:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 09:54:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 0F68 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 07:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
7121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 07:55:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 0F68 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
19284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:32:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 0F68 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 06:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
11994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 06:34:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 0F68 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
21198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:00:50 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0F68 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 10:21:48 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame 0F68 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 01:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 01:56:28 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 1F00 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 01:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
29704
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6452
x-xss-protection
0
server
cafe
etag
12428443125520643955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 01:39:04 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1F00 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 07:31:08 GMT
x-content-type-options
nosniff
age
8580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 25 Mar 2025 07:31:08 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1F00 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 08:35:54 GMT
x-content-type-options
nosniff
age
4694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 25 Mar 2025 08:35:54 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 1F00 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:00:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
21193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9112
x-xss-protection
0
server
cafe
etag
499061885667062015
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:00:55 GMT
css
fonts.googleapis.com/ Frame 039D 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e196c67c978071827a3bd1fdb989d0d8ed850ba0cd61f1cb97952b7bd589981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 09:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 09:30:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 09:54:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 039D 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 07:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
7121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 07:55:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 039D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
19284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:32:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 039D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 06:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
11994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 06:34:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 039D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
21198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:00:50 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 039D 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 10:21:48 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame 039D 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 01:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 01:56:28 GMT
css
fonts.googleapis.com/ Frame C051 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e196c67c978071827a3bd1fdb989d0d8ed850ba0cd61f1cb97952b7bd589981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 09:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 09:05:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 09:54:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C051 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 07:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
7121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 07:55:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame C051 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
19284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:32:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C051 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 06:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
11994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 06:34:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C051 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
21198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:00:50 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C051 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 10:21:48 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame C051 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 01:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 01:56:28 GMT
84d2527241fb8c00ce4670060c5f1154.js
www.gstatic.com/mysidia/ Frame C9C7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 02:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4075
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 02:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 02:07:45 GMT
5e889db6e7c601e6c43ef17335854d80.js
www.gstatic.com/mysidia/ Frame C9C7 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5e889db6e7c601e6c43ef17335854d80.js?tag=text/vanilla_highlight_ms_cta_adjustment
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f622ffc7f9346a175e8d7cbda6b4226324e3b75de37b0ad01607a34c337b589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 02:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4716
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 02:04:18 GMT
css
fonts.googleapis.com/ Frame C9C7 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 09:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 08:33:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 09:54:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C9C7 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 07:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
7121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 07:55:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame C9C7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
19284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9106
x-xss-protection
0
server
cafe
etag
8408112003982630589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:32:44 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C9C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 06:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
11994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 06:34:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C9C7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 04:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
21198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8355
x-xss-protection
0
server
cafe
etag
17564575596476239644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Apr 2024 04:00:50 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C9C7 		206 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 25 Mar 2024 10:21:48 GMT
ef5ce9b2b01bfb848267c2a4546556c1.js
www.gstatic.com/mysidia/ Frame C9C7 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 01:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15234
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 23:16:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 01:56:28 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7459494785140178943/ Frame C9C7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7459494785140178943/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef94a8edd2a64b21b98ff62bfb455fbb82290b4f0101389c93be9ceb2d9d36a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 22 Mar 2025 12:25:38 GMT
date
Fri, 22 Mar 2024 12:25:38 GMT
x-content-type-options
nosniff
age
250110
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1454
x-xss-protection
0
last-modified
Wed, 28 Dec 2022 18:48:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
s
googleads.g.doubleclick.net/pagead/drt/ Frame 36EB 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 09:34:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C9C7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87e52c0b3479f68954e639b22e6651e91500383187a6d72e72cb027125543c83

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/15735857723872729897/ Frame C051 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15735857723872729897/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e6e75c38b37508b026b80ec3bb8bcf783bc8de64a98581c306aeda21905e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 22 Mar 2025 03:50:44 GMT
date
Fri, 22 Mar 2024 03:50:44 GMT
x-content-type-options
nosniff
age
281005
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3067
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 09:47:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/10484650000295064957/ Frame C051 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10484650000295064957/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9894657d696b578687cd19642c90e713b93f41b65d6ca42b72094e055c3c3a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 22 Mar 2025 02:01:51 GMT
date
Fri, 22 Mar 2024 02:01:51 GMT
x-content-type-options
nosniff
age
287538
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11218
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 08:24:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame C051 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaa62f0018aaff7c45d444b1a878556bceab9e17c22230dbdeac68460358e5de

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame C051 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:15:18 GMT
x-content-type-options
nosniff
age
437931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 08:15:18 GMT
jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
pagead2.googlesyndication.com/bg/ Frame 3991 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
439755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20495
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 07:44:54 GMT
jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
pagead2.googlesyndication.com/bg/ Frame 8AF8 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
439755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20495
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 07:44:54 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/15735857723872729897/ Frame 039D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15735857723872729897/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e6e75c38b37508b026b80ec3bb8bcf783bc8de64a98581c306aeda21905e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 22 Mar 2025 03:50:44 GMT
date
Fri, 22 Mar 2024 03:50:44 GMT
x-content-type-options
nosniff
age
281005
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3067
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 09:47:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/10484650000295064957/ Frame 039D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10484650000295064957/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9894657d696b578687cd19642c90e713b93f41b65d6ca42b72094e055c3c3a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 22 Mar 2025 02:01:51 GMT
date
Fri, 22 Mar 2024 02:01:51 GMT
x-content-type-options
nosniff
age
287538
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11218
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 08:24:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 039D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80f32b1287ab277654bfaeae650b55a6e2412cb6328e174b39f0ca6642c90a2d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 039D 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 08:15:18 GMT
x-content-type-options
nosniff
age
437931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 08:15:18 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C9C7 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:46:31 GMT
x-content-type-options
nosniff
age
439658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 07:46:31 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame C051
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Che-Kv0kBZtqDK8PMoPMP4KC2sASm09qCbe234-HmD77ZjKesCRABINigpgRgye6Oi8CkjBCgAd3WvLcoyAEBqAMByAPLBKoEnAJP0DVi2udF8dBtLcG_YSUsQFlnYAYMIA-f_ME4S6ZhZeZ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3271346fe150000000000000000%22,%224%22:%220x853944b4a6c281020000000000000000%22,%225%22:%220x719411e9f5705b3e0000000000000000%22},%22debug_key%22:%225534067482669127355%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210853755741%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227754760564145940113%22}&andc=true
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:09 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x7f083fb34691f5150000000000000000","2":"0xda7833547d48495c0000000000000000","3":"0x5350c3271346fe150000000000000000","4":"0x853944b4a6c281020000000000000000","5":"0x719411e9f5705b3e0000000000000000"},"debug_key":"5534067482669127355","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10853755741"],"22":["true"],"4":["03-25"],"6":["true"]},"priority":"500","source_event_id":"7754760564145940113"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 25 Mar 2024 09:54:09 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Mar 2024 09:54:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7f083fb34691f5150000000000000000","2":"0xda7833547d48495c0000000000000000","3":"0x5350c3271346fe150000000000000000","4":"0x853944b4a6c281020000000000000000","5":"0x719411e9f5705b3e0000000000000000"},"debug_key":"5534067482669127355","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10853755741"],"22":["true"],"4":["03-25"],"6":["true"]},"priority":"500","source_event_id":"7754760564145940113"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
pagead2.googlesyndication.com/bg/ Frame 3B3B 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
439755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20495
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 07:44:54 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 039D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CuvBWv0kBZtmDK8PMoPMP4KC2sASm09qCbe234-HmD77ZjKesCRABINigpgRgye6Oi8CkjBCgAd3WvLcoyAEBqAMByAPLBKoEnAJP0Cz2g3_2t5tq2ks1-rTp9Z89GdzgOXrt0oTdMrVkR7G...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3271346fe150000000000000000%22,%224%22:%220x853944b4a6c281020000000000000000%22,%225%22:%220x719411e9f5705b3e0000000000000000%22},%22debug_key%22:%2212306611891210985630%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210853755741%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228448992207177731873%22}&andc=true
Requested by
Host: www.guiltypleasure.shivtr.com
URL: https://www.guiltypleasure.shivtr.com/
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:09 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x7f083fb34691f5150000000000000000","2":"0xda7833547d48495c0000000000000000","3":"0x5350c3271346fe150000000000000000","4":"0x853944b4a6c281020000000000000000","5":"0x719411e9f5705b3e0000000000000000"},"debug_key":"12306611891210985630","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10853755741"],"22":["true"],"4":["03-25"],"6":["true"]},"priority":"500","source_event_id":"8448992207177731873"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 25 Mar 2024 09:54:09 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Mar 2024 09:54:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7f083fb34691f5150000000000000000","2":"0xda7833547d48495c0000000000000000","3":"0x5350c3271346fe150000000000000000","4":"0x853944b4a6c281020000000000000000","5":"0x719411e9f5705b3e0000000000000000"},"debug_key":"12306611891210985630","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10853755741"],"22":["true"],"4":["03-25"],"6":["true"]},"priority":"500","source_event_id":"8448992207177731873"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 36EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 09:54:09 GMT
expires
Mon, 25 Mar 2024 09:54:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 09:54:09 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3271346fe150000000000000000%22,%224%22:%220x853944b4a6c281020000000000000000%22,%225%22:%220x719411e9f5705b3e0000000000000000%22},%22debug_key%22:%225534067482669127355%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210853755741%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227754760564145940113%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 09:54:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7f083fb34691f5150000000000000000%22,%222%22:%220xda7833547d48495c0000000000000000%22,%223%22:%220x5350c3271346fe150000000000000000%22,%224%22:%220x853944b4a6c281020000000000000000%22,%225%22:%220x719411e9f5705b3e0000000000000000%22},%22debug_key%22:%2212306611891210985630%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210853755741%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228448992207177731873%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 09:54:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame C9C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Co9nCv0kBZtuDK8PMoPMP4KC2sASb0dy-dvfnqP6BErHR_d8FEAEg2KCmBGDJ7o6LwKSMEKABt5SCwgPIAQGoAwHIA8sEqgSVAk_QNBdPcBkKaj4ALHgnxl1ixJGEj-AxPrc7LeEPeffB_1z...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8875953d143ffcdc0000000000000000%22,%222%22:%220x4a4aa65f5ebec03d0000000000000000%22,%223%22:%220xdb8953...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8875953d143ffcdc0000000000000000%22,%222%22:%220x4a4aa65f5ebec03d0000000000000000%22,%223%22:%220xdb8953b23ad682b00000000000000000%22,%224%22:%220x2e0a8ba7f1ec550e0000000000000000%22,%225%22:%220xeaf3a74a80b07e6f0000000000000000%22},%22debug_key%22:%2216943956009356088481%22,%22debug_reporting%22:true,%22destination%22:%22https://lastpass.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22943753783%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214455623769539230913%22}&andc=true
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:09 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x8875953d143ffcdc0000000000000000","2":"0x4a4aa65f5ebec03d0000000000000000","3":"0xdb8953b23ad682b00000000000000000","4":"0x2e0a8ba7f1ec550e0000000000000000","5":"0xeaf3a74a80b07e6f0000000000000000"},"debug_key":"16943956009356088481","debug_reporting":true,"destination":"https://lastpass.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["943753783"],"22":["true"],"4":["03-25"],"6":["true"]},"priority":"500","source_event_id":"14455623769539230913"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 25 Mar 2024 09:54:09 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Mar 2024 09:54:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8875953d143ffcdc0000000000000000","2":"0x4a4aa65f5ebec03d0000000000000000","3":"0xdb8953b23ad682b00000000000000000","4":"0x2e0a8ba7f1ec550e0000000000000000","5":"0xeaf3a74a80b07e6f0000000000000000"},"debug_key":"16943956009356088481","debug_reporting":true,"destination":"https://lastpass.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["943753783"],"22":["true"],"4":["03-25"],"6":["true"]},"priority":"500","source_event_id":"14455623769539230913"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51517eb21c64c18bccbac0578986eb323317d1507e4448034ddf08b6787a7906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12229
x-xss-protection
0
jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
pagead2.googlesyndication.com/bg/ Frame FABF 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
439755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20495
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 07:44:54 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8875953d143ffcdc0000000000000000%22,%222%22:%220x4a4aa65f5ebec03d0000000000000000%22,%223%22:%220xdb8953b23ad682b00000000000000000%22,%224%22:%220x2e0a8ba7f1ec550e0000000000000000%22,%225%22:%220xeaf3a74a80b07e6f0000000000000000%22},%22debug_key%22:%2216943956009356088481%22,%22debug_reporting%22:true,%22destination%22:%22https://lastpass.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22943753783%22],%2222%22:[%22true%22],%224%22:[%2203-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214455623769539230913%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 09:54:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
c.gif
www.bing.com/aes/ Frame C9CE
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3b420530-2b6d-4b68-b422-ec6e5bbd688e&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=fc6b25d2-3437-4a06...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=62053173df59438a8003c3d96b0603dc&tids=15000&med=10
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=62053173df59438a8003c3d96b0603dc&tids=15000&med=10
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4475C6623A0345F2AB6CFF12B15BDDB9 Ref B: EWR311000107053 Ref C: 2024-03-25T09:54:09Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 25 Mar 2024 09:54:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F5CDEE418BA549A4A4C8402B2408FD8D Ref B: EWR311000107053 Ref C: 2024-03-25T09:54:09Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=62053173df59438a8003c3d96b0603dc&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
146
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Mar 2024 09:54:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4C2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
54301
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Mar 2024 18:49:08 GMT
expires
Mon, 24 Mar 2025 18:49:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 612C 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6f35d6173ba0cdc12e783109bcc1c556b470ac3d16807f7a0024fad3a1f82617
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WgxoaWYbDbLVE8e8lJlnGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.guiltypleasure.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WgxoaWYbDbLVE8e8lJlnGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 09:54:09 GMT
expires
Mon, 25 Mar 2024 09:54:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 612C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240320&jk=1614542967936251&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame D4C2 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:18:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
27337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Mar 2025 02:18:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C9CE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOSvLcymMW-PWH_e8j0sFH5cd-ld9kiM7Kwnd7qtu1ZfTxI7naxQTXO9tEqLu_FTdKQ398md73Fy4JVJmu3Jx0e5Jc3zgZDXPv_phts_j8qYQv2nYIaeItpEqma1zOW_5YzMgxIOw&sig=Cg0ArKJSzPdL77i465yDEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2184809105&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=729324800&rst=1711360447599&rpt=980&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame C9CE 		0
680 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?uask=1&an_audit=0&referrer=https%3A%2F%2Fwww.guiltypleasure.shivtr.com&e=wqT_3QKqB-iqAwAAAwDWAAUBCL-ThbAGEMnD39f8-c_3PhgAKjYJ-zM1N4wHhj8RXXig1TKAhT8ZAAAAoHA92j8hXQ0SACkRJMgxAAAAQOF6pD8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4AIABAYoBA1VTRJIFBvBbmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCJWh0dHBzOi8vd3d3Lmd1aWx0eXBsZWFzdXJlLnNoaXYJMVSAAwCIAwGQAwCYAwmgAwGqA6ADCrYCLjsADGJpbmcBW_B5L2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWZjNmIyNWQyLTM0MzctNGEwNi04MTFmLWUwNjYyMGQ4MGEzNyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFUdXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBmjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzI0MDE0NSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA9CoBX2d6bmsmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NTM0OTEzNTExNDgxNDAxODAxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERXdPRGt4TURjeE1UTXlNekFqTWpNek1qZzRPRGM1TmpRMk1EZ3lOQT09wAPYBMgDANgDjc0k4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFxOjMr9L1n6EgwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9fAh-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXQAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHANIHDQkuJAAM2gcGCAktqAcA6gcCCADwB42FhwOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8c41845f4dc10708905cf9d7475d006351a10cf8&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=4795923871908441838&vd=ct~0|rr~5&sv=243&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7240145&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:09 GMT
an-x-request-uuid
7b7415e8-a4b8-47cb-a52b-d6e95430251a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.43; 96.9.249.43; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D4C2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?--2iOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 09:54:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C051 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstafNyIvTkbw_BorAdEfDoNCFqzbPS5RQvZ05kTOrUgTqK2pY0wyHGUeMhJCFoNumaUu65ICe_qeY8cLYucpQfUjIKlmMTM8R85On_LCAKxMHm_PQp0GAshvuJmHB2p6IoVVMl2C8-iA7p-VN0QmjqZ4h--5MdMPmM&sai=AMfl-YS8kGTxEqimznrmCPmUFwg4QaBwaQkPuNxiYQ-wQFQIRXyJsWDay3cS5k1Bawa8rIIu-KQHggXMhGueV0DpPmhCyNrTW-AqitDaKInyBp50AO9jADoYjkNwfBy24Y_H82xhGr9fwPl6Tgt7kTwRUw&sig=Cg0ArKJSzKKzmhivURD3EAE&cid=CAQSTwB7FLtqZ5TqAaYMn1rWThvb0nJROYnNr3Qzmm5b9y_WU5pYmqNgkamptXeDIFcKG-LLor7nigl4-0mdQ6G7rt1BZRdY-wBlgGjflwsttiYYAQ&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=729324800&rst=1711360448638&rpt=350&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 039D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7yvNg9o5mnKnTylV1rJqoznkoWFdsN73wMiaD3BW6dMDpjCPGZgfYQRIVtxHgwXsm6neq-H660JCAADwKb8JBBVZAtaTJUqE0n6X_9KM0tAKKXg6Fv92mzCS1yiK_vqQL5cSmQTh0iqnsRdmZpcyyPBNEAyc64Ao&sai=AMfl-YRD-KDwpL-CFquEF4vhzEpUnMqS-OkmoRsnJgj_0OzSJJ90Op4Nr_LafqeCsPeOmvodO83DlLK_ohxEFeF-URnHJyF7WvGmW0oGy-EHrGQ6Ug7ThQvzMR-ikppmum5QSbIuiXVoki7BJS-GIsBk3Q&sig=Cg0ArKJSzLLR48vh-x5ZEAE&cid=CAQSTwB7FLtqZ5TqAaYMn1rWThvb0nJROYnNr3Qzmm5b9y_WU5pYmqNgkamptXeDIFcKG-LLor7nigl4-0mdQ6G7rt1BZRdY-wBlgGjflwsttiYYAQ&id=lidar2&mcvt=1001&p=0,0,600,200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=729324800&rst=1711360448633&rpt=383&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=1614542967936251&bg=!iIuli8TNAAZaswqNerM7ADQBe5WfOI-5cGGFTfa2Jo351aka9SebJm9Ng33OTLZH3T67jEyzUYiAVZctgjIs6rtGBi7cAgAAAE5SAAAAA2gBB34ANavx31gfKhyV9MY9zNm_venI41merPKwPKBdthpWYZK3rlLRG72rdQ-uBIh-4JOnmDDZ6qFJmQJ8_DZyr5EaSFWpNYLi5UPhnIHZdDlie6FgtVRA5CH9vExCn-p_5c6wlolHBgxDPi2Da10ZlaCvBdNcSt5Qo3D9x7NF7dBg8HpswtGopX8ILnLV21TgrdTZIF5pT4nc1PzvlIW29wiPkye87fSYgaSJLgCP5_OyMDhU4gzVvWb4TAU-R4Oa0jTdb2VlDYlx50aU-2u9R7J5VRsuhP_fYYXwyV6QNsTyr0jEVNsAhSm5YHyBF33geWlm0OY99syjV6bY0O43xCVszEPoUFe5qRKlzeCiSDfnx5y2EN3KDT5GHdjsitxCsDYYjpOkeHhIcoYQ5alJWUMvkOutPzRL0Z3uEik2v0KtqLC5WyD-3xCgitKYKzc9KZT8O5DOHC21A5w7mhec1m1oapiCwUBMBFBCgIoyp66rP7pwZtEgtkNd2rwPX-4BkUl0W15QIUrBPdepflLDG6p9XxGRnwuh-MQ7N7Ca0ywxr7UZ3O3tkkuOP5xcTnHYRnKxeq9_LwSXIY8pPh8SqWRxJgE7pXng89RBf2x48l1Uxgx81NZO1a3Rv_kSifQz99tGmOC8hnMCwf-GzZFIfdbyL71Amm9_ZqE88LkjYOjTzI3o48kr2ohsYrqe-5uoE7DpTdARARdNAFo35_h744lTEKay_4fhzbwEJ36nXZQc9O1sN__4qYXiaqaqkzJNcXSAB6YL_RnzPzJhWB-U31lgjevVX08QJhcEBN9wXJJ2so0LA8eqJITG4yB1CPlu72SIK6Y7oN5tayjD-GTD4E2vNEnnpXUoHU0fQhoX-eQQGS9iQBKqO97rkf_rFFoaUNSkY1EkkoUDwXVWx6GVyBz2XBBhCuLJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.guiltypleasure.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame C9C7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshnEBIO8GHxrY3r7NRGuFAT1mF3J9YG0jUzCSy3YLoL42Kfzo31Jt0hrh5mHnWMIuCIfkoYIMVm5fQCZwhUHAwqTpyyZEtFzopFpmRrTjb_e2NU0umIstMglJRjMu4IXKZUE83Q2i5Jc5tqfs2emTIMW7g2yppQGk&sai=AMfl-YQYzH1zmEvt0n_HdoQE8UVh_BO9tyCLurl5R1qhTXe53lrzOSE5IGT2lRp9pAVaI-WVBCHKx0WXVSRbDX-WbEu1LxHXbQggz6KJJ3r3u-lNv4Woworu96WvRBcosWGVlEl9HLyo06NPsoT0Ynuipw&sig=Cg0ArKJSzOtfdz9mgtWuEAE&cid=CAQSTwB7FLtqZ5TqAaYMn1rWThvb0nJROYnNr3Qzmm5b9y_WU5pYmqNgkamptXeDIFcKG-LLor7nigl4-0mdQ6G7rt1BZRdY-wBlgGjflwsttiYYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=300,984,1000,1000,1000&tos=300,684,16,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=729324800&rst=1711360448639&rpt=610&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 09:54:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| setCookie function| getCookie function| deleteCookie function| bbcodeHelp function| getVideoParam function| centerModals function| get_time_difference_in_minutes function| get_local_time_for_date function| distance_of_time_in_words object| Duration object| TZTime function| $ function| jQuery object| jQuery112408734385452908264 function| tmpl object| App function| _ function| Class function| Picker object| hopscotch object| bbcodeSettings object| bbcodeSimpleSettings function| positionFooter object| AionItem object| Gw2Item object| RomItem object| VindictusItem object| WowItem object| ClassicItem object| ItemTooltip object| Shivtip object| MainTooltip object| ProgressionTooltip function| Chat object| ChatEmotes function| ChatMessage function| Pusher function| WhosOnline object| adsbygoogle object| miuScript object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| Icon object| WH object| g_itemScalingCallbacks object| Locale object| $WowheadPower function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms

10 Cookies

Domain/Path Name / Value
www.guiltypleasure.shivtr.com/ Name: site_game_id
Value: 11286
www.guiltypleasure.shivtr.com/ Name: _shivtr_bakery
Value: TPGE%2Bv%2FnG2aQXWFbME5%2B0svwQ%2FuUnCT1HJzIEiCxzKVVP05Jn3xqwQF8axzLnkTATN1YcPyncfDDYctHo956%2FdY3RheEECixGn%2FKq2xtkldhv2ioLHiuUPqd0WdsOYUb3qZpxgA02Q93KE8ArnaUOX4T%2Fn9YHRDFfPTzuSrawaKRsPi0AoDK7W2VJjV7Q2r51gQwuFAUQy2NLe%2Bm5eDwoA428VabhzCIcWezIb7k%2BZnUC9wCTho%2BcQFnQYYFbxBXlC%2BAJWawTjo7VLoWboxOjXkivT%2BlMY9JB4Z1F03iTjN2aJMP28YmdkDu--poUaeuoGz2iHy5HZ--Kc9r9jw7kdnb4I%2BgcA09Pw%3D%3D
.bing.com/ Name: MUID
Value: 037D4A7575F86EBA07185E3874FF6F1D
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.shivtr.com/ Name: __gads
Value: ID=1125d13075ab5646:T=1711360447:RT=1711360447:S=ALNI_MbZUySDXAzyBgSwnwIglKXvr5TkQQ
.shivtr.com/ Name: __gpi
Value: UID=00000dacb440c9c2:T=1711360447:RT=1711360447:S=ALNI_MZQ6MvMZEKQS5ZirF4BEZzQn900wQ
.shivtr.com/ Name: __eoi
Value: ID=0a534c6a768063aa:T=1711360447:RT=1711360447:S=AA-Afjb2SfiriJqoLpG96KEnyKhe
.doubleclick.net/ Name: IDE
Value: AHWqTUkhhnC2E5vmnIqCWfjDxr24q7gKt1ZTI0dYxuCMNal1y65S_K8sPS0-DgBk6xc
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1

23 Console Messages

Source Level URL
Text
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.guiltypleasure.shivtr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
cdn.adnxs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
nym1-ib.adnxs.com
pagead2.googlesyndication.com
s3.amazonaws.com
static.shivtr.com
tpc.googlesyndication.com
wow.zamimg.com
www.bing.com
www.google.com
www.googleadservices.com
www.gstatic.com
www.guiltypleasure.shivtr.com
172.253.62.154
18.154.227.82
23.220.108.248
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::69
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1f::84
2620:1ec:46::40
2620:1ec:c11::200
45.33.21.148
54.231.164.240
68.67.181.211
00dbbd38d1dde161700c2b339d112c6243bc3dc0325e8446a5042b8f7eb8ff2b
0101f1a2e65d66a8af54470ef2853f727dbaed3caf9aabaa522c9c46880f7e58
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0f622ffc7f9346a175e8d7cbda6b4226324e3b75de37b0ad01607a34c337b589
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
160f9c28c35e4390cd35e90cf1ccb3d80a58de14da97300d738b4e65cf54c7aa
1694d01d7552c7ee20b77b736ee7645db818531580566ce9a1ec28d87475a1c9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
2e196c67c978071827a3bd1fdb989d0d8ed850ba0cd61f1cb97952b7bd589981
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38444148a2237a29af423edbe716ea9587872041585593d569fa13206db7a80e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
48317993f9810b06b5faa1692a39cc56288c6a3b9a145cc621122e41120a7c5c
4b5d31b6d8e3d1cdab78aa72e3c4e595ecbfa3b3c515a8818c255c90d35a372d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51517eb21c64c18bccbac0578986eb323317d1507e4448034ddf08b6787a7906
54cc0e7807cf8bdf5d48a2930fbcd3b5a30b0dae8cc3bbab2efcee6fad1a092d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d98e1a6f9514ced19653546af2a6d0addb7783e98c3c7bdbb1e72207aa72bcf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ba873afb2e3f6158099072e5657ee5b1d5fab1ce5ae9dbad26a86e6dbeadaa
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
67e6e75c38b37508b026b80ec3bb8bcf783bc8de64a98581c306aeda21905e39
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
6a31019ef287dbcadc7f0e7063aacd4538a084176669921e85b7a0e769ba84d0
6f35d6173ba0cdc12e783109bcc1c556b470ac3d16807f7a0024fad3a1f82617
7088d6c86fda7a1dbd11ce4ec06ab4cf62f816203c1a68092d8b87bb847d2ec7
7798986cd57d838ed8c68451b0a69882856d6f0bb4b8df080e09a2cc1bfb1b28
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
80f32b1287ab277654bfaeae650b55a6e2412cb6328e174b39f0ca6642c90a2d
82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
87e52c0b3479f68954e639b22e6651e91500383187a6d72e72cb027125543c83
87e9bed949ecdeb320cf54d799d0550e994caf0dc572903f4189b29030e171bc
892d97d05accf180096b1bab837c4a2b973091f25df85ba9c8ed8268e797c1f0
8a4acdbc5956c3196a8c4327078b5364d58362446a3620aa375085c0b4a4411d
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
9894657d696b578687cd19642c90e713b93f41b65d6ca42b72094e055c3c3a02
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
a24b219c5dd7b0c9efdb2ffb85e250809341705b37781e9b00435f9b8c5e2e3f
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
aaa62f0018aaff7c45d444b1a878556bceab9e17c22230dbdeac68460358e5de
ab0ad9bee95d906ed3438be619f8a95a2765487b108eb6f9e748674604ff03db
b05f3d2a40920486aba1a9355000e31e44f969dc713d5b1f230546056ac24c77
d1f0e003fecf241e8f3fd10c328fd09845e9515e894936cbfa62f26f240927ff
d6eade1ffe31d8226156f5c00fb48810841b02e60dd16f190205b162e8f73dc2
d75a105ae665367fed5c8b4f861ef14368df2ddc603b7777140164b0d57c333a
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71
de5b04094f0280bfc545b19db776ad940c438aaed7edac8df71461cf53038727
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef94a8edd2a64b21b98ff62bfb455fbb82290b4f0101389c93be9ceb2d9d36a6
f295898f1d51962ed958272ed398ce0c8b699fd543ff6ad4cd5b6f46fa85e299
fbeab1f0e0d16ab6ad4b762b0ea2f43a9c01795def4573b6d1a772bd91e28acf
fd2d25def2fee047a9244f309a57849dc891edcd957a5d7eac3952eb8e109211
ff4094a2d0a0df94d358f9363bafe98fb4ed45601b46456651bb7ae23a48f625