Submitted URL: http://showtimeoriginals.com/
Effective URL: https://www.showtimeoriginals.com/
Submission: On September 13 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 39 HTTP transactions. The main IP is 103.20.212.182, located in Faridabad, India and belongs to E2E-NETWORKS-IN 282, Sector 19, IN. The main domain is www.showtimeoriginals.com.
TLS certificate: Issued by R3 on August 18th 2022. Valid for: 3 months.
This is the only time www.showtimeoriginals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 showtimeoriginals.com
showtimeoriginals.com
www.showtimeoriginals.com
1016 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
217 KB
5 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 25340
4 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
region1.google-analytics.com — Cisco Umbrella Rank: 2119
21 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
105 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
649 B
39 9
Domain Requested by
17 www.showtimeoriginals.com www.showtimeoriginals.com
6 pagead2.googlesyndication.com www.showtimeoriginals.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 sp-ao.shortpixel.ai 5 redirects
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.showtimeoriginals.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com www.showtimeoriginals.com
www.googletagmanager.com
2 showtimeoriginals.com 2 redirects
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
39 13

This site contains links to these domains. Also see Links.

Domain
fireflythemes.com
api.follow.it
instagram.com
Subject Issuer Validity Valid
showtimeoriginals.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.showtimeoriginals.com/
Frame ID: 66233482F41B3D7EEC89F381A045C183
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
Frame ID: 69A9F114D8ADCE6770DF9576200200A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9660532692590929&output=html&adk=1812271804&adf=3025194257&lmt=1663100191&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.showtimeoriginals.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663100190920&bpp=6&bdt=554&idt=228&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4323884665072&frm=20&pv=2&ga_vid=500508474.1663100191&ga_sid=1663100191&ga_hid=120328253&ga_fc=1&ga_cid=76887995.1663100191&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=4394385383557370&tmod=1132865741&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: 1F2CC90F34FFCC36A2901DAAA008D0D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 200CA7AEFC6AC765CE9E6E9900988CDD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21E409FDC50CD5F7D5713EB3C2F7C2A8
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

HOME - ShowTimeOriginals

Page URL History Show full URLs

  1. http://showtimeoriginals.com/ HTTP 301
    https://showtimeoriginals.com/ HTTP 301
    https://www.showtimeoriginals.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

87 %
HTTPS

82 %
IPv6

9
Domains

13
Subdomains

11
IPs

3
Countries

1367 kB
Transfer

2446 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://showtimeoriginals.com/ HTTP 301
    https://showtimeoriginals.com/ HTTP 301
    https://www.showtimeoriginals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_900/https://www.showtimeoriginals.com/wp-content/uploads/2022/03/The-Kashmir-Files-Movie-3.jpg HTTP 302
  • https://www.showtimeoriginals.com/wp-content/uploads/2022/03/The-Kashmir-Files-Movie-3.jpg
Request Chain 24
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_40,h_40/https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png HTTP 302
  • https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
Request Chain 25
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_40,h_40/https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png HTTP 302
  • https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png
Request Chain 26
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_1024/https://www.showtimeoriginals.com/wp-content/uploads/2022/03/rad-1024x569.webp HTTP 302
  • https://www.showtimeoriginals.com/wp-content/uploads/2022/03/rad-1024x569.webp
Request Chain 27
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_759/https://www.showtimeoriginals.com/wp-content/uploads/2022/03/MV5BOTllNjVkY2ItMjA3OC00ODE5LWE3MWMtMjdjZTQ1N2NlYjRmXkEyXkFqcGdeQXVyNDI3NjU1NzQ@._V1_.jpg HTTP 302
  • https://www.showtimeoriginals.com/wp-content/uploads/2022/03/MV5BOTllNjVkY2ItMjA3OC00ODE5LWE3MWMtMjdjZTQ1N2NlYjRmXkEyXkFqcGdeQXVyNDI3NjU1NzQ%40._V1_.jpg

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.showtimeoriginals.com/
Redirect Chain
  • http://showtimeoriginals.com/
  • https://showtimeoriginals.com/
  • https://www.showtimeoriginals.com/
154 KB
23 KB
Document
General
Full URL
https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PHP/7.4.30 PleskLin
Resource Hash
548cea806ff86a0ca53c4d6b230fa38d3147bf6e7aa0367d8040d9aba92f8282

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
content-encoding
gzip
content-length
23447
content-type
text/html; charset=UTF-8
date
Tue, 13 Sep 2022 20:16:30 GMT
link
<https://www.showtimeoriginals.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://www.showtimeoriginals.com/index.php?rest_route=/wp/v2/pages/1229>; rel="alternate"; type="application/json", <https://www.showtimeoriginals.com/>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.30 PleskLin

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Tue, 13 Sep 2022 20:16:28 GMT
location
https://www.showtimeoriginals.com/
referrer-policy
no-referrer-when-downgrade
server
nginx
x-powered-by
PHP/7.4.30 PleskLin
x-redirect-by
WordPress
js
www.googletagmanager.com/gtag/
106 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192617313-1
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61bad83d7c06607dd167b09d69cc42d914c50da2cdf970e9da1af959a5c5ca89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42239
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Sep 2022 20:16:30 GMT
autoptimize_single_d711781e0c62d06c5690324342c86d18.css
www.showtimeoriginals.com/wp-content/cache/autoptimize/css/
256 KB
44 KB
Stylesheet
General
Full URL
https://www.showtimeoriginals.com/wp-content/cache/autoptimize/css/autoptimize_single_d711781e0c62d06c5690324342c86d18.css
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
726357b4aac38b3ea6ce7165104853873ab93e4f83ab47cc4ec9a9c5d92a6d67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
br
last-modified
Thu, 01 Sep 2022 04:03:10 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"63102efe-3fe93"
content-type
text/css
cache-control
max-age=30672000, public, immutable
expires
Sun, 03 Sep 2023 20:16:30 GMT
autoptimize_single_f9dda305c8ad980c787017aace2f0060.css
www.showtimeoriginals.com/wp-content/cache/autoptimize/css/
11 KB
2 KB
Stylesheet
General
Full URL
https://www.showtimeoriginals.com/wp-content/cache/autoptimize/css/autoptimize_single_f9dda305c8ad980c787017aace2f0060.css
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
b9a1f1bebba1467e24c51d78efc8cbbd74764b3acb8f854678026ccbcb811d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
br
last-modified
Thu, 01 Sep 2022 04:03:10 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"63102efe-2be1"
content-type
text/css
cache-control
max-age=30672000, public, immutable
expires
Sun, 03 Sep 2023 20:16:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
165 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9660532692590929
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44a745afbe1525b2df4bd6fbfee5e3cc252e5c95cf440685e99ea92dd8bbda3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.showtimeoriginals.com/
Origin
https://www.showtimeoriginals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57477
x-xss-protection
0
server
cafe
etag
5036000137721612457
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Sep 2022 20:16:30 GMT
lazysizes.min.js
www.showtimeoriginals.com/wp-content/plugins/autoptimize/classes/external/js/
10 KB
4 KB
Script
General
Full URL
https://www.showtimeoriginals.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
br
last-modified
Tue, 16 Aug 2022 04:14:12 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"62fb1994-2655"
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Wed, 13 Sep 2023 20:16:30 GMT
autoptimize_68e7c52bea82783610aaf3cc5a275495.js
www.showtimeoriginals.com/wp-content/cache/autoptimize/js/
209 KB
63 KB
Script
General
Full URL
https://www.showtimeoriginals.com/wp-content/cache/autoptimize/js/autoptimize_68e7c52bea82783610aaf3cc5a275495.js
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
93cf8b99cb5bb19acd2d1e52199598e51de5de523128e4cdca2b0e46434de941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
br
last-modified
Thu, 01 Sep 2022 04:03:10 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"63102efe-3450a"
content-type
application/x-javascript
cache-control
max-age=31536000, public, immutable
expires
Wed, 13 Sep 2023 20:16:30 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192617313-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4470
date
Tue, 13 Sep 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 13 Sep 2022 21:02:00 GMT
js
www.googletagmanager.com/gtag/
170 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L1MNKMDKDL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192617313-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbbd0f69142484d83a14cf1d17c417128e65b047fd683e07d7d211426044bac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64734
x-xss-protection
0
expires
Tue, 13 Sep 2022 20:16:30 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
www.showtimeoriginals.com/wp-content/fonts/poppins/
8 KB
8 KB
Font
General
Full URL
https://www.showtimeoriginals.com/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

Referer
https://www.showtimeoriginals.com/
Origin
https://www.showtimeoriginals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
etag
"62b411ef-1ecc"
last-modified
Thu, 23 Jun 2022 07:10:39 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7884
expires
Wed, 13 Sep 2023 20:16:30 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
www.showtimeoriginals.com/wp-content/fonts/poppins/
8 KB
8 KB
Font
General
Full URL
https://www.showtimeoriginals.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

Referer
https://www.showtimeoriginals.com/
Origin
https://www.showtimeoriginals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
etag
"62b411f0-1e88"
last-modified
Thu, 23 Jun 2022 07:10:40 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7816
expires
Wed, 13 Sep 2023 20:16:30 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
www.showtimeoriginals.com/wp-content/fonts/poppins/
8 KB
8 KB
Font
General
Full URL
https://www.showtimeoriginals.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Request headers

Referer
https://www.showtimeoriginals.com/
Origin
https://www.showtimeoriginals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
etag
"62b411ef-1e44"
last-modified
Thu, 23 Jun 2022 07:10:39 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
none, bytes
content-length
7748
expires
Wed, 13 Sep 2023 20:16:30 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/
346 KB
122 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9660532692590929&plah=www.showtimeoriginals.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9660532692590929
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c69465dd335e421c6a62450c69e28ccd8767709ef3cf7f07bf37739473d6baaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124747
x-xss-protection
0
server
cafe
etag
5271510038305737980
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Sep 2022 20:16:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/ Frame 69A9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9660532692590929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.showtimeoriginals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19877
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 14:45:14 GMT
etag
8616628553774171045
expires
Tue, 27 Sep 2022 14:45:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb2613bd2b973f5e9b2d937ee5d09c883e30ebb363977e5c0b371b2f296f9b55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e2321474fb5f3f6ad853752f86b439b39a982218ce19f5125365283cd2c5215

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a500fd544eb362458fc5a66689c9afa1b3b58ba59da198e886fb8494d6854ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
cropped-stranger_things_6_hd_movies-2.jpg
www.showtimeoriginals.com/wp-content/uploads/2020/09/
301 KB
302 KB
Image
General
Full URL
https://www.showtimeoriginals.com/wp-content/uploads/2020/09/cropped-stranger_things_6_hd_movies-2.jpg
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
031f72040bdcadf1fb62524250cafcb09eb97e0c10ba4871ae97d407062e29c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
etag
"5f69accf-4b4e4"
last-modified
Tue, 22 Sep 2020 07:50:39 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
private, max-age=31536000
accept-ranges
bytes
content-length
308452
expires
Wed, 13 Sep 2023 20:16:30 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
www.showtimeoriginals.com/wp-content/fonts/poppins/
8 KB
8 KB
Font
General
Full URL
https://www.showtimeoriginals.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Request headers

Referer
https://www.showtimeoriginals.com/
Origin
https://www.showtimeoriginals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
etag
"62b411f0-1f40"
last-modified
Thu, 23 Jun 2022 07:10:40 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8000
expires
Wed, 13 Sep 2023 20:16:30 GMT
fa-solid-900.woff2
www.showtimeoriginals.com/wp-content/themes/jetblack/css/font-awesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://www.showtimeoriginals.com/wp-content/themes/jetblack/css/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/wp-content/cache/autoptimize/css/autoptimize_single_d711781e0c62d06c5690324342c86d18.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://www.showtimeoriginals.com/wp-content/cache/autoptimize/css/autoptimize_single_d711781e0c62d06c5690324342c86d18.css
Origin
https://www.showtimeoriginals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
etag
"62b3eb3d-13174"
last-modified
Thu, 23 Jun 2022 04:25:33 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
78196
expires
Wed, 13 Sep 2023 20:16:30 GMT
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
www.showtimeoriginals.com/wp-content/fonts/poppins/
7 KB
8 KB
Font
General
Full URL
https://www.showtimeoriginals.com/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f

Request headers

Referer
https://www.showtimeoriginals.com/
Origin
https://www.showtimeoriginals.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:30 GMT
etag
"62b411f0-1dd0"
last-modified
Thu, 23 Jun 2022 07:10:40 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7632
expires
Wed, 13 Sep 2023 20:16:30 GMT
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8db0e7dd1256b68f9c60999aac7f95c7ce91cbf0c4969978727c9d2ed46b6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 19:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Sep 2022 20:37:22 GMT
collect
region1.google-analytics.com/g/
0
345 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L1MNKMDKDL&gtm=2oe9c0&_p=120328253&gdid=dZGIzZG.dZTNiMT&cid=500508474.1663100191&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663100190&sct=1&seg=0&dl=https%3A%2F%2Fwww.showtimeoriginals.com%2F&dt=HOME%20-%20ShowTimeOriginals&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L1MNKMDKDL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Sep 2022 20:16:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.showtimeoriginals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
The-Kashmir-Files-Movie-3.jpg
www.showtimeoriginals.com/wp-content/uploads/2022/03/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_900/https://www.showtimeoriginals.com/wp-content/uploads/2022/03/The-Kashmir-Files-Movie-3.jpg
  • https://www.showtimeoriginals.com/wp-content/uploads/2022/03/The-Kashmir-Files-Movie-3.jpg
293 KB
294 KB
Image
General
Full URL
https://www.showtimeoriginals.com/wp-content/uploads/2022/03/The-Kashmir-Files-Movie-3.jpg
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
0a70440a6a71cd405deaddfe7726623c90a35a576f0aa75d519fe3ceed5a290e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
etag
"6234e33c-494c0"
last-modified
Fri, 18 Mar 2022 19:53:32 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
private, max-age=31536000
accept-ranges
bytes
content-length
300224
expires
Wed, 13 Sep 2023 20:16:31 GMT

Redirect headers

date
Tue, 13 Sep 2022 20:16:31 GMT
cdn-edgestorageid
713
access-control-allow-origin
*
cdn-cachedat
09/13/2022 20:16:31
cdn-pullzone
257218
cdn-tag
0; Domain: www.showtimeoriginals.com; 302
content-length
0
server
BunnyCDN-DE-713
pragma
cache
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver
1.02
cdn-requestpullcode
302
location
https://www.showtimeoriginals.com/wp-content/uploads/2022/03/The-Kashmir-Files-Movie-3.jpg
content-type
text/html; charset=utf-8
cdn-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid
473f74a1b4cf70293eaa005442e847fc
cdn-requestcountrycode
DE
cdn-status
302
cdn-requestpullsuccess
True
default_email.png
www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_40,h_40/https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
  • https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
2 KB
2 KB
Image
General
Full URL
https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
d2bbd9c27168416289a2b9b8ee4e21b3473338cc5e29f99b734a9c510a5e9a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
etag
"626a4f5e-61e"
last-modified
Thu, 28 Apr 2022 08:25:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
private, max-age=31536000
accept-ranges
bytes
content-length
1566
expires
Wed, 13 Sep 2023 20:16:31 GMT

Redirect headers

date
Tue, 13 Sep 2022 20:16:31 GMT
cdn-edgestorageid
713
access-control-allow-origin
*
cdn-cachedat
09/13/2022 20:16:31
cdn-pullzone
257218
cdn-tag
0; Domain: www.showtimeoriginals.com; 302
content-length
0
server
BunnyCDN-DE-713
pragma
cache
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver
1.02
cdn-requestpullcode
302
location
https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
content-type
text/html; charset=utf-8
cdn-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid
9d40affa28c212d9b998331f5eb636b1
cdn-requestcountrycode
DE
cdn-status
302
cdn-requestpullsuccess
True
default_instagram.png
www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_40,h_40/https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png
  • https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png
9 KB
9 KB
Image
General
Full URL
https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
84b9e1a326d4700c07ace98644a2a0c39d2216ba280ba82a9e6ba37c2cf230cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
etag
"626a4f5e-2363"
last-modified
Thu, 28 Apr 2022 08:25:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
private, max-age=31536000
accept-ranges
bytes
content-length
9059
expires
Wed, 13 Sep 2023 20:16:31 GMT

Redirect headers

date
Tue, 13 Sep 2022 20:16:31 GMT
cdn-edgestorageid
713
access-control-allow-origin
*
cdn-cachedat
09/13/2022 20:16:31
cdn-pullzone
257218
cdn-tag
0; Domain: www.showtimeoriginals.com; 302
content-length
0
server
BunnyCDN-DE-713
pragma
cache
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver
1.02
cdn-requestpullcode
302
location
https://www.showtimeoriginals.com/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png
content-type
text/html; charset=utf-8
cdn-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid
7c51838e50b49437a310f4a8cf457835
cdn-requestcountrycode
DE
cdn-status
302
cdn-requestpullsuccess
True
rad-1024x569.webp
www.showtimeoriginals.com/wp-content/uploads/2022/03/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_1024/https://www.showtimeoriginals.com/wp-content/uploads/2022/03/rad-1024x569.webp
  • https://www.showtimeoriginals.com/wp-content/uploads/2022/03/rad-1024x569.webp
82 KB
82 KB
Image
General
Full URL
https://www.showtimeoriginals.com/wp-content/uploads/2022/03/rad-1024x569.webp
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
3b54afeb68e21a3366a20081c62a9f31aee52ffb637a3667a17d5a57632a40c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
etag
"623395fd-14610"
last-modified
Thu, 17 Mar 2022 20:11:41 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
83472
expires
Wed, 13 Sep 2023 20:16:31 GMT

Redirect headers

date
Tue, 13 Sep 2022 20:16:31 GMT
cdn-edgestorageid
713
access-control-allow-origin
*
cdn-cachedat
09/13/2022 20:16:31
cdn-pullzone
257218
cdn-tag
0; Domain: www.showtimeoriginals.com; 302
content-length
0
server
BunnyCDN-DE-713
pragma
cache
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver
1.02
cdn-requestpullcode
302
location
https://www.showtimeoriginals.com/wp-content/uploads/2022/03/rad-1024x569.webp
content-type
text/html; charset=utf-8
cdn-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid
840761679f232723260b42fa3fadad7d
cdn-requestcountrycode
DE
cdn-status
302
cdn-requestpullsuccess
True
MV5BOTllNjVkY2ItMjA3OC00ODE5LWE3MWMtMjdjZTQ1N2NlYjRmXkEyXkFqcGdeQXVyNDI3NjU1NzQ%40._V1_.jpg
www.showtimeoriginals.com/wp-content/uploads/2022/03/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_auto,q_glossy,ret_img,w_759/https://www.showtimeoriginals.com/wp-content/uploads/2022/03/MV5BOTllNjVkY2ItMjA3OC00ODE5LWE3MWMtMjdjZTQ1N2NlYjRmXkEyXkFqcGdeQXVyND...
  • https://www.showtimeoriginals.com/wp-content/uploads/2022/03/MV5BOTllNjVkY2ItMjA3OC00ODE5LWE3MWMtMjdjZTQ1N2NlYjRmXkEyXkFqcGdeQXVyNDI3NjU1NzQ%40._V1_.jpg
75 KB
76 KB
Image
General
Full URL
https://www.showtimeoriginals.com/wp-content/uploads/2022/03/MV5BOTllNjVkY2ItMjA3OC00ODE5LWE3MWMtMjdjZTQ1N2NlYjRmXkEyXkFqcGdeQXVyNDI3NjU1NzQ%40._V1_.jpg
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H2
Server
103.20.212.182 Faridabad, India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS
cipl.cloudhostdns.net
Software
nginx / PleskLin
Resource Hash
0faf66b0761698bbcd0c573d11a1ff6035d779eed391c820d707b317fde42815

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
etag
"622a6063-12da7"
last-modified
Thu, 10 Mar 2022 20:32:35 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
private, max-age=31536000
accept-ranges
bytes
content-length
77223
expires
Wed, 13 Sep 2023 20:16:31 GMT

Redirect headers

date
Tue, 13 Sep 2022 20:16:31 GMT
cdn-edgestorageid
713
access-control-allow-origin
*
cdn-cachedat
09/13/2022 20:16:31
cdn-pullzone
257218
cdn-tag
0; Domain: www.showtimeoriginals.com; 302
content-length
0
server
BunnyCDN-DE-713
pragma
cache
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver
1.02
cdn-requestpullcode
302
location
https://www.showtimeoriginals.com/wp-content/uploads/2022/03/MV5BOTllNjVkY2ItMjA3OC00ODE5LWE3MWMtMjdjZTQ1N2NlYjRmXkEyXkFqcGdeQXVyNDI3NjU1NzQ%40._V1_.jpg
content-type
text/html; charset=utf-8
cdn-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid
2dc756c85be02ad00c39a533ba477cc0
cdn-requestcountrycode
DE
cdn-status
302
cdn-requestpullsuccess
True
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=120328253&t=pageview&_s=1&dl=https%3A%2F%2Fwww.showtimeoriginals.com%2F&ul=en-us&de=UTF-8&dt=HOME%20-%20ShowTimeOriginals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=578495751&gjid=1349398983&cid=500508474.1663100191&tid=UA-192617313-1&_gid=76887995.1663100191&_r=1&gtm=2ou9c0&did=dZGIzZG&gdid=dZGIzZG&z=1129395638
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.showtimeoriginals.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Sep 2022 20:16:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.showtimeoriginals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=120328253&t=pageview&_s=1&dl=https%3A%2F%2Fwww.showtimeoriginals.com%2F&ul=en-us&de=UTF-8&dt=HOME%20-%20ShowTimeOriginals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUIhBAAAAC~&jid=&gjid=&cid=500508474.1663100191&tid=UA-192617313-1&_gid=76887995.1663100191&gtm=2ou9c0&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&z=1663252736
Requested by
Host: www.showtimeoriginals.com
URL: https://www.showtimeoriginals.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 21:38:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81456
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
225 B
649 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.showtimeoriginals.com&callback=_gfp_s_&client=ca-pub-9660532692590929
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9660532692590929&plah=www.showtimeoriginals.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98273c755cae77ef40032e1d74c2b12e7f8143c9a5eb7df42a3c5342604c9371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.showtimeoriginals.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9660532692590929&plah=www.showtimeoriginals.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Sep 2022 20:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.showtimeoriginals.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9660532692590929&plah=www.showtimeoriginals.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Sep 2022 20:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1F2C
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9660532692590929&output=html&adk=1812271804&adf=3025194257&lmt=1663100191&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.showtimeoriginals.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663100190920&bpp=6&bdt=554&idt=228&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4323884665072&frm=20&pv=2&ga_vid=500508474.1663100191&ga_sid=1663100191&ga_hid=120328253&ga_fc=1&ga_cid=76887995.1663100191&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=4394385383557370&tmod=1132865741&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9660532692590929&plah=www.showtimeoriginals.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.showtimeoriginals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 20:16:31 GMT
expires
Tue, 13 Sep 2022 20:16:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9660532692590929&plah=www.showtimeoriginals.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16195de0f9a0c3452c8c262c93ec8e66df4093bcd454d58d842a895f766dfdfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Sep 2022 20:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11307
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9660532692590929&plah=www.showtimeoriginals.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 20:16:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 200C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.showtimeoriginals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 19:14:39 GMT
expires
Wed, 13 Sep 2023 19:14:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 21E4
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c55be3782b4ffccebb3c6665e53f887af2522f915a366cb853de484ace4c44ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GFJfz87LCirmxsOW-W3PCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.showtimeoriginals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-GFJfz87LCirmxsOW-W3PCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 20:16:31 GMT
expires
Tue, 13 Sep 2022 20:16:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 200C
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:29:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 21:29:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 21E4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220908&jk=4394385383557370&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 200C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?QC_Q5A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 20:16:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220908&jk=4394385383557370&bg=!mpmlmd3NAAZTikH4c4o7ACkAdvg8WtduHdL_GeFnYkB2H7V9mXclgyXMsVD9Ek3tRnl5LaUqV4pKKAIAAABjUgAAAANoAQcKAEcpwT6b5EZ9mA5WLnpHtMD8LdR1OAoWNODHOtV7Wn-o5x70bnzZHzLW5N8ih6kpHXs8GkPi8Dno3r5ZtA0jQgs2x2UJatamVpkC2Y6ZkbMnHJAyQZvIJt-gVA9j9yGNRRqLcsyceY2QYOeahGpvmfPXWHvcWHLytW099bF_GzF9_GEe03BkjVCDWMcfrbd5RulBNcb0s1MNUGmpfNR1PqIFPptyF9IFzBCACR_BLfL5U9AO7tgZx4cxurnqKW8GuSS331Gy4yVKv9VhzPYKHJDDj5ACGw6xlG_1lKx0WmcrUcB2C9zcFXT_oLNPQA5J2Nvxyl_XzecXg2a0zpW_vkiG8zXPqqYdYGulhxHYXSt1TdYqPW_8xnkslEw3FEayy0YsNu88NlsnLWl5MKxXjfq9qP_Yf98MHgEVEeXhy9ZVpHh9GBmNcqMfjHsTjpkLMJzVfUVTbawB336ZSnNY6IqyMtR_kYmsNHYF3DoCZh1ms7uWEpz7bzn8T6hDmGhcrsCWL8OPwo5hTOmfGaJvnOomor5zkgexBY-fqJhIdQ3GwgibY2zz_y5saJPlGXF8sPG5C01HQPceZWGWA81DJxFXIH50VYcqyjae6cQDtIy1k01g3yEdd87I9WdLhFkyIUU-bEZG5ZvCNB00iiF0HSnfdHOxSVvZGCTJRYWPSDd3R_WXSPPTsgmAfXN4lyK6q2ufmn1Z04oIYyV9VZByxhx1pGyIoMmpa2LsN59jpvP_YX9E_xeUaVr3XOn0Umyfk0Ehtp7lTIsHwj6rFWgIvqIwYtSGuiacWGn-JZTzhQz_WEzOaa6AlGPqNJEkCNPDNH_O7oRZVN7nhVU7PraHGnFJ6vj9XO5tIX4chV2a8ZMGi-b9a8bvJcBX8Ky7vwp3ix7O7qfJPOBLnuLNNKMmZqyhmSa3sFH4YhkCEEfq-tuPSg4zD8fPljoOpUW9ERSta1dY_FR7nCfJrejB0fkQXsgm3wyk3IM3B0AmkrNSwd35-X6pDQX6uptYH0ii9nhAS6HmI4nAH2LCUxQPo1KEfSGRFC0vUxF4f1OqPclHp425xAauNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.showtimeoriginals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| sfsi_processfurther object| lazySizesConfig object| sfsi_icon_ajax_object object| jetblackScreenReaderText object| gaplugins object| gaGlobal object| gaData object| lazySizes function| MonsterInsights object| MonsterInsightsObject function| showErrorSuc function| beForeLoad function| sfsi_make_popBox function| sfsi_stick_widget function| sfsi_float_widget function| sfsi_shuffle function| Shuffle function| sfsi_setCookie function| sfsfi_getCookie function| sfsi_hideFooter number| global_error function| sfsihidemepopup object| initTop function| close_overlay function| sfsi_wechat_share function| sfsi_mobile_wechat_share function| sfsi_copy_text_parent_input function| sfsi_responsive_toggle function| sfsi_time_pop_up function| sfsi_social_pop_up function| sfsi_plugin_version function| sfsi_widget_set function| sfsi_pinterest_modal_images function| sfsi_pinterest_modal object| sfsi_functions_loaded undefined| $ function| jQuery object| Modernizr function| Manipulator function| SFSI function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| $blocks function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.showtimeoriginals.com/ Name: _gid
Value: GA1.2.76887995.1663100191
.showtimeoriginals.com/ Name: _ga_L1MNKMDKDL
Value: GS1.1.1663100190.1.0.1663100190.0.0.0
.showtimeoriginals.com/ Name: _gat_gtag_UA_192617313_1
Value: 1
.showtimeoriginals.com/ Name: _ga
Value: GA1.2.500508474.1663100191
.showtimeoriginals.com/ Name: __gads
Value: ID=6c85522c61afb67e-2218aaae1ece00bd:T=1663100191:RT=1663100191:S=ALNI_MZ2Gb9PpzG0-um72cHRs5Kgw3pTzA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
showtimeoriginals.com
sp-ao.shortpixel.ai
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.showtimeoriginals.com
103.20.212.182
185.59.220.194
2001:4860:4802:34::36
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
031f72040bdcadf1fb62524250cafcb09eb97e0c10ba4871ae97d407062e29c3
0a70440a6a71cd405deaddfe7726623c90a35a576f0aa75d519fe3ceed5a290e
0faf66b0761698bbcd0c573d11a1ff6035d779eed391c820d707b317fde42815
16195de0f9a0c3452c8c262c93ec8e66df4093bcd454d58d842a895f766dfdfd
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
3b54afeb68e21a3366a20081c62a9f31aee52ffb637a3667a17d5a57632a40c3
3e2321474fb5f3f6ad853752f86b439b39a982218ce19f5125365283cd2c5215
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
44a745afbe1525b2df4bd6fbfee5e3cc252e5c95cf440685e99ea92dd8bbda3d
548cea806ff86a0ca53c4d6b230fa38d3147bf6e7aa0367d8040d9aba92f8282
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a500fd544eb362458fc5a66689c9afa1b3b58ba59da198e886fb8494d6854ea
61bad83d7c06607dd167b09d69cc42d914c50da2cdf970e9da1af959a5c5ca89
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726357b4aac38b3ea6ce7165104853873ab93e4f83ab47cc4ec9a9c5d92a6d67
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b9e1a326d4700c07ace98644a2a0c39d2216ba280ba82a9e6ba37c2cf230cc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93cf8b99cb5bb19acd2d1e52199598e51de5de523128e4cdca2b0e46434de941
98273c755cae77ef40032e1d74c2b12e7f8143c9a5eb7df42a3c5342604c9371
9c8db0e7dd1256b68f9c60999aac7f95c7ce91cbf0c4969978727c9d2ed46b6f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b9a1f1bebba1467e24c51d78efc8cbbd74764b3acb8f854678026ccbcb811d38
bb2613bd2b973f5e9b2d937ee5d09c883e30ebb363977e5c0b371b2f296f9b55
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c55be3782b4ffccebb3c6665e53f887af2522f915a366cb853de484ace4c44ca
c69465dd335e421c6a62450c69e28ccd8767709ef3cf7f07bf37739473d6baaf
cbbd0f69142484d83a14cf1d17c417128e65b047fd683e07d7d211426044bac6
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d2bbd9c27168416289a2b9b8ee4e21b3473338cc5e29f99b734a9c510a5e9a19
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149