urlscan.io logo urlscan.io
SecurityTrails logo

demonic-empire.shivtr.com Open in urlscan Pro
45.33.21.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://demonic-empire.shivtr.com/
Effective URL: https://demonic-empire.shivtr.com/
Submission: On December 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 108 HTTP transactions. The main IP is 45.33.21.148, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is demonic-empire.shivtr.com.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.
This is the only time demonic-empire.shivtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    45.33.21.148 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com
demonic-empire.shivtr.com
static.shivtr.com
17    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
24    16.182.34.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2606:4700::6813:a741 (United States)

ASN13335 (CLOUDFLARENET, US)
res.cloudinary.com
1    46.105.124.43 (France)

ASN16276 (OVH, FR)
PTR: ns3056850.ip-46-105-124.eu
www.wowfan.cz
3    99.84.146.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-146-120.txl52.r.cloudfront.net
wow.zamimg.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
18    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
23    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
647 KB
24 amazonaws.com
s3.amazonaws.com
136 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
135 KB
8 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
7 shivtr.com
demonic-empire.shivtr.com
static.shivtr.com
213 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
58 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
255 KB
3 zamimg.com
wow.zamimg.com — Cisco Umbrella Rank: 69165
319 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3858
169 KB
1 wowfan.cz
www.wowfan.cz
99 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2314
32 KB
108 13
Domain Requested by
24 s3.amazonaws.com demonic-empire.shivtr.com
static.shivtr.com
23 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
18 googleads.g.doubleclick.net 4 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
17 pagead2.googlesyndication.com demonic-empire.shivtr.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 www.googleadservices.com
5 www.google.com 4 redirects tpc.googlesyndication.com
5 static.shivtr.com demonic-empire.shivtr.com
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 wow.zamimg.com demonic-empire.shivtr.com
wow.zamimg.com
2 demonic-empire.shivtr.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 i0.wp.com demonic-empire.shivtr.com
1 www.wowfan.cz demonic-empire.shivtr.com
1 res.cloudinary.com demonic-empire.shivtr.com
108 16

This site contains links to these domains. Also see Links.

Domain
armory.warmane.com
shivtr.com
Subject Issuer Validity Valid
*.shivtr.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-06-21 -
2024-06-22		 a year crt.sh
wowfan.cz
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.zamimg.com
Amazon RSA 2048 M01		 2023-09-21 -
2024-10-18		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://demonic-empire.shivtr.com/
Frame ID: 7B0A5EBAE1325BEC440DA89A53B440D1
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 0B370F81DD4F93C9ADD012F330CA4B64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1701616417&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417079&bpp=2&bdt=9193&idt=298&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4685527154867&frm=20&pv=2&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: D1A239741C65DE750C5AAC3F13CD8930
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Frame ID: 3E0D1ECE26B6BA3C47562B77E2D85E27
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 20961830E5293FBECC7232BFFEA0470F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: F59C9B0013DD10C6681A0881A912E042
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 0D7586FDABE0282E01E09F20114F1F0D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: D0AA276F418CD092ADE80BA0DB0CFA69
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 1B02CA66121AC997C8D975831C1D0FF8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DD9291337ADFD93D6278C3080BB75F2C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 93CC6E285E666D13AC60649E97494950
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0761FEFA75332D21A80BD05BEBC5EEE5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29FBCF362A9B822F95E5366C73E1F06D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 3A4B1601995A95D3BE3893A2F8020D83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 448D5C0C235F5304E36DFA19480BBDAC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 7292194FB36611C3956495CE33B70EEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 47CFD1C018C60D17F853374C27E6C845
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Demonic Empire

Page URL History Show full URLs

  1. http://demonic-empire.shivtr.com/ HTTP 308
    https://demonic-empire.shivtr.com/ Page URL

Detected technologies

Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

108
Requests

96 %
HTTPS

60 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

2066 kB
Transfer

5353 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://demonic-empire.shivtr.com/ HTTP 308
    https://demonic-empire.shivtr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 52
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaVf2IZtsZZXAHufsn88PuYOLmA24q-DMdOvo3tv_EWQQASDYoKYEYJXyi4KYB6AB8-Wb0wPIAQKpAocWcjmKQrI-qAMByAPJBKoE5wFP0EKPVlcfM9lXOkynCBGJXwkh7RgtSldH1oszN4AemkDyadclGsWHcF5rkl32nyLgc96aokA82EMg_mT03pvTG7CsWuHxxkqe5uLZ4XersXTARuy1wRWp2r4w9Uug4nG4iPvbkjge1ZIbHad9YOZwucAdj5-dQYA-WeE8LCUIrlxXozALkvPnQSyakr_lnEBw87kurEzpkG8QCjZaqdNC11EnN8oACpaxPKHiBrzh1hw_1xAUvNk-lr8R0Aik2RxDyXfKDRuVUfuhL6xn94A7d9wtRIgFGsutZqNP4bURCkaq9SI1BbDABJXVzOG_BIgF2L-1k02SBQQIBBgBkgUECAUYBKAGAoAHx8ymjgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCLpRbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNGF65DH84IDmglSaHR0cHM6Ly9kZS5pa2FyaWFtLmdhbWVmb3JnZS5jb20vbGFuZGluZzQvP2tpZD1hLTAzODA2LTAyMjA2LTIzMTAtYTM4NzcwMWImZ2ZzaWQ9Y4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLYEw7QFQGAFwGyFxwKGggAEhRwdWItMjM2NzEwODA0ODI4NzUxNRgA&sigh=OR6BM7o4F-E&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNi7cO_S1bohZK7zB1VQA1Un2m_eftLiB2c-W8nJ7q5vfKZs3Cei6XmGrIB5n578qMq14Jx_48dhw3t-BFAf4Z_CfDQDLhM-K9YxgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227429827225286745570%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979825395%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222319559934466879345%22}&andc=true
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 87
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 95
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C-7CuIZtsZZvqHqyo2OMPieCGuAzVprzIdJbPp8WSEr2T8siNDhABINigpgRglfKLgpgHoAHOq4fUA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTkAU_QGU_jTYmIfgjutP1lWefAzLw0lbvsI7LzDldJbi81QZSWv-YcEoQZb5Y9uI9w91p0BXPgD6f4ZKZ98w-mDEmjRkfmiAwybVNJvCG4_tEU8SL2uxEFFraG3FTLGXnayLYwbJo3DkejCUL6aDPk5SYkvLqQa6pE_qgkYG7RW2NunRMFkAbGS2atCekktL7Zu6v2bAkl22CIvVumS8OfpgvBLVacuGqRC2W0Va-jL5wD-Qtpj44zB1LM_u6UlggwMRdg9W2ME3RODfS_66HTqU5eKyCfnkijfRj_rySukkPYIm82jMAE-c75y70EiAWyz7XGTaAGAoAHxIW_iAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDL9RbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WK_Y6pDH84IDmgmJAWh0dHBzOi8vd3d3LmNvbmNlcHQuY3ovcm9ib3RpY2t5LXZ5c2F2YWMtcy1tb3BlbS12aXNpb25lLTNkLXZyMzU1MF9kMTcxNjU2Lmh0bWw_dXRtX3NvdXJjZT1kaXNwbGF5JnV0bV9tZWRpdW09YmFubmVyJnV0bV9jYW1wYWlnbj1oZXVyZWthgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTA9AVAYAXAbIXHAoaCAASFHB1Yi0yMzY3MTA4MDQ4Mjg3NTE1GAA&sigh=XBjHN9fhbaU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN7lim0w-GGG4YMr_nwzXRlrZColCRtWaWqewhLrcwMKT5bSKm-dJxmgoiQKO868VR9i7pCantBWbg4ORYoNjSGoVyY-JEEf9cXSkYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225534530609314499669%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212696897077267875649%22}&andc=true
Request Chain 99
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFex5IZtsZZzqHqyo2OMPieCGuAzVprzIdJbPp8WSEr2T8siNDhABINigpgRglfKLgpgHoAHOq4fUA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTkAU_QUHsfsuO_yIfeBhGqeOq0w2oix62nX1ot8c-SJR6lfqq0W0BRqHFQJo5U_IkMSZCSGsbejaJsX2T9ddHQPdYKVyHTacCmxPU4zl0G43PDRw0VpX4z5HIjaHM_4zMBEBlXKPACo-LvWkN7vyngzBeCorIjst_jDadSF89p3VA6mwJkeQiVMdyuaSIibBUtvX1YCyVeTc3Brreai2_HkEwFakELXI6OWRW9HvO5YY0pqhHp-mJ-5Km0oZaTz3GKEKK0VTcRH0S3eHPrkF88Ck2soPE6pdhtBRgpe9sTe4dp0SsWzsAE-c75y70EiAWyz7XGTaAGAoAHxIW_iAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDv5RbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WK_Y6pDH84IDmgmJAWh0dHBzOi8vd3d3LmNvbmNlcHQuY3ovcm9ib3RpY2t5LXZ5c2F2YWMtcy1tb3BlbS12aXNpb25lLTNkLXZyMzU1MF9kMTcxNjU2Lmh0bWw_dXRtX3NvdXJjZT1kaXNwbGF5JnV0bV9tZWRpdW09YmFubmVyJnV0bV9jYW1wYWlnbj1oZXVyZWthgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTA9AVAYAXAbIXHAoaCAASFHB1Yi0yMzY3MTA4MDQ4Mjg3NTE1GAA&sigh=cKTq2tWyN0k&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN7lim0w-GGG4YMr_nwzXRlrZColCRtWaWqewhLrcwMKT5bSKm-dJxmgoiQKO868VR9i7pCantBWbg4ORYoNjSGoVyY-JEEf9cXSkYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225234204295853103770%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225631860107907769105%22}&andc=true
Request Chain 102
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 104
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIdbnIZtsZZ3qHqyo2OMPieCGuAy4q-DMdOP93tv_EWQQASDYoKYEYJXyi4KYB6AB8-Wb0wPIAQGpAocWcjmKQrI-qAMByAPLBKoE4wFP0DwMPcx0mfQeCBhxc2QYIuAGd0sRL3NCOL4OhnfQo9JNd2d_UfRnFDAOR2n3sO84iUukbdxBlrzlrcQp0-3Z4yNOLWgFxWOEDBd8zWyU1UWcLcY8cX0rKrsvEClUfl0lZOa3EsTw_I2ywU3fj5PabdNv4up8tmYVwTiyMAd8UuUrIywwIwH8jvaWjakpeudA13l8TyTWLM38_zIwvSm9qT1VfsvYPqQ3wYvKel6P4MwJ626jc9kw4Adk4tD0xcK4qpNDAd4nbpOQ8TLDeVBj9HTfZLMJn38a0vRvwJIOdWx94MAEldXM4b8EiAXYv7WTTZIFBAgEGAGSBQQIBRgEgAfHzKaOAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEL7yLtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYr9jqkMfzggOaCVJodHRwczovL2RlLmlrYXJpYW0uZ2FtZWZvcmdlLmNvbS9sYW5kaW5nNC8_a2lkPWEtMDM4MDYtMDIyMDYtMjMxMC1hMzg3NzAxYiZnZnNpZD1jgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDogUAdAVAYAXAbIXHAoaCAASFHB1Yi0yMzY3MTA4MDQ4Mjg3NTE1GAA&sigh=jyIYvuCCuCg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN7lim0w-GGG4YMr_nwzXRlrZColCRtWaWqewhLrcwMKT5bSKm-dJxmgoiQKO868VR9i7pCantBWbg4ORYoNjSGoVyY-JEEf9cXSkYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211570193113753023507%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979825395%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224490807544287725601%22}&andc=true

108 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
demonic-empire.shivtr.com/
Redirect Chain
  • http://demonic-empire.shivtr.com/
  • https://demonic-empire.shivtr.com/
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
ecf5da7b1ed8a50421903fd4b3af4871c1076f9cfe6179d7c5634df8ca365176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 15:13:27 GMT
etag
W/"ecf5da7b1ed8a50421903fd4b3af4871"
referrer-policy
strict-origin-when-cross-origin
server
Caddy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
35fde85f-3d55-40d9-9d95-3e1cf1c41498
x-runtime
0.069558
x-xss-protection
1; mode=block

Redirect headers

Connection
close
Content-Length
0
Date
Sun, 03 Dec 2023 15:13:26 GMT
Location
https://demonic-empire.shivtr.com/
Server
Caddy
guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/ 		218 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:28 GMT
content-encoding
gzip
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgq4s2q"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
614089-1687777479.css
static.shivtr.com/css-cache/site_themes/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
bd777b49e978d13efd23e3c33717d52238ff7f3d31d5085f7a2069f6de94c48f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:28 GMT
content-encoding
gzip
last-modified
Mon, 03 Jul 2023 11:04:39 GMT
server
Caddy
etag
"rx7w3rnem"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
static.shivtr.com/assets/ 		608 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.shivtr.com/assets/guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:28 GMT
content-encoding
gzip
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgqdcmv"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39d6d9bd28c98ee22e4b34718335d12ba1140fd926e01d438a05c63c14bfe455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52732
x-xss-protection
0
server
cafe
etag
5807035648824602705
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:30 GMT
favicon.png
static.shivtr.com/s3/missing/ 		382 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shivtr.com/s3/missing/favicon.png
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:28 GMT
last-modified
Wed, 28 Jun 2023 04:24:58 GMT
server
Caddy
etag
"rwy49mam"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
382
home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/ 		250 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shivtr.com/assets/mobile/toolbar/home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li975-148.members.linode.com
Software
Caddy /
Resource Hash
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:28 GMT
last-modified
Sun, 02 Jul 2023 20:26:50 GMT
server
Caddy
etag
"rx6rgq6y"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
250
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/17/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/17/out.png?1356759142
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d75a105ae665367fed5c8b4f861ef14368df2ddc603b7777140164b0d57c333a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:29 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:24 GMT
Server
AmazonS3
x-amz-request-id
SQN6EHGWMXB18YE5
ETag
"b349535acc00a6991ef2fb4df319d70a"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1233
x-amz-id-2
ms5qKeJv2vEsxGc01kEqPS/3GUkuc/AKq0p7HgoV12QlAIFi3YhLlqScCR6/qDId3MSLxpiT3iE=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/22/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/22/out.png?1356759148
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
54cc0e7807cf8bdf5d48a2930fbcd3b5a30b0dae8cc3bbab2efcee6fad1a092d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:29 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:30 GMT
Server
AmazonS3
x-amz-request-id
SQNFM4QJ51V08A80
ETag
"e6796325284cc94e9c47abfafd14f1cf"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1192
x-amz-id-2
hv+pbWBhTvkCNSAiU2X6ULXnN6UTVkXhRkG3MMAhpD3y9Uyd+eIOzTdg1unHMgstBl7GYXl9l/M=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/14/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/14/out.png?1356759154
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff4094a2d0a0df94d358f9363bafe98fb4ed45601b46456651bb7ae23a48f625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:29 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:35 GMT
Server
AmazonS3
x-amz-request-id
SQN7SP817AF5PKAE
ETag
"f8e2fc8f735480d867ad95834fbd6924"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1097
x-amz-id-2
x6MjhlmHY6KzABmHvSUGQt3Bbl3F7FYaHQQmUYXhjbMJgGivti5PLNA3OUFnrEFF5WNW+NU5XIk=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/19/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/19/out.png?1356759160
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7088d6c86fda7a1dbd11ce4ec06ab4cf62f816203c1a68092d8b87bb847d2ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:31 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:41 GMT
Server
AmazonS3
x-amz-request-id
PCVYA3SH3P3E29VR
ETag
"08eaa3fe5ce8ec8c0118f5badcf2e38c"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1219
x-amz-id-2
cZpkw0CB6DS9Zv/WdeaGwpuGg3NgBRu1V+Cb7dL0raYwIcQWwKxI6DLGfpJasvrUmHeJXU+oWCs=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/13/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/13/out.png?1356759171
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
38444148a2237a29af423edbe716ea9587872041585593d569fa13206db7a80e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:31 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:52 GMT
Server
AmazonS3
x-amz-request-id
PCVV8BPW9GHFWBM9
ETag
"522333c5b6abf6697e0894a433613b82"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1237
x-amz-id-2
euosANrbWgGPmRF3Z/BxsgoeZnwN2d5yufh2DxRIX1y8IEfLoVOINz4xsWS2zSa/MW0a7NsoFXk=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/16/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/16/out.png?1356759178
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0101f1a2e65d66a8af54470ef2853f727dbaed3caf9aabaa522c9c46880f7e58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:31 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:32:59 GMT
Server
AmazonS3
x-amz-request-id
PCVRRRMSGGEWZH1F
ETag
"3fa41138fa5d03f5edd315ba0eaf4a4e"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1221
x-amz-id-2
qu0U6AwmXb7GtNt/visMSe56uE2NDGxYHNOkqcjx9fDUgGmtuRXaCcQNRc8lbnlxh1u2LwHMSc8=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/15/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/15/out.png?1356759184
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a4acdbc5956c3196a8c4327078b5364d58362446a3620aa375085c0b4a4411d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:31 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:05 GMT
Server
AmazonS3
x-amz-request-id
PCVW7XX0A76K63PA
ETag
"1baa44b20b606bacfa0507ae4b1d3c90"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1247
x-amz-id-2
txCdWwQt1lTCLGj4GESYT+K0PftsII7fy/fjJsKUOAMKrChxhlBDCBgXUhATcG18cWgXUbIbiak=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/18/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/18/out.png?1356759190
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a24b219c5dd7b0c9efdb2ffb85e250809341705b37781e9b00435f9b8c5e2e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:31 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:11 GMT
Server
AmazonS3
x-amz-request-id
PCVHQEXE4V3K2P8T
ETag
"dee117fe859968bfadeff49c57963aad"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1232
x-amz-id-2
rj9HaKtvWmPOmoBGsEaPjV0eg6sxSM3OOwqtUYCbizYy31pr8kDL4nPzrs8J9vmt8lObJ0ZJEyk=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/20/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/20/out.png?1356759196
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d6eade1ffe31d8226156f5c00fb48810841b02e60dd16f190205b162e8f73dc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:31 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:18 GMT
Server
AmazonS3
x-amz-request-id
PCVJXHSERQSXX4KM
ETag
"d6cfb94525c3d56d1d4220f50a282006"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1283
x-amz-id-2
dmwdZA9tOg+pharWlrUpZjlxC3IlXZHiZmk4iLw1+rEmKn569bFLQzpfYwGJXQusCrDUcwBxD20=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/12/out.png?1356759203
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
160f9c28c35e4390cd35e90cf1ccb3d80a58de14da97300d738b4e65cf54c7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:31 GMT
x-amz-version-id
null
Last-Modified
Sat, 29 Dec 2012 05:33:24 GMT
Server
AmazonS3
x-amz-request-id
PCVK998K35P30Q2T
ETag
"cfae4b32504ea00fbd74e4d8ecdd3a52"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1192
x-amz-id-2
FtIueybVv/VOQjRdwFiY8RwRm1ThK+3qcwTp9vinE7ss2j5tsvRjQ8Tzz9B6bmQluqWZDVdYJb4=
Expires
Tue, 08 Jan 2013 05:22:39 GMT
loadscreen-icecrown-citadel-full_lueuqz.jpg
res.cloudinary.com/mesorchoo/image/upload/c_crop,dpr_auto,f_auto,q_auto,w_1200/v1588050970/mesorchoo.com/artwork/instances/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/mesorchoo/image/upload/c_crop,dpr_auto,f_auto,q_auto,w_1200/v1588050970/mesorchoo.com/artwork/instances/loadscreen-icecrown-citadel-full_lueuqz.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a741 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95177cb9a19bb527f7ba16b9f0d2ff334091efc9c01ecd2bef69435fd3be7126
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:31 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="loadscreen-icecrown-citadel-full_lueuqz.webp"
server-timing
cld-cloudflare;dur=153;start=2023-12-03T15:13:31.106Z;desc=hit,rtt;dur=6
content-length
32394
last-modified
Tue, 28 Apr 2020 05:45:12 GMT
server
cloudflare
etag
"46a1aa1daa83765dd2bd82bab390fa07"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
private, no-transform, immutable, max-age=2592000
content-dpr
1
accept-ranges
bytes
cf-ray
82fcc109597a9b83-FRA
timing-allow-origin
*
ruby.jpg
www.wowfan.cz/pic/uploaded/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wowfan.cz/pic/uploaded/ruby.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.105.124.43 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3056850.ip-46-105-124.eu
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ee3affa7a75a5dab262c3796ec8926c8852a2040a013cf9421e284e88ce0930e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:31 GMT
last-modified
Fri, 30 Dec 2016 21:24:49 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5866d0a1-18b12"
content-length
101138
content-type
image/jpeg
138506-trial-of-the-champion.jpg
wow.zamimg.com/uploads/screenshots/normal/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wow.zamimg.com/uploads/screenshots/normal/138506-trial-of-the-champion.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.146.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-146-120.txl52.r.cloudfront.net
Software
/
Resource Hash
9301f07ce28c09e87781be0f793b1eec60e04eb986e7b58bb99aeecfc1b7669a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 20:52:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
last-modified
Fri, 08 Feb 2013 03:23:53 GMT
x-amz-cf-pop
TXL52-C1
age
1189256
etag
"51146fc9-36ac8"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
223944
x-amz-cf-id
2pE4r-MtnCoL1NZV-3wuIcmE-c6nheaGD8w0XbAV9ZPMFURiG2VAEA==
expires
Tue, 19 Dec 2023 20:52:35 GMT
Yogg-Saron_Blizzard_com.jpg
i0.wp.com/images3.wikia.nocookie.net/wowwiki/images/3/38/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images3.wikia.nocookie.net/wowwiki/images/3/38/Yogg-Saron_Blizzard_com.jpg
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
74c3eeecd923e56f2d4796ea18d4acd478cc329cdbdca2e51b55573a69f301c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:31 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
172906
x-nc
HIT hhn 2
last-modified
Fri, 23 Jun 2023 18:39:24 GMT
server
nginx
etag
"74cf938b738300d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://images3.wikia.nocookie.net/wowwiki/images/3/38/Yogg-Saron_Blizzard_com.jpg>; rel="canonical"
expires
Mon, 23 Jun 2025 06:39:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb5c4823189de96a79333f174d56e8e2fbfb058c467c475ad2217de7ea655c3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51685
x-xss-protection
0
server
cafe
etag
8135213538157264451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:37 GMT
power.js
wow.zamimg.com/widgets/ 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wow.zamimg.com/widgets/power.js
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.146.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-146-120.txl52.r.cloudfront.net
Software
/
Resource Hash
da535dc8327aeefb24419b1e0ede8a240e871500d9e19e3de223e2c15870b9f5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
date
Sun, 03 Dec 2023 15:05:14 GMT
last-modified
Sat, 02 Dec 2023 19:02:02 GMT
x-amz-cf-pop
TXL52-C1
age
503
etag
W/"656b7f2a-2c9bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
PTcz5-sAFDKYJXoSw22zSPbBsZz-Ok0W20SJGF5VSn-VxFjWHdPmeg==
expires
Sun, 03 Dec 2023 16:05:14 GMT
3930056.jpg
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/3930056.jpg?1548602383
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8026b77a36d1a7e20e512f163552d9b6634d5437c0fb7b18d6aeb0650cb92ca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
ClPnM4XHJqHQtpQpGfsGAAZOyAVA8AYG
Last-Modified
Sun, 27 Jan 2019 15:19:44 GMT
Server
AmazonS3
x-amz-request-id
P4FBTSTRVQ75J1VW
ETag
"bc0594e47c957793e78027cfc1414289"
Content-Type
image/jpeg
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
107952
x-amz-id-2
kAxOxfH4ZpkwX/U03Bh2yTdw0bbr7RdPueOL/Vqy6oWlTbrFGMc64BNhI49IXevJvsSiZ/lwQCQ=
Expires
Sat, 27 Jul 2019 12:11:45 GMT
532207.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532207.png?1383940811
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
920a3defda6e075bd5ce32ebb4def4352b165fade37338fb91758aaedc1fc098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:12 GMT
Server
AmazonS3
x-amz-request-id
P4F0NDWDB4FE25D3
ETag
"d6a1d3e270f4da6d5893fa7b94728025"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1915
x-amz-id-2
tjYZU6FBX6034a+YBbNiRZ5x9Wco9BstGTQtzXpKlteDluHXnC1mM9c9rjJbPI2RaRmW2F4isdQ=
Expires
Mon, 05 May 2014 23:11:24 GMT
532208.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532208.png?1383940812
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d03b6e90b232fb83c1da9981b5cb4012063ad310ccf71e33b5e8fd1fe2d8fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:13 GMT
Server
AmazonS3
x-amz-request-id
P4FAAT8YKZZ2WT5A
ETag
"4930ddbe02b550ef85bcc1d0c03c4a5a"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1971
x-amz-id-2
kVFFOk3Ujkb+V5jHA/oiqoglqGLwpKB7QIU5Jjxh6+PiJ46wubqxkhCOY3j8Zs5mcXBc1ztERyI=
Expires
Mon, 05 May 2014 23:11:17 GMT
532205.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		199 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532205.png?1383940810
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a45b9f8f42c2dba06a065e38d99ff5521de332c3197f9fb4ab8801ab4970e041

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:11 GMT
Server
AmazonS3
x-amz-request-id
P4FC7A2840GA7KY1
ETag
"b793897a973fe7efd6aed16f8809898b"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
199
x-amz-id-2
Xv0ZdOKkD7eoaZNCi8XlXplsCQe25cRY6UMP9o8m3ZneT5l3KN4r9iOcZwKUxwim0iG8ZH7JZ2g=
Expires
Mon, 05 May 2014 23:11:17 GMT
532206.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		515 B
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532206.png?1383940811
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2fd319c7809baaf44380af89d4d6cc83eead0773f5942ac01b8b5931c7abc336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:12 GMT
Server
AmazonS3
x-amz-request-id
P4FCVFTZNSZ0EM3E
ETag
"f5922a2b5d1fc74d17afe68c9fa5222c"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
515
x-amz-id-2
5WpcgGJXX2x3MIPQVNXXYRQGlgsBrJSUsdnxiUE37rGNIBu708dzxBY9MM38tU5BeNj8YYypNGo=
Expires
Mon, 05 May 2014 23:10:52 GMT
532216.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532216.png?1383940816
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
748d77ecc9866e292c4ae69636ea30b6fb1e6af8d88a8059e0af2176429648c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:17 GMT
Server
AmazonS3
x-amz-request-id
P4F7JKHG7NW0FV0S
ETag
"54fcfdf44787e7ebb805284cb89208e1"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1317
x-amz-id-2
TbeQo8gADqhk9blFCHbFA8/Pt9cUXprErfW/9+qwvIBP8saD2uyOP046iLcwerwAVNb9SxBR6uM=
Expires
Mon, 05 May 2014 23:10:52 GMT
532217.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532217.png?1383940817
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
240ac5cfe833b81f6607a9f702f7b30bc7383485fe86af4cd21b7c6d9cd2e3e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:18 GMT
Server
AmazonS3
x-amz-request-id
P4FBKSJPYBFVB2HK
ETag
"177bfb2a48dfcd9a39ff8f3d2fe61c33"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
1395
x-amz-id-2
g+eM1rHnXEjmShpTJRMzf4jSKsmxdbk3VvxgoeQQfMzORn62W2Xm+9iXIF1Na7H/vzon4OM9XX8=
Expires
Mon, 05 May 2014 23:11:24 GMT
532215.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		207 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532215.png?1383940816
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7c328c382892475e77d0d96832bfa0b35612da6a9705f013d588ef0393c04b88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:17 GMT
Server
AmazonS3
x-amz-request-id
P4F5S26K2MB4STDB
ETag
"0ce032c0be41099a5ace5b7039c3f1bb"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
207
x-amz-id-2
VM8I/CvEJvtJH/fYRZe8xEFb9+a7yvlMPMifcq3KqsrdIb4hi28gZ6llQfXmctsndkYydurp7nk=
Expires
Mon, 05 May 2014 23:11:17 GMT
532210.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		115 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532210.png?1383940812
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b033555869a4e4bbf069af142ba979c054fcff8d0f4d83b14d99a71b9ab07ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:13 GMT
Server
AmazonS3
x-amz-request-id
P4FBDPPW8J6MNW9R
ETag
"1b4f940be0a40f3f4ae32b79b4c8a418"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
115
x-amz-id-2
2jFaiTdi9yw3IUM7oeQuQQknSQFoGqw+jKR55R7gLlNH3m47bVMfaD6vyTXce3YAOJN9E7mGgto=
Expires
Mon, 05 May 2014 23:10:52 GMT
532211.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		117 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532211.png?1383940814
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e97fba31c1c44783c4852e361c7be30f2282ddcd4eb99dceb3ee9ca0aa94331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:15 GMT
Server
AmazonS3
x-amz-request-id
P4FEX3PEPW0ZW8JB
ETag
"7ba893c24882fc773894c658a5890c33"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
117
x-amz-id-2
j8wojJoBKGZNRnBXj05p7UVO41geklul3ZIAHAXSGCRle7mye7j5+a17PVyAPvPxiN8NGgSDYOA=
Expires
Mon, 05 May 2014 23:11:24 GMT
532209.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		108 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532209.png?1383940812
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4817af49d2bea29e98e801b84209ed1623aeb8d5e90d1ca362b7966166fb5824

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:13 GMT
Server
AmazonS3
x-amz-request-id
P4F5DVDHG7R49GAS
ETag
"1104b117d715aa58327a3a44467b49b9"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
108
x-amz-id-2
VQCRjp5UF81ItetEbHGA7Fjp2kZ6orG4YbEX3gW0Q9ScUVBa8f5V5u3rXvRjARaazwPN+RoVle0=
Expires
Mon, 05 May 2014 23:11:24 GMT
532213.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		147 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532213.png?1383940814
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
444c4c7901307178ed2d1362b09d15f689d48c3a4bed4e7513431ce155dc5778

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:15 GMT
Server
AmazonS3
x-amz-request-id
P4F1KW42P93ZV9NS
ETag
"d7170d3aa6b438e090ecff1acacb540e"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
147
x-amz-id-2
kqtUgYUm4daLYBee7HC68aOy1luexphjQ4pcCshGqiVbOiahsbHJNelEtZRF4hVPKh5Eb4D9Of0=
Expires
Mon, 05 May 2014 23:10:52 GMT
532214.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		144 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532214.png?1383940816
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
85e41af2f1124000f87c8a5caab08cd7568e2eeda71879c623fea4fbce4c469d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:17 GMT
Server
AmazonS3
x-amz-request-id
P4FCJ93Q09JZMD02
ETag
"3f1d53e8dee0438ffac5f80923889582"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
144
x-amz-id-2
aL6JCivQyseQQ0m9seXBysRQU67HrwcX/+l5thktumN5+QRolOAD8FmEbVv7vNPIsgyhe2VEbak=
Expires
Mon, 05 May 2014 23:11:24 GMT
532212.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 		154 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/532212.png?1383940814
Requested by
Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/614089-1687777479.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.34.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0635d732c479b8b327cc7ef699d1983cf37dd191c0cb911134d7be5d595a2bb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 15:13:38 GMT
x-amz-version-id
null
Last-Modified
Fri, 08 Nov 2013 20:00:15 GMT
Server
AmazonS3
x-amz-request-id
P4F4MRX2HQ2Z5D44
ETag
"9e1acdf4639abbc765ccea573e6335c3"
Content-Type
image/png
Cache-Control
max-age=864000
Accept-Ranges
bytes
Content-Length
154
x-amz-id-2
tLVGZLbxO9AyFUecaWonM0rQG9AFApxvcPCnRozua1eRIgHTHEHaqUiD6CgEBC79C32hwtv1Svk=
Expires
Mon, 05 May 2014 23:11:17 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8095a3340820ce55213e346d2372a41831749e81c7627a1021f797b3dddcb3de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137671
x-xss-protection
0
server
cafe
etag
12814626669979582067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:37 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 0B37 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 22:35:34 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 22:35:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
universal.css
wow.zamimg.com/css/ 		621 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wow.zamimg.com/css/universal.css?19
Requested by
Host: wow.zamimg.com
URL: https://wow.zamimg.com/widgets/power.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.146.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-146-120.txl52.r.cloudfront.net
Software
/
Resource Hash
66acb0da63a6bd83ae216a67aff9dd0e5cb8ce062cbb0bd3cb753f571cd9a761
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
date
Sun, 03 Dec 2023 14:02:47 GMT
last-modified
Sat, 02 Dec 2023 19:02:08 GMT
x-amz-cf-pop
TXL52-C1
age
4250
etag
W/"656b7f30-9b3b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=10800
x-amz-cf-id
hovNXZUPpuCL9bT8m-v0vYc6_9_CqtESIOiKvkCIaxKqyPiTMt1IXg==
expires
Sun, 03 Dec 2023 17:02:46 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/webp
ads
googleads.g.doubleclick.net/pagead/ Frame D1A2 		431 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1701616417&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417079&bpp=2&bdt=9193&idt=298&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4685527154867&frm=20&pv=2&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=309
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7ea243e5242d648d3676f2d56897b8ef5dbc837d1ec566fe1b32df2db98c3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
80872
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
expires
Sun, 03 Dec 2023 15:13:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=status_bar_position&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: demonic-empire.shivtr.com
URL: https://demonic-empire.shivtr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 15:13:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3E0D 		103 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7297c2ecf515557e0b5175fd9351133ee09934313f969083e7e19a7023643f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39048
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
expires
Sun, 03 Dec 2023 15:13:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
16907652481770719493
tpc.googlesyndication.com/daca_images/simgad/ Frame 3E0D 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16907652481770719493
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f55a94a767dc56cecddfcc0ce32d1695702a9b33b0af73ce516f0eb99b197d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:42:45 GMT
x-content-type-options
nosniff
age
271853
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49233
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 06:49:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Nov 2024 11:42:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3E0D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2096 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 14:31:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3E0D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:58:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
8087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:58:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3E0D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3E0D 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:38 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3E0D 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 11:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11854
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
server
cafe
etag
13719831398043079576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 11:56:04 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2096
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
expires
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3E0D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e4126cb248674bca1edc9bed3159dd32c5379e374d0df9d430ede9eff27215

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 3E0D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaVf2IZtsZZXAHufsn88PuYOLmA24q-DMdOvo3tv_EWQQASDYoKYEYJXyi4KYB6AB8-Wb0wPIAQKpAocWcjmKQrI-qAMByAPJBKoE5wFP0EKPVlcfM9lXOkynCBGJXwkh7RgtSldH1oszN4A...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227429827225286745570%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227429827225286745570%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979825395%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222319559934466879345%22}&andc=true
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"7429827225286745570","debug_reporting":true,"destination":"https://gameforge.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979825395"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"2319559934466879345"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 03 Dec 2023 15:13:38 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7429827225286745570","debug_reporting":true,"destination":"https://gameforge.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979825395"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"2319559934466879345"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame F59C 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1701616417&format=728x90&url=https%3A%2F%2Fdemonic-empire.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616417081&bpp=1&bdt=9195&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4685527154867&frm=20&pv=1&ga_vid=1873376169.1701616417&ga_sid=1701616417&ga_hid=915490595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079923%2C44795922%2C44809003%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1288991374634146&tmod=1878894985&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
60124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 22:31:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c6524065989c8dd772d9e322fdf9e6ee8c438800848a44afc1f3b2fb5269bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12274
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js?bust=31079860
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a3859ac1ef058daf2c3d5fbde83727a8705435b0c9c627ffd5a61f08942f28b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55935
x-xss-protection
0
server
cafe
etag
4630579496390297998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:38 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227429827225286745570%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979825395%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222319559934466879345%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Dec 2023 15:13:38 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 0D75 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 22:37:46 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 22:37:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame D0AA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 22:37:46 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 22:37:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 1B02 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=demonic-empire.shivtr.com&bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 22:37:46 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 22:37:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0D75 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DD92 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 14:31:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0D75 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:58:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
8087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:58:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0D75 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
11265630904673588250
tpc.googlesyndication.com/simgad/ Frame 0D75 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11265630904673588250?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnohFHUZrcdEB9P80F2UhsrRCvadw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54669a70b5e62b02ccef1ed4f5bae8b65450791e14e85837c0e58c4004f7a30f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:08:08 GMT
x-content-type-options
nosniff
age
230730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35437
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 10:57:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Nov 2024 23:08:08 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0D75 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:38 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0D75 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 11:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11854
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
server
cafe
etag
13719831398043079576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 11:56:04 GMT
11265630904673588250
tpc.googlesyndication.com/simgad/ Frame D0AA 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11265630904673588250?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnohFHUZrcdEB9P80F2UhsrRCvadw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54669a70b5e62b02ccef1ed4f5bae8b65450791e14e85837c0e58c4004f7a30f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:08:08 GMT
x-content-type-options
nosniff
age
230730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35437
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 10:57:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Nov 2024 23:08:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame D0AA 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 93CC 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 14:31:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D0AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:58:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
8087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:58:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D0AA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D0AA 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:38 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D0AA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 11:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11854
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
server
cafe
etag
13719831398043079576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 11:56:04 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame 1B02 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 14:04:29 GMT
78b00c21e40332afd18050ebd59c6b08.js
www.gstatic.com/mysidia/ Frame 1B02 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4753
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 11:48:29 GMT
css
fonts.googleapis.com/ Frame 1B02 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 13:17:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 15:13:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1B02 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 1B02 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1B02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:58:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
8087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:58:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1B02 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
69088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1B02 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 15:13:38 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 1B02 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0761 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8086
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 12:58:52 GMT
expires
Mon, 02 Dec 2024 12:58:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29FB 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fccc1e08bebfa61a16d1cbe80ec63563259e11449c57cbf1c08e6b1d74d59cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MjrDriIHM7_lFdAX7uCDuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://demonic-empire.shivtr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MjrDriIHM7_lFdAX7uCDuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
expires
Sun, 03 Dec 2023 15:13:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame DD92
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
expires
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 93CC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
expires
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0761 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
147660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 22:12:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 29FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1288991374634146&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
truncated
/ Frame 0D75 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bac4dbe81f0ccaff728a00c369eead7e180295f9527a8aaf98e0ba2617ca7de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 3A4B 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
60124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 22:31:34 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7868538746484571617/ Frame 1B02 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7868538746484571617/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e1cc6bd00ebb8f9fa226fa654b926cfffde1c4d97bdc510f38afee85983b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 03:45:07 GMT
x-content-type-options
nosniff
age
300511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1401
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 06:53:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Nov 2024 03:45:07 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 448D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 14:31:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1B02 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6ad61049e1e3d2d6795e20b93f599d4c9516f8e618f83e7c1e3aaa267c6427f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 0D75
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C-7CuIZtsZZvqHqyo2OMPieCGuAzVprzIdJbPp8WSEr2T8siNDhABINigpgRglfKLgpgHoAHOq4fUA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTkAU_QGU_jTYmIfgjutP1lWefAzLw0lbvsI7L...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225534530609314499669%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225534530609314499669%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212696897077267875649%22}&andc=true
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5534530609314499669","debug_reporting":true,"destination":"https://concept.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981587406"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"12696897077267875649"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 03 Dec 2023 15:13:38 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5534530609314499669","debug_reporting":true,"destination":"https://concept.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981587406"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"12696897077267875649"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame D0AA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5c6f9c182610c8b212256679f06a049091457b1621a0fa87e639618b33288cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 7292 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
60124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 22:31:34 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1B02 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:01:51 GMT
x-content-type-options
nosniff
age
324707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:01:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame D0AA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFex5IZtsZZzqHqyo2OMPieCGuAzVprzIdJbPp8WSEr2T8siNDhABINigpgRglfKLgpgHoAHOq4fUA8gBAqkCXwoFms8NaD6oAwHIA8kEqgTkAU_QUHsfsuO_yIfeBhGqeOq0w2oix62nX1o...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225234204295853103770%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225234204295853103770%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225631860107907769105%22}&andc=true
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5234204295853103770","debug_reporting":true,"destination":"https://concept.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981587406"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5631860107907769105"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 03 Dec 2023 15:13:38 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5234204295853103770","debug_reporting":true,"destination":"https://concept.cz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["981587406"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5631860107907769105"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225534530609314499669%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212696897077267875649%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 0761 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2tGa7g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 448D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
expires
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 15:13:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225234204295853103770%22,%22debug_reporting%22:true,%22destination%22:%22https://concept.cz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22981587406%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225631860107907769105%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 1B02
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIdbnIZtsZZ3qHqyo2OMPieCGuAy4q-DMdOP93tv_EWQQASDYoKYEYJXyi4KYB6AB8-Wb0wPIAQGpAocWcjmKQrI-qAMByAPLBKoE4wFP0DwMPcx0mfQeCBhxc2QYIuAGd0sRL3NCOL4Ohnf...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211570193113753023507%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211570193113753023507%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979825395%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224490807544287725601%22}&andc=true
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11570193113753023507","debug_reporting":true,"destination":"https://gameforge.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979825395"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"4490807544287725601"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 03 Dec 2023 15:13:38 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 03 Dec 2023 15:13:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11570193113753023507","debug_reporting":true,"destination":"https://gameforge.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979825395"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"4490807544287725601"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 47CF 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
60124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 22:31:34 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211570193113753023507%22,%22debug_reporting%22:true,%22destination%22:%22https://gameforge.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979825395%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224490807544287725601%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 15:13:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3E0D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWssZEIZ2bkONNxEuq1nrh65-FsiVqt4Rxb-9J2YXrU_pL9i3XbFIxz6qeACYE3hhCKTalHViK_FS5fvP7rs78pAQz0aLhnC_ivzrv5Iwx1gQ4ae8V7bx18EDWRQh598YCatdbePvgu9yW&sai=AMfl-YQyMG9W3QY4vCiqFggFgtUogQMhzQAYdB_5gDIao581LNQez7W5iO_2qGp8Ft5pgIY36PizWwBePSSm2q8DpP0DB05kasi2Q3lbPZRJupsSGlRc2j72WE7ZFp-xR5Lvw8pxZ-rC-2xyGtoQApuMwnvZuBQpCIau4uY&sig=Cg0ArKJSzMEajIdCq9UxEAE&cid=CAQSTgDICaaNi7cO_S1bohZK7zB1VQA1Un2m_eftLiB2c-W8nJ7q5vfKZs3Cei6XmGrIB5n578qMq14Jx_48dhw3t-BFAf4Z_CfDQDLhM-K9YxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4229348686&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701616417396&rpt=801&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 15:13:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1288991374634146&bg=!KimlKWbNAAY3kmNgF5I7ADQBe5WfOJniD2Y4k8LV-vr72u7Wp2_jLD4dYNF4EDrDKmASm22vuK1ogA0WHSu6a0P1f6inAgAAAOpSAAAAAmgBB5kCz7iVCJBn4Foaf25MMKS-NlU1PqlAcjlfG3oQMk_Rym8-85HMWTI37jcu8NfDGKuDGupktS1nrvidezQohEaVmexQyDWlx8wSmNO4l5M720NzNaPPBbe3ZWyANs9eX6GdpSBC7_ydSp6poLfwNLLsQojIa3sFzj1QgtBJUlDv_sk14_B-czAD2BAdIm9fsx5tH9r7R_xz76F5RuG2ReVcBYAs22GLjZ15mpJfK6ebCsHC7QqsyTdiopl8ZNT843tApMHZHQVBHOM38U_mozc1cWAj1rpfLulRyuMN4XDkkRSBzC8L4N2Jk7EygQkpzYapzaYXrZsiy8cEG6RFmkMn5GxiR7JlvpxS2c9DigjOupM55zMP3yDe-CJuvlfcH3g8mETTHtCxMkn8J7_02UHqffO-D0jKXIL2H3y_aMUfrw4UndveWcoHsEjD6e1lpob7zzWBHNRmffD8Tc73yuyMLZLvHKPFtjl0yxFCumiedfpFuGtj-dPsErMOHSgWUbgWouWoLBUpH5IpV2AYn0CDoNszDE0zZmdKJFoU96mOWFWkpHTFh4_NNmZyxw7YR7SBXOgHp0yCxNkN4_3w4t0njZH23JJAbYGXFvqaNlIJ_kA_bQM4kb8eCWHM5dSGQKXsF_P45WMATrh4RMCAXM78kwM0JH28p9K9sYRWMZ-gU3wF6RpuUlGc_yY0Ih8xnMsCdh10E3_xY6O6RdpyjQ09BfjYqiOM-RJ5fiTyxAHIX7-eXWVwX8Y2osYVeoc_ctg9S3d2dzXTx5kXF88EWP2t03WeQycy3wk6VJOd53n-Nrn3zH5EX5UKbjWtRVU5057mhYj1d9WklJYWmYO9GJ-SpTsm_GuioAVMOSHE6yB7ojOiOf6XAUNOQRjWlk6q4xGAU4Hpfkiznas-51-s4T55VHyxcQD7Ha_0T6KQlTZiDwe1l-GTPVGuLn-Wgp6BLU2K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://demonic-empire.shivtr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D75 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucAqgYaUBD34OEkxn84mbaWaIdvDfKZY47uXVEKW2svn_VmfLYotxfgjxqgOhkuhEQ6JDgIjt5YO1Geb_yhKoCiM794PGQnhEJGqpnHBZuHwQXU3OtcSKMtLLuSG8ghOs1BWcUnwzSUyFVbdhXO40LLXFXZob4NfrXDswqT2bRm1e9NvgzEUCvkmRZfBuIqqq1p9_-ZZ9E1xy6WD3epiafbBt1w4kyoExNwFN5wl7-OBRDIQrklC_FqE_vMD4x6tmmWpKDtbVxBGdunhpwESNwVc3f_qZu5iEkv--GNy8jmg5L7YGSGJ0Xf2TZx7_w7eEJ1hA0mny7CJwU_T5ig-4BscI0zeu8QjslAn9dkYWB5XyD71g1aHw7tkWSClEpYpvylvCiO8k3GzVNm6Hy8b1kxPix0Ej9McbK-gtMjfIvjyxDFJDvLu30xyQyKNfKDq1VDrwaxVZlAC09QiozY8wA5f3YDGWumUpmCBJ7djuNEuDDvq_iUr0ZJnQxSbSW_H7qSmK3rhrlDg2HZh3m4OZl8WlV7rYts_eNuFC7HadbWlr76UjiHClF7rbK2ARs6HDH3MSupVDLjH3DbZFiPwyQzSRqyUNTM_Hfq_30ANIwtPVAnfCLV91rYrZbquwmnzu66mZg_ZlPVdQvhuI_ueiig38DtoHgS-TwNDzt9KWv5xZ_1RaOxp6mcnMqlGRWhZ-OxMc7WqFch7eChljNn57nsdHOgpGCRHDx4fryzJdmDlErhVEzIVi0j2pUX4FJeb3i0tE9RRoLEfMVgc4lsj3vlIxTuqCSvukw23qA5kJq36zQXWmqboL3q1UgB56-M40MvAZX0BfBO_mEQFkk0xtR8W0bWgEMiD13Uci6xkgpP0RDPCwcYzDBODsLFUR0PI8U8-AtUjePPPy0ZqmFlt9zTUpuzt4bnJGHHNmJayn65ug9DrpECyN8nB-_OSINxFWMJUKZ_OHo8IjC7o4DdC7jmKU9wMPQsKmGARGbPdkxWPqLeNJnzb0j-odmOKRX4uvF4J7A75LYB2UN9tqnp8gXJt-IFEf6ZHjtL9RgSpONtiOXeuIYHoRRqHWsV6I4p_OiRj1yzqKRCd6scKoVQLcxfWKc93tA8rFGnLukqqJK2teVjAgAmb5muG-r5znznUOwLFbccFMEYjMwYydN2svRvZgVggBtMiuK6eVwuh9yHa1NPpQZ4QHpu0yhStoMEw-oyeTAajiKFaJ2za5AW-SyBHIJNgMld9vaQQ4o5CbkOBwKKUlUILL-_1gFDK3WLufhgSQvS9OdjQiSpm3mNQNeCV4QzJXiCmaHq8LWr71s&sai=AMfl-YSqFMBUwHqUFs0OiDvfWVuANirIXeNinWj97IF90PEaBohygP_GWIcNS_kTJAcQXgTfiqn3179Ehi20p_wVU3kxxoYn2gJMeOvXIKyCtJxeaKo9m-4qNfjr3OCDj39AQ7Q9vWBm548WvSrMQvmOS9j-_9_w6v-RojIIhJGK1s0GGN7s7A_-FQ&sig=Cg0ArKJSzPqU4O9aImnJEAE&cid=CAQSTwDICaaN7lim0w-GGG4YMr_nwzXRlrZColCRtWaWqewhLrcwMKT5bSKm-dJxmgoiQKO868VR9i7pCantBWbg4ORYoNjSGoVyY-JEEf9cXSkYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701616418359&rpt=79&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 15:13:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D0AA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssg1lpcKgAdhM282W6trPlM2KCMatDj7jj38SE_jhGrcNj0jfrwYpOIjop2lhPVH0sbv3_wxf2hUJt3nNo0IjfH9plhZGqV_9P-Ti9MRRX1cwXwA4hbiaX41wxnho14Tl05jYzRmsnAXkPRKO5kzULjC5WUUUHhS5k4rOyINUH3L1VqgXjgCFWUAY-vuy81n0J3Xx_j6jc1SSp0kfyGGDZpOh8qQWynRCPDS6jH31x_u9kFQ99KFB7rd4L-78MkmzsVxECGZraUEqxG-l-YLg_YVMzlNoN6ruHDQgQSGpyWAWijngRCOeDd-E4tDEh223apmT7JsxW9mw9BEB5dEvorXZkW-_EAYz1G5MwXn81zYnLOJHyWAuaYoBsDHh4EXG5rXnoLzJFztnOoONgZCzWldGlVcqARAx4EHCps4_TTPonXswmyokhdjP63nyQraaYXGQDp-Ma5mv2pPfE7vM12-hBXqa5sPASG170f3UjTqYv87c7zkBLj6Qub77LATIvjebr-JuqY7tgf4FydNEX7f0mk77jLuxuAlIRCP01qhOP2MMoRCtnCSbIKgxSzlS5sy59FjNi66HdHXmmVKrsy9ioa5C2nexcEA7Sp-G2P5KcTogrPaB4Xy56dW8P0aBqO1l7tY0jXGBJY2SfUP5H3oASPDwKXSGXd7puGRxHMm-naPPdFXXfyCsFR2cxqDUs0EwwZYKhQOWd4NvHTo1i_mcOfTacJaU14-LfGE2V4qAXr8hDcO_VIauSm1AnWOK2eJIqqhSF9FQKr-f7eor6l_yTtdd760HN7M9n1jk9YvLxtY081W6UKC73E9XdEgdGkfKb7SUIFOddH54vV86P3QltLPWrJtXZjggHxaDmkCsMPuyHmc6EGE3LTuUw8kdeizHRLY00YQoiCw5rTf4dtSlBh1pUjFwoX99o7ld-yW-pCDbWFv3pnXb2FT8MbAbTUUaC_mraG0XHYN1hbOFkAjK5N6FFCPTLIujQSiaWlv6QgDId4oaDH75oQdKqqcRGbg4g4hC2SfEowNqPvaIpAmLTuMvzx4o-JxZ_rfC39jmwudcf0avEE-WTPCPlCLvwy33QLFd6JK7Z8FE4RRaXSJlp94jU713I6z0QP52wgt2mGkVulO3gsq3ee-BwaBF2-2C-Ay2kLrYe0zjV9Elsv9vwLMNRjdMSYEHh6pWd_vyQ-n4AfJOl4fH50yUHgw80Z75koSkUBosfUxRfhb-UzoT3WpEIDHfCGj6wOQNZfYzOInKr7_-bPWLPsPGvHEwM5ZMppkNrZTXPgVJYT-z-TGi1VukCh6ypMtNvODncf&sai=AMfl-YTdQBTuvZ_KE3qUxiiTSHQVI205qspETeqHcNNq9axV8qy6ns_kh4PIV3x67HK5DTrFAcldUzkUKNaA3tosgo_WbCacDI4H59dbBEpaYdTazANgnc2VIO4tnImLVEOPQniH66mPe3UOsNPlFYovLn8YThDBQLRQ9bqtINVECe20453OiAXvyQ&sig=Cg0ArKJSzO1Ine9eArGhEAE&cid=CAQSTwDICaaN7lim0w-GGG4YMr_nwzXRlrZColCRtWaWqewhLrcwMKT5bSKm-dJxmgoiQKO868VR9i7pCantBWbg4ORYoNjSGoVyY-JEEf9cXSkYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701616418361&rpt=156&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 15:13:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1B02 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVEOiB1pGcdUGXSyrV5O2gd7bI-GgDchR9T5xRBqq_qr4CpQh77EhMeQRFjP-gXWgtoVRy5fB4HV-ryCDoAA6jOrk6S_L_pSRa3mTv1JOFB9TZUtRFp1ecjtavNOw7nOvrfCAz8y9CE9Vf&sai=AMfl-YSohbf69mW8M7LIGLnUcrrhzXypi5fKDUD62b7y7k8Dji_WMsQL_7EvXSuEcXpPCQCGdTOAw84W2V1D3NVL2G1Xt8JMO4O805uQ2WtxjSnZR_kiO5dXSuhtnZNLZVD_aB76r3eGINuRiHN9Z0J3dHkqpSN2UN6K9Y4U&sig=Cg0ArKJSzC82cZKCynpIEAE&cid=CAQSTwDICaaN7lim0w-GGG4YMr_nwzXRlrZColCRtWaWqewhLrcwMKT5bSKm-dJxmgoiQKO868VR9i7pCantBWbg4ORYoNjSGoVyY-JEEf9cXSkYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=100,783,1000,1000,1000&tos=100,683,217,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701616418364&rpt=385&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 15:13:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture function| setCookie function| getCookie function| deleteCookie function| bbcodeHelp function| getVideoParam function| centerModals function| get_time_difference_in_minutes function| get_local_time_for_date function| distance_of_time_in_words object| Duration object| TZTime function| $ function| jQuery object| jQuery1124016352198470272894 function| tmpl object| App function| _ function| Class function| Picker object| hopscotch object| bbcodeSettings object| bbcodeSimpleSettings function| positionFooter object| AionItem object| Gw2Item object| RomItem object| VindictusItem object| WowItem object| ClassicItem object| ItemTooltip object| Shivtip object| MainTooltip object| ProgressionTooltip function| Chat object| ChatEmotes function| ChatMessage function| Pusher function| WhosOnline object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| miuScript string| google_user_agent_client_hint object| Icon object| WH object| g_itemScalingCallbacks object| Locale object| $WowheadPower function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
demonic-empire.shivtr.com/ Name: site_game_id
Value: 184678
demonic-empire.shivtr.com/ Name: _shivtr_bakery
Value: cl6sOrYgpXhXWmEjJeyGIZbANE4oA4FaObU9S8bIiUdKFS6uUDF6FmnOlfp3TnoQ%2BFh4Bjz8rKzowv9yTpo9552%2FtqNh5Qzgkp52HurPecn4XQO22Z%2FVajXGvLiDsHWJKJx6PmSFrruAu6gxkm8s1ZxwYg7NR5TciPxMZz%2FtDXMD182%2B70q1J2oZmKTFZqB4OfyuppeyOqT2GlR1Ms8zAhrOcis2esqJRbH%2FLy%2Bolg7gT%2Ba9MbioJCnclIvzBZExaDs3RnRToFkV%2BbGj4LBHt73smmi5L4rwVZYGMDnmp2s0RfGJFIs%3D--%2B5p2u2PdbOy%2BtBrn--pq8i2mQCGH1xmUYv%2BTqCpA%3D%3D
.shivtr.com/ Name: __gads
Value: ID=307d3235bffeaaee:T=1701616417:RT=1701616417:S=ALNI_MY-cq31d8sHvreZTgp9m-4yhBfFmg
.shivtr.com/ Name: __gpi
Value: UID=00000ce291094c2e:T=1701616417:RT=1701616417:S=ALNI_MYHzam8PB1Hacl3Hie1vMIP3VMReA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnMUdOgNjIqUNyMCJZBdoOsSyPvmS6MWrVykMAy7zvGkh5IFhbxJ1IOUazn89c
.googleadservices.com/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demonic-empire.shivtr.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
res.cloudinary.com
s3.amazonaws.com
static.shivtr.com
tpc.googlesyndication.com
wow.zamimg.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.wowfan.cz
142.250.181.226
16.182.34.160
192.0.77.2
2606:4700::6813:a741
2a00:1450:4001:802::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
45.33.21.148
46.105.124.43
99.84.146.120
0101f1a2e65d66a8af54470ef2853f727dbaed3caf9aabaa522c9c46880f7e58
0635d732c479b8b327cc7ef699d1983cf37dd191c0cb911134d7be5d595a2bb9
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
160f9c28c35e4390cd35e90cf1ccb3d80a58de14da97300d738b4e65cf54c7aa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
240ac5cfe833b81f6607a9f702f7b30bc7383485fe86af4cd21b7c6d9cd2e3e8
2fd319c7809baaf44380af89d4d6cc83eead0773f5942ac01b8b5931c7abc336
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38444148a2237a29af423edbe716ea9587872041585593d569fa13206db7a80e
39d6d9bd28c98ee22e4b34718335d12ba1140fd926e01d438a05c63c14bfe455
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
444c4c7901307178ed2d1362b09d15f689d48c3a4bed4e7513431ce155dc5778
4817af49d2bea29e98e801b84209ed1623aeb8d5e90d1ca362b7966166fb5824
4d03b6e90b232fb83c1da9981b5cb4012063ad310ccf71e33b5e8fd1fe2d8fb9
4fccc1e08bebfa61a16d1cbe80ec63563259e11449c57cbf1c08e6b1d74d59cd
54669a70b5e62b02ccef1ed4f5bae8b65450791e14e85837c0e58c4004f7a30f
54cc0e7807cf8bdf5d48a2930fbcd3b5a30b0dae8cc3bbab2efcee6fad1a092d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e97fba31c1c44783c4852e361c7be30f2282ddcd4eb99dceb3ee9ca0aa94331
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66acb0da63a6bd83ae216a67aff9dd0e5cb8ce062cbb0bd3cb753f571cd9a761
6a3859ac1ef058daf2c3d5fbde83727a8705435b0c9c627ffd5a61f08942f28b
6c7297c2ecf515557e0b5175fd9351133ee09934313f969083e7e19a7023643f
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
7088d6c86fda7a1dbd11ce4ec06ab4cf62f816203c1a68092d8b87bb847d2ec7
748d77ecc9866e292c4ae69636ea30b6fb1e6af8d88a8059e0af2176429648c4
74c3eeecd923e56f2d4796ea18d4acd478cc329cdbdca2e51b55573a69f301c2
7c328c382892475e77d0d96832bfa0b35612da6a9705f013d588ef0393c04b88
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8026b77a36d1a7e20e512f163552d9b6634d5437c0fb7b18d6aeb0650cb92ca7
8095a3340820ce55213e346d2372a41831749e81c7627a1021f797b3dddcb3de
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12
85e41af2f1124000f87c8a5caab08cd7568e2eeda71879c623fea4fbce4c469d
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
8a4acdbc5956c3196a8c4327078b5364d58362446a3620aa375085c0b4a4411d
8c6524065989c8dd772d9e322fdf9e6ee8c438800848a44afc1f3b2fb5269bd4
920a3defda6e075bd5ce32ebb4def4352b165fade37338fb91758aaedc1fc098
9301f07ce28c09e87781be0f793b1eec60e04eb986e7b58bb99aeecfc1b7669a
95177cb9a19bb527f7ba16b9f0d2ff334091efc9c01ecd2bef69435fd3be7126
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
9f55a94a767dc56cecddfcc0ce32d1695702a9b33b0af73ce516f0eb99b197d1
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a24b219c5dd7b0c9efdb2ffb85e250809341705b37781e9b00435f9b8c5e2e3f
a45b9f8f42c2dba06a065e38d99ff5521de332c3197f9fb4ab8801ab4970e041
a5e1cc6bd00ebb8f9fa226fa654b926cfffde1c4d97bdc510f38afee85983b64
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b033555869a4e4bbf069af142ba979c054fcff8d0f4d83b14d99a71b9ab07ca2
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b6ad61049e1e3d2d6795e20b93f599d4c9516f8e618f83e7c1e3aaa267c6427f
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
bac4dbe81f0ccaff728a00c369eead7e180295f9527a8aaf98e0ba2617ca7de7
bd777b49e978d13efd23e3c33717d52238ff7f3d31d5085f7a2069f6de94c48f
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
c2e4126cb248674bca1edc9bed3159dd32c5379e374d0df9d430ede9eff27215
d6eade1ffe31d8226156f5c00fb48810841b02e60dd16f190205b162e8f73dc2
d75a105ae665367fed5c8b4f861ef14368df2ddc603b7777140164b0d57c333a
da535dc8327aeefb24419b1e0ede8a240e871500d9e19e3de223e2c15870b9f5
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ea243e5242d648d3676f2d56897b8ef5dbc837d1ec566fe1b32df2db98c3a3
ecf5da7b1ed8a50421903fd4b3af4871c1076f9cfe6179d7c5634df8ca365176
ee3affa7a75a5dab262c3796ec8926c8852a2040a013cf9421e284e88ce0930e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c6f9c182610c8b212256679f06a049091457b1621a0fa87e639618b33288cb
fb5c4823189de96a79333f174d56e8e2fbfb058c467c475ad2217de7ea655c3d
ff4094a2d0a0df94d358f9363bafe98fb4ed45601b46456651bb7ae23a48f625