www.boom.ita.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.boom.ita.shivtr.com/
Submission: On January 03 via api (January 3rd 2024, 9:15:31 am UTC) from US — Scanned from US

Summary HTTP 69 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 69 HTTP transactions. The main IP is 45.33.21.148, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.boom.ita.shivtr.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 2nd 2024. Valid for: 3 months.

This is the only time www.boom.ita.shivtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	45.33.21.148 45.33.21.148	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
10	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
27	52.217.43.166 52.217.43.166	16509 (AMAZON-02) (AMAZON-02)
1 3	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
69	10

6 45.33.21.148 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com

www.boom.ita.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.217.43.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.64.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	amazonaws.com s3.amazonaws.com	1 MB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	401 KB
6	shivtr.com www.boom.ita.shivtr.com static.shivtr.com	212 KB
4	gstatic.com www.gstatic.com	46 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	48 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	62 KB
69	8

	Domain	Requested by
27	s3.amazonaws.com	www.boom.ita.shivtr.com static.shivtr.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com pagead2.googlesyndication.com
10	pagead2.googlesyndication.com	www.boom.ita.shivtr.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	static.shivtr.com	www.boom.ita.shivtr.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	www.googleadservices.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.boom.ita.shivtr.com
69	10

This site contains links to these domains. Also see Links.

Domain
shivtr.com

Subject Issuer	Validity	Valid
www.boom.ita.shivtr.com ZeroSSL ECC Domain Secure Site CA	`2024-01-02` - `2024-04-01`	3 months	crt.sh
static.shivtr.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.boom.ita.shivtr.com/
Frame ID: 9865F5AEB8399B214DF58ADE90FD6CCC
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1704273326&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.boom.ita.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273326340&bpp=7&bdt=884&idt=291&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7175825294586&frm=20&pv=2&ga_vid=1367836677.1704273327&ga_sid=1704273327&ga_hid=1450756037&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532600%2C95320885%2C95321253&oid=2&pvsid=1651374430306029&tmod=896349542&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 0E9E2477BF6421ED840347FA12830573
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1704273326&format=728x90&url=https%3A%2F%2Fwww.boom.ita.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273326347&bpp=1&bdt=891&idt=311&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7175825294586&frm=20&pv=1&ga_vid=1367836677.1704273327&ga_sid=1704273327&ga_hid=1450756037&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=307&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532600%2C95320885%2C95321253&oid=2&pvsid=1651374430306029&tmod=896349542&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316
Frame ID: 7B726BDFB2D302F6A51DA0CFCB05A2CB
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
Frame ID: 073C8FFD64DBED87CC563378810E2811
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: D5637F845C99DF4F859D73B1B9F0278A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01376082BCE50544F9BB3DA209E86DCA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FACAF1556A2E6E3C18A472345018562
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bibbidi Bobbidi [BooM] - Italian WvW Guild on Guild Wars 2 - Underworld EU

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

69
Requests

99 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

10
IPs

1
Countries

1832 kB
Transfer

3314 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://shivtr.com/
Title: Guild Hosting

Search URL Search Domain Scan URL

URL: http://shivtr.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://shivtr.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://shivtr.com/legal
Title: Legal

Search URL Search Domain Scan URL

URL: http://shivtr.com/security
Title: Security

Search URL Search Domain Scan URL

URL: http://shivtr.com/help
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://googleads.g.doubleclick.net/pagead/adview?ai=Cwt6VriWVZY-pM6iG3rsPsIa3oAaEuZjMdN2X0YT6D5_V1qq8ARABINigpgRgyYaAgNyjxBCgAciQz-UDyAEJqAMByANIqgTaAU_QK_Eg7UbhKrJdB4xpRwRkTmpm5ifMSDcV07w68m3jz0V2o21yHI7T84-gcfprk6TnMlmoh_XbQNuhinCMtdzvF-Rv05UYZQ__yWaatP03AyYbM0eClbFakxAe5wjmrJm1t77XYKxpc4Mz5gSvui2ce-j6ekE4iPtcxwsWK8GyRWdP26-YYfw-kcRgYibJ7GVyRLkzwd3eVp_69NZFUZzwvqxzHy5lKJzWqAkP6rWOrraU4x-otCG_o2cssmOL885MMnugCdpsfoZoojNcCBgH5Rqg1-osmlElwASF4LKXtQOIBcayiacvoAYugAeg77AaqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQpJ820ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli2hvzx8MCDA5oJI2h0dHBzOi8vYmx1ZXJoaW5vLmNvbS9ob21lLWRlbGl2ZXJ5gAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLaDBAKChCguOnj4bjG8TESAgED2BMD0BUBmBYBgBcBshccChoIABIUcHViLTIzNjcxMDgwNDgyODc1MTUYALIYBBICs04&sigh=bDiq5dzx7l8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_LaDGXnpYa0KZyv3iM9ktdpZgegEq-GhIgRAq2bDhymgPxPBtzBpc8e2k9bugqDUznrciv3WUHCbxTeP0zTsVwTsBtENi6f8kyRgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78bb242dca5cfef90000000000000000%22,%222%22:%220xd97840c5e729a6680000000000000000%22,%223%22:%220x905b6d704b60d0650000000000000000%22,%224%22:%220xd19082c4b59781840000000000000000%22,%225%22:%220xdeb1169104da62b00000000000000000%22},%22debug_key%22:%226954454048829591980%22,%22debug_reporting%22:true,%22destination%22:%22https://bluerhino.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221018415176%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226335708082157050529%22}&andc=true

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.boom.ita.shivtr.com/ 9 KB
3 KB 920ms
243ms Document
text/html 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.boom.ita.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li975-148.members.linode.com

Software

Caddy /

Resource Hash

e4984a602fd625116311156a8046809de9af1fe50b8da845a3c762a4b9db7ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Jan 2024 09:15:25 GMT
etag: W/"e4984a602fd625116311156a8046809d"
referrer-policy: strict-origin-when-cross-origin
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 6f1be815-c96a-4650-9c84-9195648464b9
x-runtime: 0.181021
x-xss-protection: 1; mode=block

GET
H2 200 guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/ 218 KB
38 KB 207ms
64ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:25 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq4s2q"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 475617-1687777065.css
static.shivtr.com/css-cache/site_themes/ 31 KB
5 KB 321ms
179ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 2143f56253baced8dd81f9a3313880202ca0a5e514b9caf1e02eda9e3c2faeb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:25 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 10:57:45 GMT
server: Caddy
etag: "rx7vs9ovs"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js Show response
static.shivtr.com/assets/ 608 KB
166 KB 266ms
123ms Script
text/javascript 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:25 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgqdcmv"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 259ms
122ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0da83b19969098fa7ace3d8d02a3d6d8f568be28abb0ee15d2fe38d4d690011e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51288
x-xss-protection: 0
server: cafe
etag: 4241944094672280131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:15:26 GMT

GET
H2 200 favicon.png
static.shivtr.com/s3/missing/ 382 B
460 B 206ms
64ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/s3/missing/favicon.png
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:25 GMT
last-modified: Wed, 28 Jun 2023 04:24:58 GMT
server: Caddy
etag: "rwy49mam"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 382

GET
H2 200 home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/ 250 B
291 B 206ms
65ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/assets/mobile/toolbar/home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:25 GMT
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq6y"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 250

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/29/ 982 B
1 KB 226ms
106ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/29/out.png?1351898515
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 425fb30ee5ccadbea64024ba26c1a4c9e21cb12adee74ad547832652867c2d8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:26 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:21:57 GMT
Server: AmazonS3
x-amz-request-id: 88JVK9H5FF5CW00T
ETag: "8be043390f566c4d2f523370f042f7ef"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 982
x-amz-id-2: 73xf/NbWHry0l1iSIY5+eAq7d3VxLyQDu2A7hHZ4/12L0RdDkW24zSy0vo1bmj0XWD0f9lt/YUM=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/32/ 1 KB
1 KB 205ms
91ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/32/out.png?1351898524
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ef55410449ba3d13c62ee6b123712ae3b3f1d70e6e4b92004f8b64005790a87f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:26 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:22:06 GMT
Server: AmazonS3
x-amz-request-id: 88JVZK2PJB5KQ8YB
ETag: "4daa774e8cf2df843b63da2529802ab2"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1029
x-amz-id-2: F63N973WIBzc9r0femGdqGo5nv0XaW7rHh9PfzkQtubUPvgtHsC/D6k9xDBUheXU+itPko80DEo=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/25/ 1 KB
2 KB 94ms
94ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/25/out.png?1351898534
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f08d07039132183bd86625ef2036b723087915822028fd2c87d78e144b71c27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:26 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:22:15 GMT
Server: AmazonS3
x-amz-request-id: 88JN789X0JAD2943
ETag: "b9a96ed32a7e22f093410e2706fed651"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1094
x-amz-id-2: RKin9PGPjG9q7TyaSxi1TfM+MM0JfbZBBdl/reDXp52xgtt/FK0Vj4MM4LNj03OCQ1UFIbqh/nw=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/24/ 1 KB
2 KB 94ms
93ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/24/out.png?1351898542
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0ab5ab99fedfbce3ded43cd7992321d292ceaa4ea647309a75feda365c3af52a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:26 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:22:24 GMT
Server: AmazonS3
x-amz-request-id: 88JHK8YRHWTM6Y7W
ETag: "c1cc7c71b6f4b547df2fc395c4985354"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1111
x-amz-id-2: CjdmLv73+wYy+H5yOIDuHsooVt1GOKQmx5PqRGyQYBkTREaFUwVH7ElNuIWM/sYz1HnSsl867dk=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/27/ 1 KB
2 KB 511ms
116ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/27/out.png?1351898552
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 781e9454021f263b9946fd075612e4f048576576868b48825c661016e6bbc157

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:22:33 GMT
Server: AmazonS3
x-amz-request-id: NB727DQZ7BQ79QSC
ETag: "aaa512f9e06fb947ad643de44952b0ba"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1119
x-amz-id-2: Svz1LdecjNUcH6s6h5Ttj8mkV8OuiRz6HSnvEsBE5FIB64qBRmy49WmFAbBgcIcXlIR2F6BCqDE=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/28/ 1 KB
1 KB 482ms
87ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/28/out.png?1351898559
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3592a30c29aff62b521a721c0247c3d2742bef28c2439c4fa3841d37a1bcf83c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:22:40 GMT
Server: AmazonS3
x-amz-request-id: NB76GQ8SWFEWQ155
ETag: "71922264cd6f91c370acbd7794322168"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1080
x-amz-id-2: FnoIGmYYlk7H0barnBMBSe5keJOnXV6A2MURmawMA+fxvmtewvV1wpHBfYl57yzxWigAEmJmESc=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/1453/ 1 KB
1 KB 510ms
106ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/1453/out.png?1433243650
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f769320245048f11fdfb85b5545b8cac0b00907dae463248a94a65422a5ce9df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Tue, 02 Jun 2015 11:14:12 GMT
Server: AmazonS3
x-amz-request-id: NB7DD5KBH1AZTDBZ
ETag: "9cfae081970c5c5a88bf1e0702b85434"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1047
x-amz-id-2: QQRQwFW8DX5dxgN+VjXlr8a8DW1oIFlwA0Tl4T1Af80y1gWFmDkM+XDQMDcYiIGW7eRjMJ7RyRc=
Expires: Thu, 04 Jun 2015 20:44:06 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/31/ 1 KB
2 KB 511ms
95ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/31/out.png?1351898567
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a39e5fe3f1f0a8bb7c3fa486369f071689e6660db7a3598601b40829810053f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:22:48 GMT
Server: AmazonS3
x-amz-request-id: NB78YA8YC8EJH9K5
ETag: "3b9909c4133f50655b9850fb6bd50b8f"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1105
x-amz-id-2: +2GDD7aMHH3h1SgkBn+swNdvvNJmmHQUHmfKGPZdT9Lo5z8l9/EUemlW1Qs/PVQ0gcTW9IYDbqs=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK out.png
s3.amazonaws.com/cloudfront.shivtr.com/game_classes/30/ 1 KB
1 KB 306ms
117ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/game_classes/30/out.png?1351898577
Requested by: Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ee5522ddcb69d137cb5175c212c938dcd7286df4daecdf26eb035446fbf7f54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Fri, 02 Nov 2012 23:22:58 GMT
Server: AmazonS3
x-amz-request-id: NB7ABXEFDZ3MPSB5
ETag: "1813a59f2356b015b48a43bd214bb1f3"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1073
x-amz-id-2: 3ewFjiPVJbPEAFR/mhw3QwmRoQkLSXkKKJR3C4LCjH4EUwWAe0pd/6fdFH2W60z1MXJITpKrJY0=
Expires: Mon, 12 Nov 2012 19:56:20 GMT

GET
H/1.1 200
OK 910260.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 3 KB
4 KB 444ms
107ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910260.png?1392266589
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7a639211360b72df61f541ac8bf3201a5f31a1adb415ae1441b96825522717de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:10 GMT
Server: AmazonS3
x-amz-request-id: NB71QBNBG0N9G63W
ETag: "fb9436467353a79f7762ef9330257d64"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3263
x-amz-id-2: WTn2dH9/BqtQKiwAEuGLjI9uUWqmph/6HeXJ0HKSPGEwQd+FfrsLxTlB2eAxix+blVp2SWiPTQg=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910261.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 3 KB
4 KB 392ms
86ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910261.png?1392266590
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7a639211360b72df61f541ac8bf3201a5f31a1adb415ae1441b96825522717de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:11 GMT
Server: AmazonS3
x-amz-request-id: NB73T6PYR85HRJMZ
ETag: "fb9436467353a79f7762ef9330257d64"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3263
x-amz-id-2: trdPmUCewH6H6jYOfqsStePEE9V/MokCfJBx2SsVM0akaEjIfZDGKhfLe4eJXicRBn0OxCP3iDo=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H/1.1 200
OK 910259.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 3 KB
4 KB 358ms
88ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910259.png?1392266588
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7a639211360b72df61f541ac8bf3201a5f31a1adb415ae1441b96825522717de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:09 GMT
Server: AmazonS3
x-amz-request-id: NB71RFFSN1054F5G
ETag: "fb9436467353a79f7762ef9330257d64"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3263
x-amz-id-2: LvKY9iSwtZvpPeTdzzzBmvPZl/zfxDPr5D0LReCW9wud3IedOGQw2OP4tdVg35YNhH4YcKjG5bg=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H/1.1 200
OK 4.png
s3.amazonaws.com/cloudfront.shivtr.com/preset_images/ 935 KB
935 KB 302ms
108ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/preset_images/4.png?1383693841
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e62927d9b7c50af70bf766a157f6397c4c3218cbb4041e4c57988a9819a056fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Tue, 05 Nov 2013 23:24:02 GMT
Server: AmazonS3
x-amz-request-id: NB772CZDH8SBZGV9
ETag: "b434d600e7d464a536c9a473b6f3e510"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 957359
x-amz-id-2: /T874I0M59Ch6OoSOobCvxqNbADz39e3WfVGepGMLQjhyBlTrA5g/hvVbgkoq5maJVRjIw8gt40=
Expires: Mon, 05 May 2014 22:06:06 GMT

GET
H/1.1 200
OK 910245.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 18 KB
18 KB 336ms
83ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910245.png?1392266576
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe1f958f2a34ef499e23707ed2a3424bb0d6194a3ef488eeed450860ef72e343

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:42:57 GMT
Server: AmazonS3
x-amz-request-id: NB73MAVRF4G6J2W9
ETag: "d17aaaf7279f9cdd1b505a09d9a584d9"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 18490
x-amz-id-2: JciwXO1rJB/nuuNLsNBercfOHnbJ5myvbXUn/WJZ/m4xn/36RqnkinYXqSB42i1Lhd9BzNkuIRs=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910248.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 6 KB
7 KB 270ms
88ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910248.png?1392266579
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 76b2bcf6560941d8fca7ad963e9d03ad0cafa496d29988a06ba95afdb88a8f32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:00 GMT
Server: AmazonS3
x-amz-request-id: NB72BQZMPXA43GWR
ETag: "db65f034449425f8ad9b4179ff7d0a15"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 6375
x-amz-id-2: kk45gqZPPT2aIkEjbPdKqOosMkk8ckKAss8XiscDfKzeM/wL6sAWnXOQHr5+4DoEZ5CwKt6L6XI=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H/1.1 200
OK 910249.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 6 KB
7 KB 252ms
76ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910249.png?1392266579
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bee467b6d2c8861a7fcae0dc5396866bb6665cb7a6a76a78c7a09202f906a3d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:00 GMT
Server: AmazonS3
x-amz-request-id: NB71X66JDP5872K6
ETag: "9dca598922a3e10a16e05f22150b3899"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 6499
x-amz-id-2: 9t/0BszrEO+hYEAGOL0ysAwWwLAq14Fo80+Ub1EQZ3wxtT9o5ltnGdaoQDohb0rTdFhP6sFc43c=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910246.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 12 KB
12 KB 100ms
81ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910246.png?1392266577
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5ff3ca20fc72a2f699485892db41f995a2d209a7d95ec6b574b0078eb5994dac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:42:58 GMT
Server: AmazonS3
x-amz-request-id: NB74K9XA7TXXKPQJ
ETag: "03d54bcd61e40161e32895f5ffd1faa2"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 11907
x-amz-id-2: 51YxJaHzktBpupIgGvHlGmKxiq47139ZlhAYenPhi8TCLf9zs8T1xYoJO7pFELmDas9ZgCDwzvE=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H/1.1 200
OK 910247.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 1 KB
2 KB 359ms
88ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910247.png?1392266578
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 80ec7c36fe2370ea6fa5d697420f3b9a783ad15c677200c10d9c6c08256017c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:42:59 GMT
Server: AmazonS3
x-amz-request-id: NB7BQQS8Y5M8AS9R
ETag: "866551cecd9051744a81d5f64d6f7e74"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1188
x-amz-id-2: 4ImIhuYru45BFr+R1qZwU6NtgiJAbLpW0nGB3ZSQ39bzx3yuBL3IQjJCxVSvLtfbVqrBXwIJGkU=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910257.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 9 KB
9 KB 184ms
90ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910257.png?1392266587
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b56a51a2da4d1c76af5e54ea9d61925a92d3b7e783f47bcfb22350205e89c3e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:08 GMT
Server: AmazonS3
x-amz-request-id: NB7C0A0EV3GDWGD8
ETag: "1cd318dacd7a75b64dabc5bb514e9711"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 9028
x-amz-id-2: zn4FXHsOPIeaM4NjEXK3HjGqPMIvE19phhcCbfKof0T0EV1C8My7a1o1m5AuF3v8+YsdvD31hsg=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H/1.1 200
OK 910258.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 8 KB
8 KB 381ms
85ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910258.png?1392266587
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3388b21dcb7fb081f3bc85d4859bee647989e7bcb81a4be1b9a7f2fe8aad5374

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:08 GMT
Server: AmazonS3
x-amz-request-id: NB7AH18F3K2DWBXD
ETag: "2bde308dcccaa8a67b1ac1565af59ac7"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 8109
x-amz-id-2: /k65I4MEeA7/KzZOQSYYz25+/Xn5SCHRIoW8SRIdG4Jnka2bdNZP1lA90yKkn4X+ZX8nTaHDLT8=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910256.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 14 KB
14 KB 295ms
106ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910256.png?1392266586
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 48914f36b920ab70acfe2a46c7617a420190169f7f300df5aac1fed46324a293

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:07 GMT
Server: AmazonS3
x-amz-request-id: NB79YXS11R8XNJ9Z
ETag: "8c4629933436c542da042e39eff39af8"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 13829
x-amz-id-2: zM0YhWVvCJ8uPHCxLB3t/ynI0BmWSsOBMAsl0mFb580VJHslWIlFKNl5rvr/NhIBIiq72trRlcc=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910251.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 4 KB
4 KB 194ms
94ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910251.png?1392266581
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: eec0fe28715cccdf8cc2fc778ed8f6657dd8238869f17249c781b778553bd4df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:02 GMT
Server: AmazonS3
x-amz-request-id: NB78PK30DRF8919G
ETag: "fb7c9d04a8d033646dbddb5f32b09a1f"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3725
x-amz-id-2: 7xL/29eUqGsHpx/f5Oj0hB9fouhMqJlGbRJTPSreuInFKPqQkHpd5PI9CbFykzKI32vGL47pEJ4=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910252.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 4 KB
4 KB 176ms
82ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910252.png?1392266582
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d21e0b5159d6498d2521dbbe34d57b183f62d6d19fd1124461d704c215c718c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:03 GMT
Server: AmazonS3
x-amz-request-id: NB7EKCQQDKV3DJP0
ETag: "c0aa2ba544e39ff628f2f3faa0d860b0"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3715
x-amz-id-2: pbECgnN8WYnLo5T73K12CYTRKmINqsWRPHsaKqlUfIQ8pkuAIwnagxj9TcnOp/Jfxhqw0HXpcCk=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910250.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 119 B
570 B 182ms
109ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910250.png?1392266580
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f74fda37d4388de1e48d8444609c9c969f512e652168ac962e8787d2884481f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:01 GMT
Server: AmazonS3
x-amz-request-id: NB737ZJGW0SR4KWR
ETag: "cbde00edaf2a00bbc00f0a94273f6bbe"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 119
x-amz-id-2: X6BR7Xs7qweJUWwfiw+DsgFuYZMicMCIrSJf9jV5TUiZ97i1b8tuUd5s2hEndkxDwkDY43SNSB8=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H/1.1 200
OK 910254.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 5 KB
5 KB 189ms
95ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910254.png?1392266584
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4cb6f9850859d7c3585af0a50f5f8ea93aeae1de42f48774bbbf8f401a162b6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:05 GMT
Server: AmazonS3
x-amz-request-id: NB75RRD1ADWK5GS4
ETag: "e14c44b5c9e9831b3bb9fa0aaa760232"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 4697
x-amz-id-2: GPLuUgmBXcCeQRFWCnLFI4Ze6y67fLYOn6rFqL1b9IUE/s87UXvEimszGnpZBwRe3qlduSto334=
Expires: Mon, 11 Aug 2014 19:40:42 GMT

GET
H/1.1 200
OK 910255.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 5 KB
5 KB 190ms
95ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910255.png?1392266585
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 987052d4b6be6754b73f3b1f9a0a60a10552ca38417803e7bdb8ea0deec9a2cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:06 GMT
Server: AmazonS3
x-amz-request-id: NB7AKXKY34KK22M1
ETag: "1691ace0bfb0800e2cadc44ac095c715"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 4967
x-amz-id-2: EMU7BT5BKWCWLzj5RXakEXrv7D4Z82L0II4Eox7bW9z/XrFP76l2Zi9SEf6QpIr0G5hPhZArg9U=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H/1.1 200
OK 910253.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 7 KB
7 KB 270ms
85ms Image
image/png 52.217.43.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/910253.png?1392266584
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/475617-1687777065.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d9e070a2f0f9b4fba06c966ca1835ef3b3ba89bc9ee1b991dd8f075261bed00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:15:27 GMT
x-amz-version-id: null
Last-Modified: Thu, 13 Feb 2014 04:43:05 GMT
Server: AmazonS3
x-amz-request-id: NB72VEE3NGDG4SCY
ETag: "8a12880a37d46fd242ec4e9f1d652070"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 6936
x-amz-id-2: kpPtT+FwQpYXXM+I8spoQl4jHj1S/j9zOewBAkexeOPkp1i4qGqUtTSY32s8vk1A35voL512fgI=
Expires: Mon, 11 Aug 2014 19:40:37 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 145ms
143ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137916
x-xss-protection: 0
server: cafe
etag: 1305020384322512277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:15:26 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E9E 11 KB
5 KB 727ms
594ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1704273326&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.boom.ita.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273326340&bpp=7&bdt=884&idt=291&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7175825294586&frm=20&pv=2&ga_vid=1367836677.1704273327&ga_sid=1704273327&ga_hid=1450756037&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532600%2C95320885%2C95321253&oid=2&pvsid=1651374430306029&tmod=896349542&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52988b84d4ce47a05df4fcd7d9e2a6edcc42ad92381bfb1f4d67a98ba426ec3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boom.ita.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4541
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:15:27 GMT
expires: Wed, 03 Jan 2024 09:15:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
89ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=status_bar_position&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.boom.ita.shivtr.com
URL: https://www.boom.ita.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 09:15:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B72 131 KB
42 KB 572ms
448ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1704273326&format=728x90&url=https%3A%2F%2Fwww.boom.ita.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273326347&bpp=1&bdt=891&idt=311&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7175825294586&frm=20&pv=1&ga_vid=1367836677.1704273327&ga_sid=1704273327&ga_hid=1450756037&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=307&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532600%2C95320885%2C95321253&oid=2&pvsid=1651374430306029&tmod=896349542&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b5977fab154cbb70d1753253499c451c803debb77e18335ae5a5e466a3e4996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boom.ita.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42961
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:15:27 GMT
expires: Wed, 03 Jan 2024 09:15:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 7B72 9 KB
4 KB 194ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1704273326&format=728x90&url=https%3A%2F%2Fwww.boom.ita.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273326347&bpp=1&bdt=891&idt=311&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7175825294586&frm=20&pv=1&ga_vid=1367836677.1704273327&ga_sid=1704273327&ga_hid=1450756037&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=307&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532600%2C95320885%2C95321253&oid=2&pvsid=1651374430306029&tmod=896349542&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 21:56:15 GMT

GET
H2 200 f3d12415f986ed3504122551351bc1d0.js Show response
www.gstatic.com/mysidia/ Frame 7B72 42 KB
16 KB 195ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 12:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16637
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 12:59:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7B72 2 KB
903 B 258ms
127ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:57:32 GMT

GET
H2 200 50459845d1cbd526a76ea757de42d266.js Show response
www.gstatic.com/mysidia/ Frame 7B72 23 KB
10 KB 196ms
123ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9842
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 08:57:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7B72 23 KB
9 KB 257ms
128ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 17:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:07:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7B72 3 KB
1 KB 258ms
129ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 17:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:07:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7B72 20 KB
9 KB 327ms
63ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 17:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 17:07:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B72 194 KB
62 KB 356ms
95ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:15:27 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 7B72 37 KB
15 KB 65ms
62ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 13:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 589194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 13:35:33 GMT

GET
H2 200 BR-42060-WEB-2022_HD_Display_728x90-F3.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/ Frame 073C 8 KB
3 KB 134ms
130ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9080cd3afaf127653229bfebcfd29b4f8107e0a476abfd96fe2de015f18d0766

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15056
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1748
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 05:04:31 GMT
expires: Thu, 02 Jan 2025 05:04:31 GMT
last-modified: Fri, 10 Jun 2022 17:25:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 073C 6 KB
3 KB 76ms
74ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 03 Jan 2024 19:41:38 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 073C 34 KB
13 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 06:44:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 04 Jan 2024 06:44:06 GMT

GET
H2 200 728x90-F2a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/ Frame 073C 36 KB
36 KB 145ms
144ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/728x90-F2a.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e81caa7b247de255f769d222b3701508e8ffff0d9899429699f26710a5bda58

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 05:04:32 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 03 Jan 2024 05:04:32 GMT
x-content-type-options: nosniff
age: 15055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37237
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 17:25:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 728x90-F1b.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/ Frame 073C 4 KB
5 KB 77ms
76ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/728x90-F1b.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09242ba6c9423dad82d91033540235e1386545341994652cd20d306943b29303

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 04:38:11 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 03 Jan 2024 04:38:11 GMT
x-content-type-options: nosniff
age: 16636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4596
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 17:25:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 728x90-Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/ Frame 073C 8 KB
8 KB 63ms
62ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/728x90-Logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

064794e5b35368843e45df4a7e47bef0db48f5f7e829930413167ace4a99aef2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:12:42 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 02 Jan 2024 11:12:42 GMT
x-content-type-options: nosniff
age: 79365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7686
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 17:25:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 728x90-Tank.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/ Frame 073C 22 KB
22 KB 68ms
68ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Images/728x90-Tank.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48aa6e9baa901d7e96511fc611bfaa620f9e16ba40019cdb3bb395d264f89ad7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 05:04:32 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 03 Jan 2024 05:04:32 GMT
x-content-type-options: nosniff
age: 15055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22690
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 17:25:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 7B72 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e5c9e3a4a494e42fc20a9d655dee552898f17911ae58721af96605858257c24

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 HelveticaNeueLTStd-BlkCn.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Fonts/ Frame 073C 28 KB
15 KB 73ms
71ms Font
font/ttf 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Fonts/HelveticaNeueLTStd-BlkCn.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

157ab34dc5809c7030c26e986bc03167d101d9049cf866b8881637d0a082f5a8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
Origin: https://tpc.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 05:04:32 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 05:04:32 GMT
age: 15055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14988
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 17:25:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 HelveticaNeueLTStd-LtCn.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Fonts/ Frame 073C 26 KB
15 KB 138ms
137ms Font
font/ttf 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/Fonts/HelveticaNeueLTStd-LtCn.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e39134b541d8aa7d3e3b4656bebdefe04b61516e74135b356849035f205fc501

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464557960680088733/728x90/BR-42060-WEB-2022_HD_Display_728x90-F3.html
Origin: https://tpc.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:57:19 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Jan 2024 11:57:19 GMT
age: 76688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14849
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 17:25:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7B72
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cwt6VriWVZY-pM6iG3rsPsIa3oAaEuZjMdN2X0YT6D5_V1qq8ARABINigpgRgyYaAgNyjxBCgAciQz-UDyAEJqAMByANIqgTaAU_QK_Eg7UbhKrJdB4xpRwRkTmpm5ifMSDcV07w68m3jz0V...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78bb242dca5cfef90000000000000000%22,%222%22:%220xd97840c5e729a6680000000000000000%22,%223%22:%220x905b6d...

0
0

209ms
82ms

Fetch
text/css

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x78bb242dca5cfef90000000000000000%22,%222%22:%220xd97840c5e729a6680000000000000000%22,%223%22:%220x905b6d704b60d0650000000000000000%22,%224%22:%220xd19082c4b59781840000000000000000%22,%225%22:%220xdeb1169104da62b00000000000000000%22},%22debug_key%22:%226954454048829591980%22,%22debug_reporting%22:true,%22destination%22:%22https://bluerhino.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221018415176%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226335708082157050529%22}&andc=true

Protocol

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x78bb242dca5cfef90000000000000000","2":"0xd97840c5e729a6680000000000000000","3":"0x905b6d704b60d0650000000000000000","4":"0xd19082c4b59781840000000000000000","5":"0xdeb1169104da62b00000000000000000"},"debug_key":"6954454048829591980","debug_reporting":true,"destination":"https://bluerhino.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1018415176"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"6335708082157050529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Jan 2024 09:15:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 Jan 2024 09:15:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x78bb242dca5cfef90000000000000000","2":"0xd97840c5e729a6680000000000000000","3":"0x905b6d704b60d0650000000000000000","4":"0xd19082c4b59781840000000000000000","5":"0xdeb1169104da62b00000000000000000"},"debug_key":"6954454048829591980","debug_reporting":true,"destination":"https://bluerhino.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1018415176"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"6335708082157050529"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 229ms
97ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37d9dbf0109d605ff059b04e4a72c48fd319c8e6767e63de8db2f0d9ff8ca9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D563 50 KB
19 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 14:05:00 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 073C 50 KB
19 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 14:05:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 234ms
81ms Preflight
text/html 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 09:15:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 103ms
103ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 09:15:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0137 13 KB
5 KB 64ms
63ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boom.ita.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 133746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 Jan 2024 20:06:22 GMT
expires: Tue, 31 Dec 2024 20:06:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7FAC 829 B
1 KB 219ms
84ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1f38a29b8165982ff5fb02423c8e4b7adbe2b3c8a05c4ff603429a1ba33d632

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--75pYdZymYSHt9CzQIKEXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boom.ita.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--75pYdZymYSHt9CzQIKEXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:15:28 GMT
expires: Wed, 03 Jan 2024 09:15:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0137 39 KB
15 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 02:12:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0137 0
10 B 63ms
62ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VfWlkQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:15:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7FAC 0
0 90ms
89ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1651374430306029&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B72 42 B
64 B 96ms
95ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9zWY0Mh_B593aQkVPBNL4OPWR_mOYl_nAdZDKgN1TrAQk1KlmyU9ogLiYwqYKXcvdzwfye8p7FfxXOhKLazW-P81SR2nT9kiTI2nuxh43nJ5WlwU0g1EPSeI3zYxqsYRwopC1QTkYqCsxskGn3fzQ72VlGZqLzh2GkLgZ0E7tsFmuB_aKxmaUG16pAEAVxiRiWVdoKERJ35I_d8TTwAziveqlwvrWESEEUxk1dDAZnG_cFE0UgIa_tlDmoyyrr7G6gkg1yVbjvAX-fVrHlbc3ytIENyzuZ5EAToLU7MdteHM0xN9k-JyeW-D3VuFaaziYwcPB_zLJcjsTk1ppZyoc94nOz7ap2IxHW3eO4YslUXmQBBrwm072BidgLLgd-epXDgQ_d2eIGw-xGRhvseVpAiQ6wrvSK4eiaD0llI_YweQ535RzVXJNbOmnub0mritApiJrQuQBXVRdIOeHpc_uxeRycCJ-wxciyCuP88PsnWEaAdvgRNTD4Bc0VCjQwiQGejFTOeVuYIiQypPx5h_yNukAZRuexR_IU4y29aCSVXTgcm9he-naIE-i1SINyAOHcOJxyQniPKnzhgR6eTDQjPvOoCmnBmFYpmt8Xjxrkrv5jeaUHUPE-Ck9diKek6StgeBdrrO_W3Nfw7_avPaT4vQEjDfwg8wJqYhR-Njttpv9eRiZjEJa8H5Uqx-CDFkE6mGk12U8p31411Zu5taDJT9DQqAKX1e7_AGBsgNjpm3t3dtcaindLMBDeTiPICEw_NQynLCjXon4Qi56wzpLpVqjl868YmHcFtZLPwMLMkiDDNPXJo5O7MuxS9ss6nuFKNQH7U13Jrv8NazLkdQRzDI6nSKhThb02jQfPZw2HX4cDuJd11oMRl1FrcSh_83u5nMAtyJyKJg2WLlRWo6xgN7zvx24uD9lt54Ah9hvTDi3C6NagWIYo-PhUWTj6x9ogonKvO4sYPK1yYbUbeq029zWSDrmzoTNH4pXMYD6kZQUzALkdC82KGeSa7BKccDEq257YZI0sAsDu4l52EEXWSIgmIIP6LxH10jB8kUw47iBC3-8C6Ydv4R_AemRGcMkW-N1NWeXidrkS4kXNt8QqdgsfP5f_R1ATlZnaQqkGc7hDDN70d2KxkcolU37OesuLaIralqKwbdW7Imch5EoXQ&sai=AMfl-YQvblXb9HFGxwL36hhChP-V_1xGuGPZWjBvdbz4fh3h-XEjGKXNSz07iU_bXK26NI3UVjlrvmiNAh8YI29gLbAP4MIL8gWqf3Po05En8jza4wPwukG1w0vYn6Mu6rIbZPlB4YKXluD25HrUiPaOH9GWiWguYnJb7nkflA&sig=Cg0ArKJSzBuRX5LFZpjaEAE&cid=CAQSTgAvHhf_LaDGXnpYa0KZyv3iM9ktdpZgegEq-GhIgRAq2bDhymgPxPBtzBpc8e2k9bugqDUznrciv3WUHCbxTeP0zTsVwTsBtENi6f8kyRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4229348686&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704273326665&rpt=1174&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 09:15:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1651374430306029&bg=!lZalltnNAAY3kmNgF5I7ADQBe5WfOLatu_ByWkQFT08rKyC2WgcFWskKkEbVxfCY05gp0pp3JWicPlV3i_JgP7tJZzTTAgAAAG9SAAAAAmgBB5kC_E_IqOF08uexMpIZuOjC0np7bxTz-WXaAnjYcd4q_vz79GvCfZexTPTa8Nh08BBytIiE_flNoutpc7sY1HizM1tOpDZzRQIlNzOVNvgWJwmIUELLezWMUQpyPY_ZFHJPdldZhCXH-F8zw1M2al-WAN2EZfUlSUnu68k-EIZg0OUp-mRnfhv_rqOI56KxYSBEthAT64FU3zMOEzXP1d5yPEPgsZCgREo8fflkEB116LfxsTxNdXSFCDSMCve_U3-lZ1RCCx5WZITsOLoD44xBqeMYbXFyruPXR1_mVPRW8-9T0ZiT20nItkEP0CnbNOn25AF9zOpoON3q3QioVoqRyFYDl6_86HpcrSJyjE5tImpWzSNSXmrUgyy4IeO4ldZXwmauOXrbSkgNE5eSGdPUf6F99UdmvFWMiVyxmFRFumOvDSyFwbo59iX8WBW_cyyixyVFoawCaVBRS5Y658cF_Q2zR6icO_iUzY1EtNkrIbJJcP2WIPztKbs7FiGu5YQeROGCO35j_k0ekj-rMo-cySIYOOrkOIqkyY0K-qaB8yJvA8tsgcJw8waQozOflI1fYTruP_JUtyjHKLp3mH0XesIdfoq_P1DMiaCheNvg0qN2Pg1QFJxLbXylYK3YGkVQqyGYRY1X84PL5XW0Y5VOdsN5u2w4dnyUQ7Urh4HJpPUHHLODuz0LH17QX1ZB0jnRuNBJA4Rwgd3xxkF3kehWSb8MAXEjggWIrxn-4LNbpiwtdzeWw4IQOarty8ASu1Mjjj-bSGLAxkm0AV50YDjHclV5y4eF_4pRDgZuGeS_8Ae2gmkvqpCvIOVlV53YNbEDime-jdtPW9lm5ilNU3IeEfuEY_ChXg1YXWTprZqRZtIvN6AM2FaWJaao60lDCgwfWCvvgKu02k4LEtPSMC8tDDsEnoD4IllcmaDrrd_r-H7B7fXXN1j_Xog6oFQEHsHRqbCH-RBiqQKrhZGe6pYLMBFS4BvoJy4L2QiJFW5cZnckfM17X7UA8Yypke7H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.boom.ita.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.boom.ita.shivtr.com/	1969-12-31 23:59:59	Name: site_game_id Value: 156196
www.boom.ita.shivtr.com/	1969-12-31 23:59:59	Name: _shivtr_bakery Value: vfC2d66b7Nik0%2Bv3SfJdgEELlk3QSS52jTmKzAjCsPA9J4hS8c%2Bc82cAXqHaFRvLq9qfJv0mEVuS9FHuIED%2FP6qctgbpXqLJobixB%2F88eEeV0iHlRPfWvKUCOfpBL28A7fNLFixvD5ogajbasluETKPWpKBGxjZObt1ZLvW2njm7iuc6T4i3%2F9IYbQinn0lzuGzRdBW4OlCPw%2B%2FgL4ImqN%2BftBZ8nNigJzIVD6oLaEobZE905FClZT9UOm%2BrBK9ZJ9vJrgWEYbcR59xGs2CdKEgi9L0nC%2BZ4S89nK%2B9%2F3NtWWQ%2FA--iswdiEgmhlt1Stic--x0CxUalSle2xSoIfXj2OoQ%3D%3D
.shivtr.com/	1970-01-21 02:46:09	Name: __gads Value: ID=1a086f521b87a06c:T=1704273326:RT=1704273326:S=ALNI_MY-GS09KxFNSAr8claFWu0w5GGvSA
.shivtr.com/	1970-01-21 02:46:09	Name: __gpi Value: UID=00000db0805f351b:T=1704273326:RT=1704273326:S=ALNI_MbOSnnpN5vtE8vipQYb6Qp8QNC-bg
.doubleclick.net/	1970-01-21 03:00:33	Name: IDE Value: AHWqTUn2GPP__Je-yNUGOJt3VRwSolUQ5E_M7w_xvoTcEn9-Ash9aGmiu4P8eUSz7Jk
.googleadservices.com/	1970-01-20 19:34:09	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
s3.amazonaws.com
static.shivtr.com
tpc.googlesyndication.com
www.boom.ita.shivtr.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.64.66
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2002
45.33.21.148
52.217.43.166
064794e5b35368843e45df4a7e47bef0db48f5f7e829930413167ace4a99aef2
09242ba6c9423dad82d91033540235e1386545341994652cd20d306943b29303
0ab5ab99fedfbce3ded43cd7992321d292ceaa4ea647309a75feda365c3af52a
0d9e070a2f0f9b4fba06c966ca1835ef3b3ba89bc9ee1b991dd8f075261bed00
0da83b19969098fa7ace3d8d02a3d6d8f568be28abb0ee15d2fe38d4d690011e
0e5c9e3a4a494e42fc20a9d655dee552898f17911ae58721af96605858257c24
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
157ab34dc5809c7030c26e986bc03167d101d9049cf866b8881637d0a082f5a8
2143f56253baced8dd81f9a3313880202ca0a5e514b9caf1e02eda9e3c2faeb1
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2b5977fab154cbb70d1753253499c451c803debb77e18335ae5a5e466a3e4996
2ee5522ddcb69d137cb5175c212c938dcd7286df4daecdf26eb035446fbf7f54
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3388b21dcb7fb081f3bc85d4859bee647989e7bcb81a4be1b9a7f2fe8aad5374
3592a30c29aff62b521a721c0247c3d2742bef28c2439c4fa3841d37a1bcf83c
37d9dbf0109d605ff059b04e4a72c48fd319c8e6767e63de8db2f0d9ff8ca9ce
3e81caa7b247de255f769d222b3701508e8ffff0d9899429699f26710a5bda58
3f08d07039132183bd86625ef2036b723087915822028fd2c87d78e144b71c27
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425fb30ee5ccadbea64024ba26c1a4c9e21cb12adee74ad547832652867c2d8b
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
48914f36b920ab70acfe2a46c7617a420190169f7f300df5aac1fed46324a293
48aa6e9baa901d7e96511fc611bfaa620f9e16ba40019cdb3bb395d264f89ad7
4cb6f9850859d7c3585af0a50f5f8ea93aeae1de42f48774bbbf8f401a162b6b
52988b84d4ce47a05df4fcd7d9e2a6edcc42ad92381bfb1f4d67a98ba426ec3e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ff3ca20fc72a2f699485892db41f995a2d209a7d95ec6b574b0078eb5994dac
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
76b2bcf6560941d8fca7ad963e9d03ad0cafa496d29988a06ba95afdb88a8f32
781e9454021f263b9946fd075612e4f048576576868b48825c661016e6bbc157
7a639211360b72df61f541ac8bf3201a5f31a1adb415ae1441b96825522717de
80ec7c36fe2370ea6fa5d697420f3b9a783ad15c677200c10d9c6c08256017c5
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea
830870bb74c6a4a16f3c0c49a7934378a8c26fe68fa8bf280e7d1b2a5ddc0f12
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
8d21e0b5159d6498d2521dbbe34d57b183f62d6d19fd1124461d704c215c718c
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9080cd3afaf127653229bfebcfd29b4f8107e0a476abfd96fe2de015f18d0766
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
987052d4b6be6754b73f3b1f9a0a60a10552ca38417803e7bdb8ea0deec9a2cd
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
a1f38a29b8165982ff5fb02423c8e4b7adbe2b3c8a05c4ff603429a1ba33d632
a39e5fe3f1f0a8bb7c3fa486369f071689e6660db7a3598601b40829810053f6
b56a51a2da4d1c76af5e54ea9d61925a92d3b7e783f47bcfb22350205e89c3e0
bee467b6d2c8861a7fcae0dc5396866bb6665cb7a6a76a78c7a09202f906a3d4
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
e39134b541d8aa7d3e3b4656bebdefe04b61516e74135b356849035f205fc501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4984a602fd625116311156a8046809de9af1fe50b8da845a3c762a4b9db7ce1
e62927d9b7c50af70bf766a157f6397c4c3218cbb4041e4c57988a9819a056fe
eec0fe28715cccdf8cc2fc778ed8f6657dd8238869f17249c781b778553bd4df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef55410449ba3d13c62ee6b123712ae3b3f1d70e6e4b92004f8b64005790a87f
f74fda37d4388de1e48d8444609c9c969f512e652168ac962e8787d2884481f3
f769320245048f11fdfb85b5545b8cac0b00907dae463248a94a65422a5ce9df
fe1f958f2a34ef499e23707ed2a3424bb0d6194a3ef488eeed450860ef72e343
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.boom.ita.shivtr.com Open in urlscan Pro 45.33.21.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

67 %IPv6

8 Domains

10 Subdomains

10 IPs

1 Countries

1832 kBTransfer

3314 kBSize

6 Cookies

6 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.boom.ita.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

10
IPs

1
Countries

1832 kB
Transfer

3314 kB
Size

6
Cookies

69 HTTP transactions
1 data transactions