newlunarempire.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newlunarempire.shivtr.com/
Effective URL:
https://newlunarempire.shivtr.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On October 09 via api (October 9th 2023, 9:31:44 pm UTC) from DE — Scanned from DE

Summary HTTP 77 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 77 HTTP transactions. The main IP is 45.33.21.148, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is newlunarempire.shivtr.com.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.

This is the only time newlunarempire.shivtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	45.33.21.148 45.33.21.148	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
18	54.231.165.200 54.231.165.200	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::60 2620:1ec:46::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.212.88.180 23.212.88.180	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4 10	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
77	12

13 45.33.21.148 (Richardson, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com

newlunarempire.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.231.165.200 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.88.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-180.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:3500:1b::1724:a392 (Frankfurt am Main, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	amazonaws.com s3.amazonaws.com	1 MB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	292 KB
13	shivtr.com 1 redirects newlunarempire.shivtr.com static.shivtr.com	284 KB
10	bing.com 4 redirects www.bing.com — Cisco Umbrella Rank: 75	25 KB
10	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2045 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6890	59 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	41 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4847	72 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	602 B
77	10

	Domain	Requested by
18	s3.amazonaws.com	newlunarempire.shivtr.com static.shivtr.com
11	static.shivtr.com	newlunarempire.shivtr.com static.shivtr.com
10	www.bing.com	4 redirects googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	newlunarempire.shivtr.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
7	tpc.googlesyndication.com	newlunarempire.shivtr.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.googletagservices.com	newlunarempire.shivtr.com
2	cdn.adnxs.com	newlunarempire.shivtr.com
2	adsdk.microsoft.com	newlunarempire.shivtr.com
2	newlunarempire.shivtr.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
77	13

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.paypal.com
shivtr.com

Subject Issuer	Validity	Valid
*.shivtr.com R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
static.shivtr.com R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://newlunarempire.shivtr.com/
Frame ID: 45EE050B6C41C9916984973295641C15
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 42508EA45862A173772644F2E923962D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1696879898&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fnewlunarempire.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696887097898&bpp=2&bdt=724&idt=132&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3814691330009&frm=20&pv=2&ga_vid=1721623663.1696887098&ga_sid=1696887098&ga_hid=32788671&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078657%2C44801485%2C44804782%2C44805099%2C31078297%2C44803791&oid=2&pvsid=204342366296387&tmod=947941484&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=150
Frame ID: 4E3FDA9E169C981E6374485451B1DF52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1696879898&format=728x90&url=https%3A%2F%2Fnewlunarempire.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696887097900&bpp=1&bdt=725&idt=153&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3814691330009&frm=20&pv=1&ga_vid=1721623663.1696887098&ga_sid=1696887098&ga_hid=32788671&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078657%2C44801485%2C44804782%2C44805099%2C31078297%2C44803791&oid=2&pvsid=204342366296387&tmod=947941484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=f8BpWA2lVf&p=https%3A//newlunarempire.shivtr.com&dtd=158
Frame ID: 9252224E9C840F959A42C4EB8D600798
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: F28C4D360D433E36686B7593BC1A0A48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 00F110B6D40A1FD89AF05CF954DDE856
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: AF17044293C6841712810145326EBE85
Requests: 15 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 655972B975C3887C1912859BA383E466
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 706B4CCF939186DC92D3EFC4F811C988
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A31F30CD07659105584ABAD953E4FDDD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New Lunar Empire

Page URL History Show full URLs

http://newlunarempire.shivtr.com/ HTTP 308
https://newlunarempire.shivtr.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

77
Requests

94 %
HTTPS

64 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

2359 kB
Transfer

4140 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/document/d/1sDuB-5pDX_55meXglP_aXkLB4mQhissH-Bo5dVsAE04/edit?usp=sharing
Title: Rules

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?bn=PP-DonationsBF&business=gailrs96%40gmail.com&charset=UTF-8&cmd=_xclick&currency_code=USD&item_name=The+New+Lunar+Empire+hosting+donation

Search URL Search Domain Scan URL

URL: http://shivtr.com/group_pay/107773/payments
Title: Donate Days

Search URL Search Domain Scan URL

URL: http://shivtr.com/
Title: Guild Hosting

Search URL Search Domain Scan URL

URL: http://shivtr.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://shivtr.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://shivtr.com/legal
Title: Legal

Search URL Search Domain Scan URL

URL: http://shivtr.com/security
Title: Security

Search URL Search Domain Scan URL

URL: http://shivtr.com/help
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newlunarempire.shivtr.com/ HTTP 308
https://newlunarempire.shivtr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0157f616-807a-4bf4-849a-caa496431ec6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=980361cc-e118-4053-9081-f14d3c383e05&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D30ce338408404fc4a5175feb0ae5d534%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7240145&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=441665628671849268 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=30ce338408404fc4a5175feb0ae5d534&SNR=1&GV=2&med=10

Request Chain 48

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=88109253-d454-495e-8972-ae11262faa23&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=bce11f05-4c3d-4ca3-8385-fb33ab226693&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2819-0%29%3F%26RG%3Db7e3574bb4eb4f0fbd0b8b760a8779af%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7240145&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=4772574286800988522&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(19-0)?&RG=b7e3574bb4eb4f0fbd0b8b760a8779af&SNR=1&GV=2&med=10

Request Chain 69

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=88109253-d454-495e-8972-ae11262faa23&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=bce11f05-4c3d-4ca3-8385-fb33ab226693&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Db7e3574bb4eb4f0fbd0b8b760a8779af%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=7240145&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=4772574286800988522&wp= HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=b7e3574bb4eb4f0fbd0b8b760a8779af&tids=1&med=10

Request Chain 73

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0157f616-807a-4bf4-849a-caa496431ec6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=980361cc-e118-4053-9081-f14d3c383e05&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D30ce338408404fc4a5175feb0ae5d534%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7240145&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=441665628671849268 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=30ce338408404fc4a5175feb0ae5d534&tids=15000&med=10

77 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
newlunarempire.shivtr.com/
Redirect Chain

http://newlunarempire.shivtr.com/
https://newlunarempire.shivtr.com/

12 KB
4 KB

558ms
249ms

Document
text/html

45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li975-148.members.linode.com

Software

Caddy /

Resource Hash

f5801e3e01862c031d3b96c797e3d59c8c2f24c765fd20bc379af5c4266b4764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 21:31:37 GMT
etag: W/"f5801e3e01862c031d3b96c797e3d59c"
referrer-policy: strict-origin-when-cross-origin
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: feaa3348-f1f9-48cf-a4b6-0d510a04d148
x-runtime: 0.090670
x-xss-protection: 1; mode=block

Redirect headers

Connection: close
Content-Length: 0
Date: Mon, 09 Oct 2023 21:31:36 GMT
Location: https://newlunarempire.shivtr.com/
Server: Caddy

GET
H2 200 guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/ 218 KB
37 KB 173ms
162ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq4s2q"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 165499-1687776489.css
static.shivtr.com/css-cache/site_themes/ 28 KB
5 KB 169ms
158ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 1157db6932951679e93ad7b95a8de7e549801afb45be9a6d558afc471e1db5b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 10:48:09 GMT
server: Caddy
etag: "rx7vc9m5p"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js Show response
static.shivtr.com/assets/ 608 KB
166 KB 172ms
162ms Script
text/javascript 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgqdcmv"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 118ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9425f4d4a4a11a07dde8a3f22d307119921d8e0679b4a16b788c4226f73c7c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50893
x-xss-protection: 0
server: cafe
etag: 12996171150017848152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 21:31:37 GMT

GET
H/1.1 200
OK 107773.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/ 1016 B
1 KB 728ms
183ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/107773.png?1426469014
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 67a4964a5ee673db3934ec39d186151c91cca2fd56fcfdd9efa4783421c67aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
Last-Modified: Mon, 16 Mar 2015 01:23:36 GMT
Server: AmazonS3
x-amz-request-id: WYJTG96S1JZJCNBK
ETag: "a82b33c3c21c43d6bb33d9ecd339d4fd"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1016
x-amz-id-2: RbtBmiH2+pPSjeTHg8DbG1xO82NVS4Z/evHs4KPcbCmZuhsEuTvgFkuh9Td+HHVvDcDg9yo+azc=

GET
H2 200 home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/ 250 B
304 B 164ms
163ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/assets/mobile/toolbar/home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq6y"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 250

GET
H2 200 btn_donate-ff621b62ff16bd4137804f849c5c84805be9e495aa49c789b397d1573b1f1e31.png
static.shivtr.com/assets/buttons/ 2 KB
2 KB 163ms
161ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/assets/buttons/btn_donate-ff621b62ff16bd4137804f849c5c84805be9e495aa49c789b397d1573b1f1e31.png
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: f295898f1d51962ed958272ed398ce0c8b699fd543ff6ad4cd5b6f46fa85e299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
last-modified: Sun, 02 Jul 2023 20:26:47 GMT
server: Caddy
etag: "rx6rgn1ia"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 1954

GET
H/1.1 200
OK original.jpg
s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/19580/ 199 KB
200 KB 777ms
257ms Image
image/jpeg 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/19580/original.jpg?1422425463
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c32753a8f05b10c1a698c2f8c25ec2cfa8eca29273e334e05a20b88ca8a61cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
Last-Modified: Wed, 28 Jan 2015 06:11:05 GMT
Server: AmazonS3
x-amz-request-id: WYJTQTZZYP3KW3NB
ETag: "897ffbea5e1ba3e995c1cc94e62db8f0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 204245
x-amz-id-2: Upz55QaPNX+Q9OCSkoqnNrctZZ+IG7a5ZqGpzVzOOWeetEESWhiO9NLvVx0ingySrfWPw/MZPoQ=

GET
H/1.1 200
OK original.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/18245/ 37 KB
38 KB 729ms
189ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/18245/original.png?1415812027
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4d412eaf4d251ab6088f7ace89e26bccfa0941efb34c99988c11c57f939cd47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
Last-Modified: Wed, 12 Nov 2014 17:07:08 GMT
Server: AmazonS3
x-amz-request-id: WYJM03YKDJB0EB75
ETag: "c713b4f363b38a5b90d34a4e044fc350"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 38296
x-amz-id-2: 98bOQ4R2I3vZx5QFyPlbmQW1KBtWrZwS8oZDMsn1xVbY0Mi3eLO0FkCUh1cYLo6N9ILn+IafbwU=

GET
H2 200 headline_photo.png
static.shivtr.com/s3/missing/ 21 KB
21 KB 163ms
163ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/s3/missing/headline_photo.png
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 6fd153eaaf560ad7a2d5e1e825c92269f95593af17cb16520f1f7c79346236d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
last-modified: Wed, 28 Jun 2023 04:24:58 GMT
server: Caddy
etag: "rwy49mgwh"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 21905

GET
H2 200 play.css
static.shivtr.com/gfonts/ 1 KB
396 B 309ms
309ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/gfonts/play.css
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 81bee46ad5755fdc899b74cdf522917f92ca2fc145587344eada6605e4bc7a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 04:24:57 GMT
server: Caddy
etag: "rwy49l104"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-length: 329

GET
H/1.1 200
OK 1371533.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 971 KB
971 KB 815ms
206ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371533.png?1406067153
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ec759854f7b57ebb68da05527336e74c238ffbbedf88e3361e56e4605146fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:34 GMT
Server: AmazonS3
x-amz-request-id: WYJK3DX3NH29G4F1
ETag: "5b78aafdd4fedcb811f41a136e878d42"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 994145
x-amz-id-2: VLypOxaldCrsqR5eQB3GdpHZ70Uua7/Wyat4JAHUtpvBVj0s/wt1UV4s66M59ZKQnJO7yQn2uXw=
Expires: Mon, 08 Dec 2014 14:58:27 GMT

GET
H/1.1 200
OK 1371522.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 3 KB
3 KB 777ms
158ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371522.png?1406067149
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a65a6b6410d60b04406802f24ead9f08e81c3b4c14721069e21010451c04ae4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:30 GMT
Server: AmazonS3
x-amz-request-id: WYJVZZ83ADNVGQGS
ETag: "8e0cfe4d64500711660dba29abc47d48"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3087
x-amz-id-2: 3Uo2aPiDA52Oh64ViF6yB3LgQpy1Ea+yUvDniqvSw1uGLA6fr9IpYsza0jMcGIhzzH6UkFen8EA=
Expires: Mon, 08 Dec 2014 14:58:27 GMT

GET
H/1.1 200
OK 1371523.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 3 KB
4 KB 840ms
172ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371523.png?1406067149
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b3467bd5cf332a608172ed1121bcc1084dba1cd883e2d7db099f48107060245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:30 GMT
Server: AmazonS3
x-amz-request-id: WYJHG5WKDVAQAJZE
ETag: "2ea9cbe02c56eeb5dd5b145f0f134213"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3164
x-amz-id-2: I5tnyRGgXTjvNkmA5iK0edknqjdty+yudNZe5gicgsz3WSUHg3PsHF8ybkMp67V8m0qKHz7K6Yw=
Expires: Mon, 08 Dec 2014 14:58:32 GMT

GET
H/1.1 200
OK 1371521.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 280 B
731 B 506ms
254ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371521.png?1406067149
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1c8d54efb1dd91bfd74e148f54cc338662146591367a506dacac6ef1bba3456e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:30 GMT
Server: AmazonS3
x-amz-request-id: WYJRPM8NAW8VTFYQ
ETag: "1f47b29b0996a363e433572e252b8b13"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 280
x-amz-id-2: P9Buo/GkSXZDgDwtGP+hQjy5wFy1V1v8Lk8gBvdIrhyJGTS1Uojs4ySn+N5KsyVpEM+1SCYruOw=
Expires: Mon, 08 Dec 2014 14:58:32 GMT

GET
H/1.1 200
OK 1371531.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 2 KB
2 KB 461ms
204ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371531.png?1406067152
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0ce98c7d1df287675bd07bd5c7c038b6617f5032512dab9127236f8d89efe381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:33 GMT
Server: AmazonS3
x-amz-request-id: WYJZ7KFDF97W6CVQ
ETag: "87b00e8d30447fbca02bbda82b85a473"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1797
x-amz-id-2: LRwLEOs2pMOJhsxQGlwRDmc4YZE9HfB+jGJLnmLdREgdLhb7KKccjuL8f3i9gkR2TgVTeGO/KF4=
Expires: Mon, 08 Dec 2014 14:58:32 GMT

GET
H/1.1 200
OK 1371532.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 3 KB
4 KB 418ms
161ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371532.png?1406067153
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5ad79605213fbb2464ad94fda6bc45556cdde8e74dc72fe91ff59a026b04f2f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:34 GMT
Server: AmazonS3
x-amz-request-id: WYJQ44FQ3ESKMKKB
ETag: "cabece12f23c9e8c5d95fe21155e9054"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 3239
x-amz-id-2: HngM+zF2lv3ilDGEJ5hrUdMD3CTvgpBNDCHXfKsE6mXrFzdTex8pl1C/NzEc8XPbZAmYuftIMzs=
Expires: Mon, 08 Dec 2014 14:58:32 GMT

GET
H/1.1 200
OK 1371530.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 300 B
751 B 597ms
178ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371530.png?1406067152
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d68d427d01f596133ee2452cea879f1b4a918e085f100f7b8ae8523d8dc1838d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:33 GMT
Server: AmazonS3
x-amz-request-id: WYJKAQ5R96C2SYV3
ETag: "3d7662dd951b90bf6453c92e1107bf6e"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 300
x-amz-id-2: hNnBUNpmDx4uZsBIZuhQDdXpFy7TyNVN3nRqZZwommizZN16tLwx3NM1lElfcSb/miRWOeK4eso=
Expires: Mon, 08 Dec 2014 14:58:27 GMT

GET
H/1.1 200
OK 1371525.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 131 B
582 B 656ms
195ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371525.png?1406067150
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c1e16a8e46f79e1e773492196dc24ea5850a50132a5d18e1c05d39fd529d3c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:31 GMT
Server: AmazonS3
x-amz-request-id: WYJYAM21DYB0AAW5
ETag: "cf16472fe239d37c0ff6de3bd62408e5"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 131
x-amz-id-2: VVp8vlw6cAebaGJE5pvmzUH9oJB6sjuMwJ11Em5DMpl3nE03cxAM2ChwQCce5vzJ6VurCGQRw/Q=
Expires: Mon, 08 Dec 2014 14:58:32 GMT

GET
H/1.1 200
OK 1371526.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 129 B
580 B 606ms
164ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371526.png?1406067151
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f3a05a37b6eb87a82ee9549a766ad52bdb8d78cde6a2189be8e5f6316c37149f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:32 GMT
Server: AmazonS3
x-amz-request-id: WYJSDW6VVMBZ9SJS
ETag: "a74ca374649ef8d079b4f3bc42a39335"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 129
x-amz-id-2: 1eZD9B1P2ar3aMTvlBHxAq/11JRXLHif0tVD7mVuXNvvne0CbyNdRC3k9bprie83WWenL+XTxVo=
Expires: Mon, 08 Dec 2014 14:58:27 GMT

GET
H/1.1 200
OK 1371524.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 110 B
561 B 375ms
165ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371524.png?1406067150
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4cc6703982c299ef1a208d5b64cb71727d9eac9eaca0ceaa71c02bc4343c6057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:31 GMT
Server: AmazonS3
x-amz-request-id: WYJVP42F7Y0TYP5J
ETag: "9205a2aabaf769d2e8c7cb488f6f1814"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 110
x-amz-id-2: 2m8uYBidSFjzT7gESqikHng9Y7+TuRuJ5Xs1tWHHFYG8+xHTvxaOGBmovXaLcwrXvc0LFH+KbWY=
Expires: Mon, 08 Dec 2014 14:58:27 GMT

GET
H/1.1 200
OK 1371528.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 2 KB
3 KB 442ms
185ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371528.png?1406067151
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 691c2012d12087d49e28c1fc281dc84349193a407520ac1d61d2b59c324bffd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:33 GMT
Server: AmazonS3
x-amz-request-id: WYJXAPNQFVW58DAH
ETag: "a8c1150367141e580c1f8a6eb7b6631e"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 2163
x-amz-id-2: 0FTQDs2QUGB82Q41ZluW6dJQZ7NvkqLW3uqyVCLnpBbHk33xpxv2N8K20JTiiGlRcASaY2xtQVE=
Expires: Mon, 08 Dec 2014 14:58:27 GMT

GET
H/1.1 200
OK 1371529.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 2 KB
2 KB 478ms
221ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371529.png?1406067152
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d2f37890570b4bc3dc64ed6d34d9bfaece96a100b8d0d96fe8b27def52876a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:33 GMT
Server: AmazonS3
x-amz-request-id: WYJN8D8C4VFQ98EX
ETag: "bd5ecdbf7515a041ac909e619950912d"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 1727
x-amz-id-2: Tegek6zFl8xaks8GGjptawm3cnXPCSQZ4hMSQD7UN+gVIM49FTkogEuRZ7hbEnmdsHtZj2GATU8=
Expires: Mon, 08 Dec 2014 14:58:32 GMT

GET
H/1.1 200
OK 1371527.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 236 B
687 B 526ms
150ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/1371527.png?1406067151
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/165499-1687776489.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f00dacc839e9fd2390ca09ce6424da8273c197de8d571d730e3a7ed73ac38bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 22 Jul 2014 22:12:32 GMT
Server: AmazonS3
x-amz-request-id: WYJXT49A3MDGZZME
ETag: "71503b98e19608b608678f37ea8640d2"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 236
x-amz-id-2: ZLZhTMist0oYGLlm0EjjVbDerCKNy0x8/7uf2/1KnLH0Al4pHuG+DkwgdtuL+V6NXjIyE/OzPEk=
Expires: Mon, 08 Dec 2014 14:58:32 GMT

GET
H2 200 play-400-latin.woff2
static.shivtr.com/gfonts/ 17 KB
17 KB 468ms
150ms Font
font/woff2 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/gfonts/play-400-latin.woff2
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/gfonts/play.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc

Request headers

Referer: https://static.shivtr.com/gfonts/play.css
Origin: https://newlunarempire.shivtr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
last-modified: Wed, 28 Jun 2023 04:24:57 GMT
server: Caddy
etag: "rwy49ld8s"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 17164

GET
H2 200 play-700-latin.woff2
static.shivtr.com/gfonts/ 17 KB
17 KB 616ms
298ms Font
font/woff2 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/gfonts/play-700-latin.woff2
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/gfonts/play.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88

Request headers

Referer: https://static.shivtr.com/gfonts/play.css
Origin: https://newlunarempire.shivtr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
last-modified: Wed, 28 Jun 2023 04:24:57 GMT
server: Caddy
etag: "rwy49lda8"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 17216

GET
H2 200 Noci12-c421b186f617e706af05c6d5e3dfa9089d37cd80f27a9899866f991602d9f8d3.woff
static.shivtr.com/assets/ 13 KB
13 KB 468ms
150ms Font
font/woff 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/Noci12-c421b186f617e706af05c6d5e3dfa9089d37cd80f27a9899866f991602d9f8d3.woff
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 3a1bbd03003833a6dfbcc82556fe57bb353c3b7480bfdd133a055b315207a5cc

Request headers

Referer: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Origin: https://newlunarempire.shivtr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgqaac"
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 13332

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=newlunarempire.shivtr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e89fa171093257613e9b8ede2760220900dce2ae2028435923b7343b0f506c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135179
x-xss-protection: 0
server: cafe
etag: 15797109401901041714
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 21:31:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 4250 10 KB
5 KB 94ms
30ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newlunarempire.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 arrows-e29f84855eba9b86683c754d6475c31bccd7369dabf36e8e64a802265e46c2b6.png
static.shivtr.com/assets/plugins/nivo_slider/ 533 B
598 B 158ms
157ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/assets/plugins/nivo_slider/arrows-e29f84855eba9b86683c754d6475c31bccd7369dabf36e8e64a802265e46c2b6.png
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 056ebb8c52151318098474158a411d5f19004560d0ddf869e1a63e16c30308a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgqet"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 533

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 101ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newlunarempire.shivtr.com&callback=_gfp_s_&client=ca-pub-2367108048287515

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367108048287515&plah=newlunarempire.shivtr.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0baf58317cc7690daeff2fcc3897ca4cfce51e7ca1af326d4908a42400b1cf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E3F 160 KB
27 KB 758ms
757ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1696879898&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fnewlunarempire.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696887097898&bpp=2&bdt=724&idt=132&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3814691330009&frm=20&pv=2&ga_vid=1721623663.1696887098&ga_sid=1696887098&ga_hid=32788671&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078657%2C44801485%2C44804782%2C44805099%2C31078297%2C44803791&oid=2&pvsid=204342366296387&tmod=947941484&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=150

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfb512c796268ac51ba5af3cb3e19bc97eba8acf9a340a1d64b38afee63e40a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newlunarempire.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 27142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 21:31:38 GMT
expires: Mon, 09 Oct 2023 21:31:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=status_bar_position&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9252 716 B
580 B 412ms
411ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=4229348686&adf=4046715466&pi=t.ma~as.2876344136&w=728&lmt=1696879898&format=728x90&url=https%3A%2F%2Fnewlunarempire.shivtr.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696887097900&bpp=1&bdt=725&idt=153&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3814691330009&frm=20&pv=1&ga_vid=1721623663.1696887098&ga_sid=1696887098&ga_hid=32788671&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31078657%2C44801485%2C44804782%2C44805099%2C31078297%2C44803791&oid=2&pvsid=204342366296387&tmod=947941484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=f8BpWA2lVf&p=https%3A//newlunarempire.shivtr.com&dtd=158

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc27be12e2e54e9a660420bf0f45962a02622d120c13adf38979017fe037c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newlunarempire.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 21:31:38 GMT
expires: Mon, 09 Oct 2023 21:31:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 153 KB
52 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40fce8aa6f424cad8d421e779262735505745b67df992dff274b8377fde73a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53324
x-xss-protection: 0
server: cafe
etag: 14621293040471702749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 21:31:38 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame F28C 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newlunarempire.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 17:47:02 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 17:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 00F1 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newlunarempire.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 17:47:02 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 17:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame AF17 89 KB
36 KB 163ms
43ms Script
application/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4672e11a0ddc1063a6a119cac90b54f9820fc93de2ddae2baba935805c522a13

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 21:31:39 GMT
content-encoding: br
last-modified: Thu, 05 Oct 2023 15:35:10 GMT
vary: Accept-Encoding
x-azure-ref: 20231009T213139Z-ra78cq0aht1mrbpye8pcvdq92800000001tg00000000vc58
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a128d770-d01e-00a2-62a1-f7fadc000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame AF17 80 KB
27 KB 137ms
36ms Script
application/x-javascript 23.212.88.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.88.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-88-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Tue, 08 Oct 2024 21:31:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame AF17 3 KB
1 KB 79ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 11:52:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame AF17 20 KB
9 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF17 187 KB
59 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 21:31:38 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame AF17
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0157f616-807a-4bf4-849a-caa496431ec6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=980361cc-e118-4053...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=30ce338408404fc4a5175feb0ae5d534&SNR=1&GV=2&med=10

0
547 B

90ms
90ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=30ce338408404fc4a5175feb0ae5d534&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C46B6EF68E84BACBA35D19FD6B2775E Ref B: FRAEDGE1209 Ref C: 2023-10-09T21:31:39Z
x-cdn-traceid: 0.92a12417.1696887099.7503183b
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 09 Oct 2023 21:31:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3004DD830FD8430287B9738162D500AF Ref B: MIL30EDGE1009 Ref C: 2023-10-09T21:31:39Z
x-cdn-traceid: 0.92a12417.1696887099.7503170a
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=30ce338408404fc4a5175feb0ae5d534&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 6559 89 KB
36 KB 148ms
43ms Script
application/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4672e11a0ddc1063a6a119cac90b54f9820fc93de2ddae2baba935805c522a13

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 09 Oct 2023 21:31:39 GMT
content-encoding: br
last-modified: Thu, 05 Oct 2023 15:35:10 GMT
vary: Accept-Encoding
x-azure-ref: 20231009T213139Z-ra78cq0aht1mrbpye8pcvdq92800000001tg00000000vc59
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a128d770-d01e-00a2-62a1-f7fadc000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 6559 80 KB
27 KB 124ms
34ms Script
application/x-javascript 23.212.88.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.212.88.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-88-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Tue, 08 Oct 2024 21:31:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6559 3 KB
1 KB 65ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 11:52:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6559 20 KB
8 KB 60ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6559 187 KB
59 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: newlunarempire.shivtr.com
URL: https://newlunarempire.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 21:31:38 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 6559
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=88109253-d454-495e-8972-ae11262faa23&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=bce11f05-4c3d-4ca3-838...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(19-0)?&RG=b7e3574bb4eb4f0fbd0b8b760a8779af&SNR=1&GV=2&med=10

0
546 B

72ms
72ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(19-0)?&RG=b7e3574bb4eb4f0fbd0b8b760a8779af&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 634395611D394E8A931AC403BD31425A Ref B: FRA31EDGE0711 Ref C: 2023-10-09T21:31:39Z
x-cdn-traceid: 0.92a12417.1696887099.75031808
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 09 Oct 2023 21:31:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8327FDC691FB4A659D5380EC522CBA86 Ref B: MIL30EDGE0909 Ref C: 2023-10-09T21:31:39Z
x-cdn-traceid: 0.92a12417.1696887099.7503170b
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(19-0)?&RG=b7e3574bb4eb4f0fbd0b8b760a8779af&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 156
expires: 0

GET
H2 200 th
www.bing.com/ Frame AF17 10 KB
11 KB 43ms
42ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.9964436582786_1Q0NSWZEUH1USW4K10&pid=21.2&c=3&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d4be90176dd5771bc94e789da15c465774ae994f64edfa9d2f4322304960f1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:39 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1696887099.750317fe
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10365
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame AF17 0
532 B 124ms
41ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QKGBOgGAgAAAwDWAAUBCLrikakGELTm8NPJkceQBhgAKjYJwTWd_i3nmj8R52lqdJAYmj8ZAAAAYLgeAUAh5w0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4tvMFgAEBigEDVVNEkgUG8FWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUt8FiAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AONzSTgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAXaWIgFAZgFAKAFhLGHsOL42r4JwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXg5kP6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe28wXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB9GiBIoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=53d117b56a32c3bb4925f1681cdd6c51d82aa58c&bdref=https%3A%2F%2Fnewlunarempire.shivtr.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fnewlunarempire.shivtr.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-2367108048287515%26fa%3D3%26ifi%3D3%26uci%3Da!3%26xpc%3Dm0XnM77og2%26p%3Dhttps%253A%2F%2Fnewlunarempire.shivtr.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
an-x-request-uuid: 0b43b05d-8b50-4902-955d-bd19330d5021
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 6559 11 KB
11 KB 42ms
42ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215800067677_1QBYPJW0SHP0PP54I9&pid=21.2&c=16&roil=0.2383&roit=0&roir=0.7617&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f815e5e92153e794e82eda51ea321105c82806b9f9772af9be8ca82c8ec388f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:39 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1696887099.75031804
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 11273
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 6559 0
533 B 110ms
34ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QKGBOgGAgAAAwDWAAUBCLrikakGEOrSvqfx4OWdQhgAKjYJTSN2TYqKwD8Rr9-TCIELwD8ZAAAAYLgeAUAhrw0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4vvIFgAEBigEDVVNEkgUG8FWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUt8FiAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AONzSTgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAXaWIgFAZgFAKAF9KrovsmBx4g-wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWw7zP6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe-8gXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB9GiBIoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=666b0a656c58493e3cff31c93565671740eea217&bdref=https%3A%2F%2Fnewlunarempire.shivtr.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fnewlunarempire.shivtr.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-2367108048287515%26fa%3D4%26ifi%3D4%26uci%3Da!4%26xpc%3DfxvhmamDgy%26p%3Dhttps%253A%2F%2Fnewlunarempire.shivtr.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
an-x-request-uuid: 6e7947d0-fb91-4c56-aecb-6a24467984e0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 6559 0
556 B 33ms
33ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QKwB-iwAwAAAwDWAAUBCLrikakGEOrSvqfx4OWdQhgAKjYJTSN2TYqKwD8Rr9-TCIELwD8ZAAAAYLgeAUAhrw0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4vvIFgAEBigEDVVNEkgUG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUtWIADAIgDAZADAJgDCaADAaoDpgMKxAJoDTfwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1iY2UxMWYwNS00YzNkLTRjYTMtODM4NS1mYjMzYWIyMjY2OTMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MwlYIHB1Ymxpc2hlcgE0IDYyNjQ1MzMwJgEOAGKObQC4cnR5cGU9bnVybCZ0YWdJZD03MjQwMTQ1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQBcX2ZwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRH0dwFQUklDRX0SBTEyMDg1GhM0NzcyNTc0Mjg2ODAwOTg4NTIyIgkzODE4NDY3MTQqBGJpbmc6MFUyVmhjbU5vUVdRak56STBPVGt4TURreE1EVXpOekVqTkRBeU1EQXpPRGc1TmpNPcAD2ATIAwDYA43NJOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfSq6L7JgceIPsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbDvM_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB77yBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=bbbded845fba083b83c62585a7435a38d18e97d9&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=1456219361260601998&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7240145&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
an-x-request-uuid: 0d3f9063-447a-4946-b3b3-a1e1258a1292
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6559 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69266b67d98773731b57bdc788c6966c39f0606f999f5cfe6edaeb24097367

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame AF17 0
556 B 33ms
33ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QK2B-i2AwAAAwDWAAUBCLrikakGELTm8NPJkceQBhgAKjYJwTWd_i3nmj8R52lqdJAYmj8ZAAAAYLgeAUAh5w0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4tvMFgAEBigEDVVNEkgUG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUtWIADAIgDAZADAJgDCaADAaoDrAMKwwJoDTfwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05ODAzNjFjYy1lMTE4LTQwNTMtOTA4MS1mMTRkM2MzODNlMDUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADmOcQC4cnR5cGU9bnVybCZ0YWdJZD03MjQwMTQ1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQDw0F9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEjQ0MTY2NTYyODY3MTg0OTI2OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREl3TlRFME1qWXlOell6TWpVak1qTXpNemcxTURnMk9USXdNell3TUE9PcAD2ATIAwDYA43NJOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERYdYiAUBmAUAoAWEsYew4vjavgnABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeDmQ_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7bzBdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=ffd6be3c710569a7b0355d750a5c8e55e019228a&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=1456219361260601998&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7240145&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
an-x-request-uuid: d02a4922-dbd2-4eb9-ade5-9c6bdf612d02
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 125ms
74ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4624e49d074519ae293268f802f293db212021c9753f8bc7712df0c70063e596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12078
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AF17 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68a3baf811d8cd77de7b3b8ec320933b8bc19cb592d3c32e66eebbf8f61f4171

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6559 0
23 B 69ms
69ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl9H4OnEkZcbdCZ7S_tMP9fma0ALS4Nfgbo-ktpOTCsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi0yMzY3MTA4MDQ4Mjg3NTE1yAEJqAMByAMCqgT-AU_QuBcMQxLqQv6IN275vklGb4lIhovIl2H40SCQVg9QQlvldZicbIViOJtKxqTnWpa3M7QbL0dGKjinugtrm25QD-2VdCggWKQ60S4sAV16Omm9LRWTYkPL-PCYO3vY-1G3ESEYx0AdxwVrPOhELiQi6In0BeNHRncOJT9ZUjYgRFuuSi7dUvusPwmgkCjpZEZlgl-L9XJaugxK4SdKt1EKVJIkpgNBCVa6xFa50YW_TEj3MNkoauxn3-b_3B1mbzmQQqaOdq2F7hFt3PifvnUtq_QSjFnetVkYXCuVnf_Chfdg4JL3oa0kXBZNHF4hReZqdMJLu8ZDiqIPEX8qgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIzNjcxMDgwNDgyODc1MTUYAA&sigh=P6EcRY9c88g&uach_m=[UACH]&cid=CAQSSwDICaaNHwV2GAMGbEaorGyHnM2K74Sx71lLBiX52HzJ-lVIoN82ySnEfEi13sT6xZsALg3sS5hENZObsVS360_XW61-vRtjthNynxgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Oct 2023 21:31:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:31:39 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 6559 0
533 B 36ms
36ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QKwB-iwAwAAAwDWAAUBCLrikakGEOrSvqfx4OWdQhgAKjYJTSN2TYqKwD8Rr9-TCIELwD8ZAAAAYLgeAUAhrw0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4vvIFgAEBigEDVVNEkgUG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUtWIADAIgDAZADAJgDCaADAaoDpgMKxAJoDTfwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1iY2UxMWYwNS00YzNkLTRjYTMtODM4NS1mYjMzYWIyMjY2OTMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MwlYIHB1Ymxpc2hlcgE0IDYyNjQ1MzMwJgEOAGKObQC4cnR5cGU9bnVybCZ0YWdJZD03MjQwMTQ1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQBcX2ZwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRH0dwFQUklDRX0SBTEyMDg1GhM0NzcyNTc0Mjg2ODAwOTg4NTIyIgkzODE4NDY3MTQqBGJpbmc6MFUyVmhjbU5vUVdRak56STBPVGt4TURreE1EVXpOekVqTkRBeU1EQXpPRGc1TmpNPcAD2ATIAwDYA43NJOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfSq6L7JgceIPsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbDvM_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB77yBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=bbbded845fba083b83c62585a7435a38d18e97d9&pp=ZSRxOgACbsYEf6keAAa89fzjgVYeoxK393pLXA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbAfUOnEkZcbdCZ7S_tMP9fma0ALS4Nfgbo-ktpOTCsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi0yMzY3MTA4MDQ4Mjg3NTE1yAEJqAMByAMCqgSBAk_QuBcMQxLqQv6IN275vklGb4lIhovIl2H40SCQVg9QQlvldZicbIViOJtKxqTnWpa3M7QbL0dGKjinugtrm25QD-2VdCggWKQ60S4sAV16Omm9LRWTYkPL-PCYO3vY-1G3ESEYx0AdxwVrPOhELiQi6In0BeNHRncOJT9ZUjYgRFuuSi7dUvusPwmgkCjpZEZlgl-L9XJaugxK4SdKt1EKVJIkpgNBCVa6xFa50YW_TEj3MNkoauxn3-b_3B1mbzmQQqaOdq2F7hFt3PifvnUtq_QSjFnetRsafblXOQWvEQ0UVQyuJRsgfxzJFXA5nETsLUb3O-xvkmKO8xK-I31MgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0xslBefY_5S6i9EqF-g82kkZ_Ysw%26client%3Dca-pub-2367108048287515%26adurl%3D&cbvp=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
an-x-request-uuid: 480f3fb9-4741-4fce-8174-d54796f9c8df
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF17 0
23 B 67ms
67ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CecxROnEkZcXdCZ7S_tMP9fma0ALS4Nfgbo-ktpOTCsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi0yMzY3MTA4MDQ4Mjg3NTE1yAEJqAMByAMCqgT-AU_QxNckaIQ0_ksyKx-4-_OPAdyRpvhg1-hSFlIA4mK8DVmFf2EJPG3TOtHcStb-Z9Li2paTAWJ-9xTzLDptVt13hvWGRraVNDC-_jFDNl8ylLzF3LmrhgHz6IJsdX5-G_r1X2lmqZN8qhhYxYd6FxJfhT82AazglkNsvIZh6Io-cBP_p9Cr-dAIVLsLFNdgsAPtBEH-bXWZo6lItG4Uv61QZ56MDLd9s9Fzt2Qp00rT7Q9F-jCBQl7Y7Li-i_f7HDJblEaID91LlIz9VBD44cPiEHnNekAASjiXXSNCQ_rCGsrWbdGftwmfXJnJikbgnsocD4m6PMsS1-na8d96gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIzNjcxMDgwNDgyODc1MTUYAA&sigh=hJsXxPlk8_k&uach_m=[UACH]&cid=CAQSSwDICaaNHwV2GAMGbEaorGyHnM2K74Sx71lLBiX52HzJ-lVIoN82ySnEfEi13sT6xZsALg3sS5hENZObsVS360_XW61-vRtjthNynxgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Oct 2023 21:31:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:31:39 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame AF17 0
532 B 35ms
34ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QK2B-i2AwAAAwDWAAUBCLrikakGELTm8NPJkceQBhgAKjYJwTWd_i3nmj8R52lqdJAYmj8ZAAAAYLgeAUAh5w0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4tvMFgAEBigEDVVNEkgUG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUtWIADAIgDAZADAJgDCaADAaoDrAMKwwJoDTfwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05ODAzNjFjYy1lMTE4LTQwNTMtOTA4MS1mMTRkM2MzODNlMDUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADmOcQC4cnR5cGU9bnVybCZ0YWdJZD03MjQwMTQ1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQDw0F9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEjQ0MTY2NTYyODY3MTg0OTI2OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREl3TlRFME1qWXlOell6TWpVak1qTXpNemcxTURnMk9USXdNell3TUE9PcAD2ATIAwDYA43NJOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERYdYiAUBmAUAoAWEsYew4vjavgnABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeDmQ_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7bzBdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=ffd6be3c710569a7b0355d750a5c8e55e019228a&pp=ZSRxOgACbsUEf6keAAa89V6GfieXRAo23n0DCA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKv58OnEkZcXdCZ7S_tMP9fma0ALS4Nfgbo-ktpOTCsCNtwEQASAAYJWKnoKwB4IBF2NhLXB1Yi0yMzY3MTA4MDQ4Mjg3NTE1yAEJqAMByAMCqgSBAk_QxNckaIQ0_ksyKx-4-_OPAdyRpvhg1-hSFlIA4mK8DVmFf2EJPG3TOtHcStb-Z9Li2paTAWJ-9xTzLDptVt13hvWGRraVNDC-_jFDNl8ylLzF3LmrhgHz6IJsdX5-G_r1X2lmqZN8qhhYxYd6FxJfhT82AazglkNsvIZh6Io-cBP_p9Cr-dAIVLsLFNdgsAPtBEH-bXWZo6lItG4Uv61QZ56MDLd9s9Fzt2Qp00rT7Q9F-jCBQl7Y7Li-i_f7HDJblEaID91LlIz9VBD44cPiEHnNekAASnqVfLGA5wCvjjCi2E_GM7-bf5NNg2j4R2iaVg0GvOE-zylbE7LuGHuWgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1lQQxskPIDRVFydRxnezs-jjvJFQ%26client%3Dca-pub-2367108048287515%26adurl%3D&cbvp=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:39 GMT
an-x-request-uuid: 36cad65d-2356-4a3e-83fb-63339c5a9d12
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 21:31:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 706B 13 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newlunarempire.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 19:23:36 GMT
expires: Tue, 08 Oct 2024 19:23:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A31F 829 B
1 KB 100ms
32ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

596b304df86d6b1dbcb530e71fb71b517eca7accc37bcfe5a4297796dc9ab264

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FR_pt1JsVDrkX8k21mNUKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newlunarempire.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FR_pt1JsVDrkX8k21mNUKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 21:31:39 GMT
expires: Mon, 09 Oct 2023 21:31:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 706B 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 19:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 19:23:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A31F 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=204342366296387&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 706B 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rX2UQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:31:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=204342366296387&bg=!8fKl8r3NAAbjlzx0w5c7ADQBe5WfOPrxt6gsWjfhdFfC3eIpu-czbPMFU4l6iRkShwMEDQA_nxD7PRiya5fmN-IXidY9AgAAAFBSAAAACGgBBwoAJMuuL_4_To50xrh1RDtyVNio_lCNkPC6Huc24iv6vSblZaCSwJkCzu4cFTuq3jQjG9ipIQ-NTXIll9MisU3EkgnGCcwKRIKNNWPy8cvCyrLKzAv9kAJibHOLWRupB-hREwb2iNVqMPeyZ9-6hHlYYMvH8j7fBnHPS0vWPELUJxD6f-i52Lu8HAINKEazAKpiaZs3axUkAcxiVwGw0i2t_tl839dwt5IZCurUroclhgv3MxD6djCAI7RffOzDJ7F4isrnuGLjci5o1mvZWbVDrx6rHjE3z4QOYvhQ3OwnTmoxPdBpMCmGCErj2Kui_dx-A4wuH5Y4YJM4zefFUZPLktilwRXyT289huKqpUdAutz3xjaTnzIInkRIO_diH2bs1lwtR1rm15DI1ocpbjVFwmfJBVjqSiHqbEfGPd92Wr346qS31ytK39EKVeKTCge6YE4dcZX_R6UL0WF1Oz2hvTNY-adZJ4vSZqvlqSy3PCpN1C5M5tYx_u3V2PqgbpaCdpqnS3ziIevxgkijpbMGXU20jOF_USJFMeOcXf_aOJPGHo0T11-Yz9aaQL7qKgTZy35W32MzECEtdJThC0KMvWdaAtxgVrRLZtBLozuJnSuDW2Ku1Hztbb-OD4gMZQDnUbiSNYc5zis3WrdiFWqmqAyK4gtZyDvTGOK3alj_mNZymA469qZMBSD7jK6tCojotIQABDd1U7nnTmNG2EHf7Tp2QqA9mKGP-2smm7FMVWnUbUqQo2GTaQHBOLSbpFTUdlKDY7NGFsFm8nr8CRm8TaJzcxjaY1YHK9Kil1grEXyqi6yKm1ABWk24I-csge6dfFur_C6LxBdbU0lG1c3vtPNr9C8-urB2FK4bgX0O_16EL9eieOrndgoWcDvKtMWl9K5UI5XR43gUkn_rRL1D-PoCtzDK5p6p6pSH2xIovbUHTdvPeM2WP0Znb5_d8vM0m4TihbHiEOKz02sa9C8_bdWVBicgCg8gZmhvse0mgIJvaQ9izhE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3

200

c.gif
www.bing.com/aes/ Frame 6559
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=88109253-d454-495e-8972-ae11262faa23&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=bce11f05-4c3d-4ca3-838...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=b7e3574bb4eb4f0fbd0b8b760a8779af&tids=1&med=10

0
18 B

76ms
76ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=b7e3574bb4eb4f0fbd0b8b760a8779af&tids=1&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09D2746F2AA745AFA4AF26BCF29804A1 Ref B: FRA31EDGE0708 Ref C: 2023-10-09T21:31:40Z
x-cdn-traceid: 0.92a12417.1696887100.750323a9
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 09 Oct 2023 21:31:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3380567A47214A4FBF6BC26B5E56352F Ref B: MIL30EDGE1409 Ref C: 2023-10-09T21:31:40Z
x-cdn-traceid: 0.92a12417.1696887100.750322be
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=b7e3574bb4eb4f0fbd0b8b760a8779af&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 6559 0
556 B 32ms
31ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QKwB-iwAwAAAwDWAAUBCLrikakGEOrSvqfx4OWdQhgAKjYJTSN2TYqKwD8Rr9-TCIELwD8ZAAAAYLgeAUAhrw0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4vvIFgAEBigEDVVNEkgUG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUtWIADAIgDAZADAJgDCaADAaoDpgMKxAJoDTfwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1iY2UxMWYwNS00YzNkLTRjYTMtODM4NS1mYjMzYWIyMjY2OTMmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MwlYIHB1Ymxpc2hlcgE0IDYyNjQ1MzMwJgEOAGKObQC4cnR5cGU9bnVybCZ0YWdJZD03MjQwMTQ1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQBcX2ZwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRH0dwFQUklDRX0SBTEyMDg1GhM0NzcyNTc0Mjg2ODAwOTg4NTIyIgkzODE4NDY3MTQqBGJpbmc6MFUyVmhjbU5vUVdRak56STBPVGt4TURreE1EVXpOekVqTkRBeU1EQXpPRGc1TmpNPcAD2ATIAwDYA43NJOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfSq6L7JgceIPsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbDvM_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwHIB77yBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=bbbded845fba083b83c62585a7435a38d18e97d9&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=1456219361260601998&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7240145&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:40 GMT
an-x-request-uuid: 7849b8be-de02-4c0b-8c67-7b247eb4c2ac
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6559 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDwydUf9TAcJsxb9t_3RZtMlcevMCEqyMsTO8qmbBjLqBGvj0fhtGoz0uqYkICqQY6hVO9qotWmIo6sgPqg2j3O_T2agx6oasqt9ue&sig=Cg0ArKJSzKZ_SHE4pabUEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696887098964&rpt=346&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame AF17 0
555 B 32ms
32ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnewlunarempire.shivtr.com&e=wqT_3QK2B-i2AwAAAwDWAAUBCLrikakGELTm8NPJkceQBhgAKjYJwTWd_i3nmj8R52lqdJAYmj8ZAAAAYLgeAUAh5w0SACkRJNAxAAAAoJmZqT8w0fO5Azi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4tvMFgAEBigEDVVNEkgUG8FWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDDEtc2hpdnRyLmNvbdgC8AbgAqKoMeoCIWh0dHBzOi8vbmV3bHVuYXJlbXBpcmUucxUtWIADAIgDAZADAJgDCaADAaoDrAMKwwJoDTfwhnd3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05ODAzNjFjYy1lMTE4LTQwNTMtOTA4MS1mMTRkM2MzODNlMDUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbhlcIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADmOcQC4cnR5cGU9bnVybCZ0YWdJZD03MjQwMTQ1JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQDw0F9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEjQ0MTY2NTYyODY3MTg0OTI2OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREl3TlRFME1qWXlOell6TWpVak1qTXpNemcxTURnMk9USXdNell3TUE9PcAD2ATIAwDYA43NJOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERYdYiAUBmAUAoAWEsYew4vjavgnABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeDmQ_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7bzBdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=ffd6be3c710569a7b0355d750a5c8e55e019228a&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=1456219361260601998&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7240145&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:40 GMT
an-x-request-uuid: 42d4ec96-da0c-4f1a-8513-3ed25a26ad02
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame AF17
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0157f616-807a-4bf4-849a-caa496431ec6&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=980361cc-e118-4053...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=30ce338408404fc4a5175feb0ae5d534&tids=15000&med=10

0
18 B

73ms
72ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=30ce338408404fc4a5175feb0ae5d534&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 874B6629968749779B4A0CEA47F66890 Ref B: FRAEDGE1313 Ref C: 2023-10-09T21:31:40Z
x-cdn-traceid: 0.92a12417.1696887100.750323b1
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 09 Oct 2023 21:31:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D9F557E346594A15A11E9B26ED907D03 Ref B: MIL30EDGE0922 Ref C: 2023-10-09T21:31:40Z
x-cdn-traceid: 0.92a12417.1696887100.750322c9
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=30ce338408404fc4a5175feb0ae5d534&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF17 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnWO4bzw21s89BC9LIXdigeUqKIjNMaoaOPyqN83jaoMpAXE7Uh26DdExxVIsZXDfA2RjfpnMFQKWZ2H0URGQkdeF2W-dUDKVr044b&sig=Cg0ArKJSzCQOq1kU6N7aEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696887098946&rpt=412&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 21:31:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK original.jpg
s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/19580/ 199 KB
200 KB 158ms
157ms Image
image/jpeg 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/19580/original.jpg?1422425463
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c32753a8f05b10c1a698c2f8c25ec2cfa8eca29273e334e05a20b88ca8a61cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:44 GMT
Last-Modified: Wed, 28 Jan 2015 06:11:05 GMT
Server: AmazonS3
x-amz-request-id: SF4GSDTNVQDGQRJ1
ETag: "897ffbea5e1ba3e995c1cc94e62db8f0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 204245
x-amz-id-2: Mnp4jvxASmLPZ+dFydi5Pq2FUx0bZ2YSVvbD/5xO9UraPZwCOnLt0NMZhSVCDs3QJZ9YxIxZyoQ=

GET
H/1.1 200
OK original.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/18245/ 37 KB
38 KB 138ms
138ms Image
image/png 54.231.165.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/18245/original.png?1415812027
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.165.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4d412eaf4d251ab6088f7ace89e26bccfa0941efb34c99988c11c57f939cd47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newlunarempire.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 21:31:44 GMT
Last-Modified: Wed, 12 Nov 2014 17:07:08 GMT
Server: AmazonS3
x-amz-request-id: SF4WMYB8PWSRYWV3
ETag: "c713b4f363b38a5b90d34a4e044fc350"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 38296
x-amz-id-2: LSRr57XnSLIC0SxG3bTs+gl8P8w6daLHrUlNdginmKSbInBWza0Xl5lVygnnS1ZFWFFdzz30vt8=

GET original.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/18245/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3.amazonaws.com
URL: https://s3.amazonaws.com/s3.mmoguildsites.com/s3/headline_photos/18245/original.png?1415812027

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newlunarempire.shivtr.com/	1969-12-31 23:59:59	Name: site_game_id Value: 95778
newlunarempire.shivtr.com/	1969-12-31 23:59:59	Name: _shivtr_bakery Value: ZeYL5JSrRpdXYOLlBJ2dkWcJzmQwcM7hgS7D%2FbeJhEitQ0RZjonmsbNNvZPIFsKCG4PdJpKtFjry0xOAACCppF%2BODTiEMMMwdU6nG1HvnroSllZtHo%2FarHBwLQsTKsuxTsqjf4QoVk21zcseZKOkSJw1PgDR85aoixk0Nn%2BN4J7w11wznVmJsowVk7KpT%2BxxDbXZ%2F41E6J6wc88UQ9QS9UyiBFH6EeMkdE9TJmEFeL9ExLVG22qXmfw%2FG5WaenIqoojEjvY5s4BqJCU64PgfnbKhbMj6rXRTEOmu09BfeaahbKK6cOA%3D--gcKk44NspH1nse5t--pQgC6QcLgSlE6r2i%2B%2FWdeg%3D%3D
.shivtr.com/	1970-01-21 00:43:03	Name: __gads Value: ID=c251775ae66e0ccb:T=1696887098:RT=1696887098:S=ALNI_MYBWDlA8XhhkMJtEbZ6pZnQn0QomQ
.shivtr.com/	1970-01-21 00:43:03	Name: __gpi Value: UID=00000c93463f25ee:T=1696887098:RT=1696887098:S=ALNI_MZfGxNbBqis8Fo4QdGJaeb5BOx1Fg
.bing.com/	1970-01-21 00:43:03	Name: MUID Value: 2BE99A5EA63365211D4C89FBA7EE64FC
.doubleclick.net/	1970-01-21 00:43:03	Name: IDE Value: AHWqTUl8Q96-zfqtIyH7xO-d3zWPHKmgr2IWT_m8VLAwqgbjcsnQT-e8bSMUIsd4FQc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
cdn.adnxs.com
googleads.g.doubleclick.net
newlunarempire.shivtr.com
pagead2.googlesyndication.com
partner.googleadservices.com
s3.amazonaws.com
static.shivtr.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googletagservices.com
s3.amazonaws.com
185.89.211.116
23.212.88.180
2620:1ec:46::60
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a02:26f0:3500:1b::1724:a392
45.33.21.148
54.231.165.200
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
056ebb8c52151318098474158a411d5f19004560d0ddf869e1a63e16c30308a4
0baf58317cc7690daeff2fcc3897ca4cfce51e7ca1af326d4908a42400b1cf0e
0ce98c7d1df287675bd07bd5c7c038b6617f5032512dab9127236f8d89efe381
0dc27be12e2e54e9a660420bf0f45962a02622d120c13adf38979017fe037c57
1157db6932951679e93ad7b95a8de7e549801afb45be9a6d558afc471e1db5b5
1c8d54efb1dd91bfd74e148f54cc338662146591367a506dacac6ef1bba3456e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a1bbd03003833a6dfbcc82556fe57bb353c3b7480bfdd133a055b315207a5cc
40fce8aa6f424cad8d421e779262735505745b67df992dff274b8377fde73a38
4624e49d074519ae293268f802f293db212021c9753f8bc7712df0c70063e596
4672e11a0ddc1063a6a119cac90b54f9820fc93de2ddae2baba935805c522a13
4cc6703982c299ef1a208d5b64cb71727d9eac9eaca0ceaa71c02bc4343c6057
4ec759854f7b57ebb68da05527336e74c238ffbbedf88e3361e56e4605146fa4
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
596b304df86d6b1dbcb530e71fb71b517eca7accc37bcfe5a4297796dc9ab264
5ad79605213fbb2464ad94fda6bc45556cdde8e74dc72fe91ff59a026b04f2f0
5d2f37890570b4bc3dc64ed6d34d9bfaece96a100b8d0d96fe8b27def52876a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88
67a4964a5ee673db3934ec39d186151c91cca2fd56fcfdd9efa4783421c67aea
68a3baf811d8cd77de7b3b8ec320933b8bc19cb592d3c32e66eebbf8f61f4171
691c2012d12087d49e28c1fc281dc84349193a407520ac1d61d2b59c324bffd3
6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc
6fd153eaaf560ad7a2d5e1e825c92269f95593af17cb16520f1f7c79346236d0
81bee46ad5755fdc899b74cdf522917f92ca2fc145587344eada6605e4bc7a34
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8b3467bd5cf332a608172ed1121bcc1084dba1cd883e2d7db099f48107060245
8f69266b67d98773731b57bdc788c6966c39f0606f999f5cfe6edaeb24097367
9425f4d4a4a11a07dde8a3f22d307119921d8e0679b4a16b788c4226f73c7c09
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
a65a6b6410d60b04406802f24ead9f08e81c3b4c14721069e21010451c04ae4c
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
c1e16a8e46f79e1e773492196dc24ea5850a50132a5d18e1c05d39fd529d3c1d
c32753a8f05b10c1a698c2f8c25ec2cfa8eca29273e334e05a20b88ca8a61cc4
cfb512c796268ac51ba5af3cb3e19bc97eba8acf9a340a1d64b38afee63e40a0
d4be90176dd5771bc94e789da15c465774ae994f64edfa9d2f4322304960f1c1
d68d427d01f596133ee2452cea879f1b4a918e085f100f7b8ae8523d8dc1838d
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d412eaf4d251ab6088f7ace89e26bccfa0941efb34c99988c11c57f939cd47
e89fa171093257613e9b8ede2760220900dce2ae2028435923b7343b0f506c55
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00dacc839e9fd2390ca09ce6424da8273c197de8d571d730e3a7ed73ac38bdb
f295898f1d51962ed958272ed398ce0c8b699fd543ff6ad4cd5b6f46fa85e299
f3a05a37b6eb87a82ee9549a766ad52bdb8d78cde6a2189be8e5f6316c37149f
f5801e3e01862c031d3b96c797e3d59c8c2f24c765fd20bc379af5c4266b4764
f815e5e92153e794e82eda51ea321105c82806b9f9772af9be8ca82c8ec388f1

newlunarempire.shivtr.com Open in urlscan Pro 45.33.21.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

94 %HTTPS

64 %IPv6

10 Domains

13 Subdomains

12 IPs

2 Countries

2359 kBTransfer

4140 kBSize

6 Cookies

9 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newlunarempire.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

94 %
HTTPS

64 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

2359 kB
Transfer

4140 kB
Size

6
Cookies

77 HTTP transactions
2 data transactions