dukeofdefinition.com Open in urlscan Pro
65.254.227.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dukeofdefinition.com/
Submission: On November 29 via api (November 29th 2023, 7:46:39 pm UTC) from US — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 79 HTTP transactions. The main IP is 65.254.227.224, located in United States and belongs to BIZLAND-SD, US. The main domain is dukeofdefinition.com.

This is the only time dukeofdefinition.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	65.254.227.224 65.254.227.224	29873 (BIZLAND-SD) (BIZLAND-SD)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	169.62.92.53 169.62.92.53	36351 (SOFTLAYER) (SOFTLAYER)
1 1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1 2	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
1 4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:440... 2606:4700:4400::ac40:961b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	2606:4700:440... 2606:4700:4400::6812:25e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2 2	44.215.133.91 44.215.133.91	14618 (AMAZON-AES) (AMAZON-AES)
1	52.46.131.85 52.46.131.85	16509 (AMAZON-02) (AMAZON-02)
2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
3	18.173.190.175 18.173.190.175	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::272	54113 (FASTLY) (FASTLY)
1	52.94.237.66 52.94.237.66	16509 (AMAZON-02) (AMAZON-02)
79	22

6 65.254.227.224 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 65-254-227-224.yourhostingaccount.com

dukeofdefinition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.62.92.53 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: wordsmith.org

wordsmith.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States) 1 redirects

ASN54113 (FASTLY, US)

dictionary.reference.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::645 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:961b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.teacherspayteachers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:4400::6812:25e5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.teacherspayteachers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.teacherspayteachers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ecdn.teacherspayteachers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.25 (United States) 2 redirects

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.215.133.91 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-133-91.compute-1.amazonaws.com

rcm.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.85 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.190.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-190-175.muc50.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.237.66 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	teacherspayteachers.com 2 redirects www.teacherspayteachers.com — Cisco Umbrella Rank: 13436 assets.teacherspayteachers.com — Cisco Umbrella Rank: 25654 ecdn.teacherspayteachers.com — Cisco Umbrella Rank: 12599	146 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	299 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	48 KB
6	dukeofdefinition.com dukeofdefinition.com	70 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 3113	9 KB
4	amazon-adsystem.com wms-na.amazon-adsystem.com — Cisco Umbrella Rank: 28951 fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 8787	6 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	amazon.com 2 redirects rcm.amazon.com — Cisco Umbrella Rank: 349872	820 B
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 15116 c.statcounter.com — Cisco Umbrella Rank: 9937	15 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	3 KB
2	paypal.com 2 redirects www.paypal.com — Cisco Umbrella Rank: 2811	1 KB
2	dictionary.com 1 redirects www.dictionary.com — Cisco Umbrella Rank: 17735	202 B
2	wordsmith.org 1 redirects wordsmith.org — Cisco Umbrella Rank: 497947	800 B
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 530	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	61 KB
1	assoc-amazon.com ws-na.assoc-amazon.com — Cisco Umbrella Rank: 31912	15 KB
1	reference.com 1 redirects dictionary.reference.com — Cisco Umbrella Rank: 448347	366 B
79	19

	Domain	Requested by
13	ecdn.teacherspayteachers.com	www.teacherspayteachers.com
13	pagead2.googlesyndication.com	dukeofdefinition.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	assets.teacherspayteachers.com	www.teacherspayteachers.com assets.teacherspayteachers.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	www.teacherspayteachers.com	2 redirects dukeofdefinition.com www.teacherspayteachers.com
6	dukeofdefinition.com	dukeofdefinition.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.google.com	1 redirects dukeofdefinition.com tpc.googlesyndication.com
3	wms-na.amazon-adsystem.com	ws-na.assoc-amazon.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	ad.doubleclick.net	googleads.g.doubleclick.net
2	rcm.amazon.com	2 redirects
2	www.paypalobjects.com	dukeofdefinition.com
2	www.paypal.com	2 redirects
2	www.dictionary.com	1 redirects dukeofdefinition.com
2	wordsmith.org	1 redirects dukeofdefinition.com
1	fls-na.amazon-adsystem.com	ws-na.assoc-amazon.com
1	m.media-amazon.com	ws-na.assoc-amazon.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	c.statcounter.com	www.statcounter.com
1	ws-na.assoc-amazon.com	dukeofdefinition.com
1	www.statcounter.com	dukeofdefinition.com
1	cse.google.com	dukeofdefinition.com
1	dictionary.reference.com	1 redirects
79	27

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-16` - `2024-01-21`	10 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
wms-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-21` - `2024-01-14`	10 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2023-09-08` - `2024-06-21`	9 months	crt.sh
fls-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
teacherspayteachers.com Cloudflare Inc ECC CA-3	`2023-03-08` - `2024-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://dukeofdefinition.com/
Frame ID: 54408F7BDD764FF729DF183D1F842409
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: CC156F3413B41EF30168B07E138D1802
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8997691075704205&output=html&h=600&slotname=1778737310&adk=3010025664&adf=3106593731&pi=t.ma~as.1778737310&w=160&lmt=1442803227&url=http%3A%2F%2Fdukeofdefinition.com%2F&ea=0&wgl=1&dt=1701287194382&bpp=162&bdt=75&idt=342&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=1101562185991&frm=20&pv=2&ga_vid=1390024918.1701287195&ga_sid=1701287195&ga_hid=1738743642&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=859&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071%2C318512602&oid=2&pvsid=3538219369129200&tmod=1987939634&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=354
Frame ID: C7E0B7A50681528DBF5400E6D564ECEE
Requests: 13 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Frame ID: 3B02B097E77679B768A3566D5ED99189
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8997691075704205&output=html&adk=1812271804&adf=3025194257&lmt=1442803227&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_r&format=0x0&url=http%3A%2F%2Fdukeofdefinition.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701287195325&bpp=1&bdt=1017&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1778737310&nras=1&correlator=1101562185991&frm=20&pv=1&ga_vid=1390024918.1701287195&ga_sid=1701287195&ga_hid=1738743642&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071%2C318512602&oid=2&pvsid=3538219369129200&tmod=1987939634&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8
Frame ID: CDAB39F0D5D7C143181CE6DB3310A114
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGIzg7PgBMAE&v=APEucNUwyL2jeCsOYTzGM-pyCff621N--O_dBlxt8EYx1FnHQZTGc0XDpEjqEuhL4IFDTo03YQEptv_OITHV-6TBbxjyvTQHVLApt5TvekByJ7WtFqBU2tgxaVJXe8cvKkyTmHiF1Fwq3wHMMAlAXolrOIcYtfyMG9Ht1xtUC2zgIJkntycFu3s
Frame ID: F62E6BCF731D8724A7D71262D93DCB3B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C0BD59FCD14B24A2195A1002D4566C07
Requests: 3 HTTP requests in this frame

Frame: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/
Frame ID: 47B0F03B7AF5C457CA7524EAC9D503B7
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FED230143B39A3E3910597C4DE055353
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 829AF5C85E606AEC3A5DC8EDB16FA317
Requests: 2 HTTP requests in this frame

Frame: https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: E95161B903229CDE2B2D1BF02082ACDA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

79
Requests

73 %
HTTPS

46 %
IPv6

19
Domains

27
Subdomains

22
IPs

3
Countries

740 kB
Transfer

1581 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://wordsmith.org/words/word2.js HTTP 301
https://wordsmith.org/words/word2.js

Request Chain 3

http://dictionary.reference.com/wordoftheday/wotd2.js HTTP 301
https://www.dictionary.com/wordoftheday/wotd2.js HTTP 301
https://www.dictionary.com/e/word-of-the-day/wotd2.js

Request Chain 8

http://www.google.com/cse/api/branding.css HTTP 301
https://cse.google.com/cse/api/branding.css

Request Chain 11

http://www.teacherspayteachers.com/widgets/get/7715 HTTP 301
https://www.teacherspayteachers.com/widgets/get/7715

Request Chain 12

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 13

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 19

http://rcm.amazon.com/e/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr HTTP 301
https://rcm.amazon.com/e/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr HTTP 302
https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJyEKQ4HsrmsL7pRcb5oyeE&google_cver=1

Request Chain 33

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWeVG7I6kl.M4gZXqN69jAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuGz8n2lZBFpEY8f4d5Beo&google_cver=1&google_hm=2

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAPjYViNVRdVSTp9XHAw6EI&google_cver=1

Request Chain 35

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA5OTg1OTkxMTk0MDMwMzc2NA%3D%3D

Request Chain 76

https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dukeofdefinition.com/ 19 KB
19 KB 894ms
125ms Document
text/html 65.254.227.224
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 65.254.227.224 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 65-254-227-224.yourhostingaccount.com
Software: Apache/2 /
Resource Hash: 16becd91b09687aaf14b4c062258c6143b4b2d457bc4eba5978a04f0f7a5ba55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 18978
Content-Type: text/html
Date: Wed, 29 Nov 2023 19:46:34 GMT
Etag: "4a22-52038cdd37cc0"
Expires: Wed, 29 Nov 2023 20:46:34 GMT
Last-Modified: Mon, 21 Sep 2015 02:40:27 GMT
Server: Apache/2

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 24 KB
11 KB 70ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31a848c25333d586c98555f634c8e8fa2f5ed2494b7217c5a14be1c86208b428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16776165120352916099
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10526
X-XSS-Protection: 0
Expires: Wed, 29 Nov 2023 19:46:34 GMT

GET
H/1.1 200
OK WETaward2.jpg
dukeofdefinition.com/ 5 KB
6 KB 96ms
96ms Image
image/jpeg 65.254.227.224
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dukeofdefinition.com/WETaward2.jpg
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 65.254.227.224 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 65-254-227-224.yourhostingaccount.com
Software: Apache/2 /
Resource Hash: 9053a221a539377a63df26b2b15fe5c4d8b6574b2441f9c812789884c0b0926d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Last-Modified: Sat, 10 Apr 2010 05:50:47 GMT
Server: Apache/2
Age: 0
Etag: "159b-483db7e4e9bc0"
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5531
Expires: Wed, 29 Nov 2023 23:46:34 GMT

GET
H/1.1

200
OK

word2.js Show response
wordsmith.org/words/
Redirect Chain

http://wordsmith.org/words/word2.js
https://wordsmith.org/words/word2.js

170 B
497 B

634ms
158ms

Script
application/javascript

169.62.92.53
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://wordsmith.org/words/word2.js
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 169.62.92.53 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: wordsmith.org
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash: 8258e5f71b91c328b82eee8b75e408307036e1edb1da0f88af674dcf38ea44c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:35 GMT
Last-Modified: Wed, 29 Nov 2023 05:01:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag: "aa-60b436bf8558b"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 170

Redirect headers

Location: https://wordsmith.org/words/word2.js
Date: Wed, 29 Nov 2023 19:46:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1

GET
H2

404

wotd2.js
www.dictionary.com/e/word-of-the-day/
Redirect Chain

http://dictionary.reference.com/wordoftheday/wotd2.js
https://www.dictionary.com/wordoftheday/wotd2.js
https://www.dictionary.com/e/word-of-the-day/wotd2.js

0
0

98ms
98ms

Script
text/html

2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dictionary.com/e/word-of-the-day/wotd2.js
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: H2
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

x-served-by: cache-fra-eddf8230061-FRA
date: Wed, 29 Nov 2023 19:46:34 GMT
via: 1.1 varnish
content-security-policy: upgrade-insecure-requests
server: Varnish
x-cache: MISS
location: https://www.dictionary.com/e/word-of-the-day/wotd2.js
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK get_adobe_reader.gif
dukeofdefinition.com/ 2 KB
2 KB 190ms
100ms Image
image/gif 65.254.227.224
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dukeofdefinition.com/get_adobe_reader.gif
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 65.254.227.224 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 65-254-227-224.yourhostingaccount.com
Software: Apache/2 /
Resource Hash: 3abd0e6851a91b25291f6d9925f833eefce57d594bb31b3c3b7a54feec6b2e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Last-Modified: Sat, 10 Apr 2010 05:28:13 GMT
Server: Apache/2
Age: 0
Etag: "7a1-483db2d9a3540"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1953
Expires: Wed, 29 Nov 2023 23:46:34 GMT

GET
H/1.1 200
OK Index_home_r1_c1.gif
dukeofdefinition.com/ 150 B
466 B 188ms
98ms Image
image/gif 65.254.227.224
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dukeofdefinition.com/Index_home_r1_c1.gif
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 65.254.227.224 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 65-254-227-224.yourhostingaccount.com
Software: Apache/2 /
Resource Hash: 3f7893cc5573695ff62616ca127171b287dc98c5b55190b77c271cb5f79e987d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Last-Modified: Sat, 17 Mar 2012 13:05:40 GMT
Server: Apache/2
Age: 0
Etag: "96-4bb6ffb605100"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 150
Expires: Wed, 29 Nov 2023 23:46:34 GMT

GET
H/1.1 200
OK Index_home_r2_c1.gif
dukeofdefinition.com/ 17 KB
18 KB 478ms
395ms Image
image/gif 65.254.227.224
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dukeofdefinition.com/Index_home_r2_c1.gif
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 65.254.227.224 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 65-254-227-224.yourhostingaccount.com
Software: Apache/2 /
Resource Hash: b1f480de4c66ee4f7c694222c89c39b8e6a2907060f8b8a1f5062e08ef8afa58

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Last-Modified: Sat, 17 Mar 2012 13:05:40 GMT
Server: Apache/2
Age: 0
Etag: "45a8-4bb6ffb605100"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17832
Expires: Wed, 29 Nov 2023 23:46:34 GMT

GET
H/1.1 200
OK Index_home_r3_c1.gif
dukeofdefinition.com/ 25 KB
25 KB 186ms
100ms Image
image/gif 65.254.227.224
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dukeofdefinition.com/Index_home_r3_c1.gif
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 65.254.227.224 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 65-254-227-224.yourhostingaccount.com
Software: Apache/2 /
Resource Hash: 92a80f8a7e8a512e662b4c27d9405d107e75928c0766c006d3fbf5773e4b2985

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Last-Modified: Sat, 17 Mar 2012 13:05:40 GMT
Server: Apache/2
Age: 0
Etag: "64b5-4bb6ffb605100"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25781
Expires: Wed, 29 Nov 2023 23:46:34 GMT

GET
H2

200

branding.css
cse.google.com/cse/api/
Redirect Chain

http://www.google.com/cse/api/branding.css
https://cse.google.com/cse/api/branding.css

1 KB
600 B

79ms
14ms

Stylesheet
text/css

2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/api/branding.css

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Nov 2007 23:34:50 GMT
server: pfe
age: 327
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 322
x-xss-protection: 0
expires: Wed, 29 Nov 2023 20:11:07 GMT

Redirect headers

Date: Wed, 29 Nov 2023 19:27:27 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1147
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/api/branding.css
Cache-Control: public, max-age=1800
Content-Length: 240
X-XSS-Protection: 0
Expires: Wed, 29 Nov 2023 19:57:27 GMT

GET
H/1.1 200
OK poweredby_FFFFFF.gif
www.google.com/images/poweredby_transparent/ 488 B
1 KB 55ms
31ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 488
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Wed, 29 Nov 2023 19:46:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 123ms
90ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a16a0ad6c70096273857c96109e9c9b25c5cda8463cbf5f2d7f886419ece8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52640
x-xss-protection: 0
server: cafe
etag: 18271510550627623744
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:46:34 GMT

GET
H2

200

7715 Show response
www.teacherspayteachers.com/widgets/get/
Redirect Chain

http://www.teacherspayteachers.com/widgets/get/7715
https://www.teacherspayteachers.com/widgets/get/7715

2 KB
2 KB

504ms
487ms

Script
text/html

2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.teacherspayteachers.com/widgets/get/7715

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc150a332d87b163332c3059687b66f2a3ecf7fb9c7f827cab75d72e9797c264

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-request-trace-id: 6567951a-1614-460f-a95b-4307102191d0
cf-cache-status: DYNAMIC
last-modified: Wed, 29 Nov 2023 19:46:34 GMT
server: cloudflare
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 82dd5b858980718b-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://www.teacherspayteachers.com/widgets/get/7715
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 82dd5b852b67bbfd-FRA
Expires: Wed, 29 Nov 2023 20:46:34 GMT

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

3 KB
3 KB

9ms
8ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF2) /

Resource Hash

33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: f42b14747710f
dc: ccg11-origin-www-1.paypal.com
content-length: 3099
last-modified: Thu, 27 May 2021 14:20:07 GMT
server: ECAcc (frc/4CF2)
traceparent: 00-0000000000000000000f42b14747710f-8b4868ec1f4b8f85-01
etag: "60afaa97-c1b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 29 Nov 2023 20:46:34 GMT

Redirect headers

date: Wed, 29 Nov 2023 19:46:34 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Full
server: ECAcc (frc/4CBD)
traceparent: 00-0000000000000000000001736a192080-f61f8ea86a6b405e-01
vary: Accept-Encoding
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
paypal-debug-id: 001736a192080
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: *
content-length: 20

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
185 B

8ms
7ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 44dbe3fea9359
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
traceparent: 00-000000000000000000044dbe3fea9359-d84c23b7606d6317-01
etag: "5d5637be-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 29 Nov 2023 20:46:34 GMT

Redirect headers

date: Wed, 29 Nov 2023 19:46:34 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Full
server: ECAcc (frc/4D06)
traceparent: 00-00000000000000000000279791146699-5040cde17aadb3f6-01
vary: Accept-Encoding
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
paypal-debug-id: 0279791146699
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: *
content-length: 20

GET
H/1.1 200
OK show_afs_search.js Show response
www.google.com/afsonline/ 12 KB
5 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/afsonline/show_afs_search.js

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73717e7ee80ff735ed689551193fb236b2fba5b7712539fa8cf42768ba2c8e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 4908
X-XSS-Protection: 0
Last-Modified: Mon, 06 Nov 2023 15:00:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=0
Accept-Ranges: bytes
Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-afs-ui"
Expires: Wed, 29 Nov 2023 19:46:34 GMT

GET
H/1.1 200
OK counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 41ms
20ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.statcounter.com/counter/counter.js
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:34 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
User-Cache-Control: max-age=43200
Age: 22228
Transfer-Encoding: chunked
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection: keep-alive
Last-Modified: Wed, 29 Nov 2023 13:03:49 GMT
Server: cloudflare
ETag: W/"a1eb-60b4a2a8ccaa5"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
CF-RAY: 82dd5b854d741907-FRA
Expires: Thu, 30 Nov 2023 01:36:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=pub-8997691075704205&plah=dukeofdefinition.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

176be7cab40b796a9ec4294b316cf83606d3598aceb4fa367f04d66b1b77e0e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137281
x-xss-protection: 0
server: cafe
etag: 5902946366320555806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:46:34 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame CC15 9 KB
4 KB 49ms
13ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dukeofdefinition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 13:04:55 GMT
etag: 16674218716276178799
expires: Wed, 13 Dec 2023 13:04:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7E0 90 KB
42 KB 746ms
745ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8997691075704205&output=html&h=600&slotname=1778737310&adk=3010025664&adf=3106593731&pi=t.ma~as.1778737310&w=160&lmt=1442803227&url=http%3A%2F%2Fdukeofdefinition.com%2F&ea=0&wgl=1&dt=1701287194382&bpp=162&bdt=75&idt=342&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=1101562185991&frm=20&pv=2&ga_vid=1390024918.1701287195&ga_sid=1701287195&ga_hid=1738743642&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=859&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071%2C318512602&oid=2&pvsid=3538219369129200&tmod=1987939634&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=pub-8997691075704205&plah=dukeofdefinition.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0913a831e286f04562515c4cce399dd5db50701f8e98821d9e4e1493ed18b13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dukeofdefinition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42944
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 19:46:35 GMT
expires: Wed, 29 Nov 2023 19:46:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
200

cm Show response
ws-na.assoc-amazon.com/widgets/ Frame 3B02
Redirect Chain

http://rcm.amazon.com/e/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
https://rcm.amazon.com/e/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr

14 KB
15 KB

319ms
98ms

Document
text/html

52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Requested by: Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: f5670c207bd565acd0c517ed03c81dad66e3547e3a278cb7ae6420ab01e2c009

Request headers

Referer: http://dukeofdefinition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Length: 14558
Content-Type: text/html;charset=UTF-8
Date: Wed, 29 Nov 2023 19:46:36 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 29 Nov 2023 19:46:35 GMT
Location: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: GHJMGAGS9BEW5NBD4K5W

GET
H2 200 t.php Show response
c.statcounter.com/ 193 B
525 B 167ms
138ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=416438&u1=AFA22F8100E74F16040AA6137D5D8568&java=1&security=&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//dukeofdefinition.com/&t=Duke%20of%20Definition%3A%20English%20on%20the%20Web&invisible=1&sc_rum_e_s=1893&sc_rum_e_e=1905&sc_rum_f_s=0&sc_rum_f_e=1050&get_config=true
Requested by: Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d84577bee5732cc6f21a9a94779ce7012441030172b58851e5e1750b28aa0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: http://dukeofdefinition.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 82dd5b8aeb6f18da-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDAB 0
19 B 25ms
25ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8997691075704205&output=html&adk=1812271804&adf=3025194257&lmt=1442803227&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_r&format=0x0&url=http%3A%2F%2Fdukeofdefinition.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701287195325&bpp=1&bdt=1017&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1778737310&nras=1&correlator=1101562185991&frm=20&pv=1&ga_vid=1390024918.1701287195&ga_sid=1701287195&ga_hid=1738743642&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071%2C318512602&oid=2&pvsid=3538219369129200&tmod=1987939634&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dukeofdefinition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 19:46:35 GMT
expires: Wed, 29 Nov 2023 19:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C7E0 42 B
63 B 155ms
155ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BKVdKaYSfL7Xa8SK3nRIJ_IhdWrIlk2IW3J7Gq2ttgfwwXrMwlL50yfuDAsVksHyg_xji3lvH1EscaBveF0LEYNLjWWznmTnAgp6MrRgEjBmJXBy4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8997691075704205&output=html&h=600&slotname=1778737310&adk=3010025664&adf=3106593731&pi=t.ma~as.1778737310&w=160&lmt=1442803227&url=http%3A%2F%2Fdukeofdefinition.com%2F&ea=0&wgl=1&dt=1701287194382&bpp=162&bdt=75&idt=342&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=1101562185991&frm=20&pv=2&ga_vid=1390024918.1701287195&ga_sid=1701287195&ga_hid=1738743642&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=859&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071%2C318512602&oid=2&pvsid=3538219369129200&tmod=1987939634&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F62E 624 B
246 B 55ms
54ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGIzg7PgBMAE&v=APEucNUwyL2jeCsOYTzGM-pyCff621N--O_dBlxt8EYx1FnHQZTGc0XDpEjqEuhL4IFDTo03YQEptv_OITHV-6TBbxjyvTQHVLApt5TvekByJ7WtFqBU2tgxaVJXe8cvKkyTmHiF1Fwq3wHMMAlAXolrOIcYtfyMG9Ht1xtUC2zgIJkntycFu3s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8997691075704205&output=html&h=600&slotname=1778737310&adk=3010025664&adf=3106593731&pi=t.ma~as.1778737310&w=160&lmt=1442803227&url=http%3A%2F%2Fdukeofdefinition.com%2F&ea=0&wgl=1&dt=1701287194382&bpp=162&bdt=75&idt=342&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=1101562185991&frm=20&pv=2&ga_vid=1390024918.1701287195&ga_sid=1701287195&ga_hid=1738743642&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=859&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44807764%2C44808148%2C44808284%2C44809071%2C318512602&oid=2&pvsid=3538219369129200&tmod=1987939634&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=354
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 19:46:35 GMT
expires: Wed, 29 Nov 2023 19:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C7E0 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:58:47 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C7E0 7 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 14:44:44 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C7E0 0
0 107ms
62ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsumKnUQ1as7R7KdYFpHavKRq2FXWa5plCAADvtcxZuUUhtnshREne_EF-7bH3HAF2QB0MhUzKp1k54vjrbjJI1ROiPfsc70mGUe5wbPljNugOm8RA4XHe_Qox3Q26zAKBSdoCgUTuYuMjNEAgv-1_yZjNsbDkML4CWGms9XYwUus1ZrWp3CDsbB8k_lYU2QBg5YZ8uCDFzllXuwpflQOFjgVYi0XyWJ5mRhTMKrknEY7nOecMqrdfWv2yIxYarFrK9PNZ7n87q8v3VTFm3xEOHNIhzCaXI8onh48GQrbDPLUB32T2aQkT3wiPPpf7efxPMnuzqdwhWvaMGu1aAwH5yCxxBPJveqLQkRrVhHuPwby90d_9bU6dqiSkgO5leIqSKyjI3jJRug95OWQGGOlxLOuAKKMb2sc3_PS0xZhhINiwo8hEiXpNJwDnVjAVgnl4sre8gVRK5Z8XzuKBRFGkio4J8ptGt4nW0zExMqrYaHu-t6g-6TR0ppwBuYUR_jBeLox7wpuC09JEUU-fhdzzISJb-cddzj2ugu9VMr_ift5bSIoyU4vJGyJlkOYZk6i7Je94V_SNNcqhm62Bm3V1heYdEcQF19tOppYuyqHNImg8HZtDLL09iFkRyyGVfWXyUuR-_U1eAeGtCkp-YDxqxf24MFM7_s63UhNtn79r1KZZmsARhXLMO-lkyF8PqQM1DVUUReT7VRmNAfbDehN5MHaELWLhPrdL4ueHOd4xDBp36XPp8GpG_DaUoDpL0O_qeEmCOPgyxh8Gj2hxXsfMIQDwJwIb-wwMP0mbp53od0PhZHZ66xHnAScb9gbuLeI-NENXivUs7NTU8jieon-9HsAVVE2Ma3PSJz7zn9IdpXD0qEHPUaKNaKyOrut98Mio2p7G_jNh4xGZgzRxSKWbur5fcDqc8xvdIgirYv72bEybL-84UEByxyl2o7XfSBCwy-qN6Kr7WH_Sdu8QfOwDYlMMK_cr-tgwWLeEowx9nVDzKINoxsglCo9v4nxWAo16mknhIZwfxax-nfFyWYqA1NDzLwBV56cNOOYGtXXfFHffTiX52YeBs8TTzDZuECO4TaGBrjHfiEg_Z4OVkMiiIi6ZcaFmeOIMZoxRQ7_CWHtQMzEkFvWFMMiAEL61wmHe6cncVorzwr7t1gSegtEMYIp3Ac5Wxtq2apmTRw9nITXURXuXad5q5X9lK0TeJa4dHBmJyDp6_mpGEhPlY7diIBiIGyJBAobN-hnMV2B8AS1jCr0ZuhNvPnva1pH3uELSYdr1BTgE0y5MuQQrgLuYyB7eTeLhYDmwS9vo_WjnO5dBi831TpiGOfM7qbKuozHw5-W5z4Ych3pWpIHg&sai=AMfl-YSBlYArSIVhyWxB-iNKu1CZzt9eFXe2D3fKPkYIyvvwGtmFZuJGpCo1qZLSbKcPPRna0IejTTtCE3EzJ10O0KpVYW8fJS7Ha9q6XdxS2LXjrCfBNlSm4uWyxBVcTWbSkEHOKKBpCZoSaFVrH_udSwwZ8JI4lPCpu-GQSjF3Sigis8SN3dXrSBINahPNkkIFPztkVjnKTtRIuYBknB34gRXXqMjCsh6ccYLUrvsSL40HdnaMFQFvc75fxxiNQAwGb62Ztv5_oArmiGpjJiFFsTtH2O0l2EqVBuprbdhVAJe2nINZ7DhSMjs6I4LAgRQD9Mbz8zymIVuEQndW3l6Bb86EDuD4Jp6yPakF1IkkKD18GQgDPKUCcJRiJwAKZz6TkYSHraeA_OLMU4kuTAkP6stdEGEdkHaaeSmoDoaB6Ebw8iDZToaqyIW_mXFW_7RWRLm_FH4JH4xyp8ax9Tg0wQqDwgmLICYXlbVGPQxsrMN116Tq0wuVHH-iUfUqgnigUky5e91iI-FIMw&sig=Cg0ArKJSzNDQb98KQy2PEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.72486&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 19:46:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:46:35 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C7E0 41 KB
14 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 438087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:05:08 GMT

GET
H2 200 11791220263914748300
s0.2mdn.net/simgad/ Frame C7E0 60 KB
61 KB 91ms
23ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11791220263914748300?sqp=uqWu0g0ICNgEEKABQGQ&rs=AOga4qlj4TeH3fmzz9PrZeNhoCVBmJ6Fuw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111c11d1e828920316a7b65368c7d3c9f22312a740b4e22a3731f1d8cc35f8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:02:46 GMT
x-content-type-options: nosniff
age: 589429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61572
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 00:02:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C7E0 3 KB
1 KB 59ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C7E0 20 KB
9 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7E0 202 KB
64 KB 96ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:46:35 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F62E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJyEKQ4HsrmsL7pRcb5oyeE&google_cver=1

43 B
772 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJyEKQ4HsrmsL7pRcb5oyeE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGIzg7PgBMAE&v=APEucNUwyL2jeCsOYTzGM-pyCff621N--O_dBlxt8EYx1FnHQZTGc0XDpEjqEuhL4IFDTo03YQEptv_OITHV-6TBbxjyvTQHVLApt5TvekByJ7WtFqBU2tgxaVJXe8cvKkyTmHiF1Fwq3wHMMAlAXolrOIcYtfyMG9Ht1xtUC2zgIJkntycFu3s
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EkDNwNxp06CqiL%2B7ITMw3aL0GKTkY6DNHpl47nnhBH6UjO1wYWzAgffWZcb6xhN7V7wrlf9PtVW%2BkYDaGpgwhj%2F5dNCWLbOiov3Cczdp98Z28C5KbM5ThehUGnkFrrktKVSc%2FuAfSCVhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dd5b8cc9c09bcb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJyEKQ4HsrmsL7pRcb5oyeE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F62E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWeVG7I6kl.M4gZXqN69jAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuGz8n2lZBFpEY8f4d5Beo&google_cver=1&google_hm=2

43 B
738 B

29ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuGz8n2lZBFpEY8f4d5Beo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGIzg7PgBMAE&v=APEucNUwyL2jeCsOYTzGM-pyCff621N--O_dBlxt8EYx1FnHQZTGc0XDpEjqEuhL4IFDTo03YQEptv_OITHV-6TBbxjyvTQHVLApt5TvekByJ7WtFqBU2tgxaVJXe8cvKkyTmHiF1Fwq3wHMMAlAXolrOIcYtfyMG9Ht1xtUC2zgIJkntycFu3s
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTCBOxUg9RIQVo83xOcA08gxidXpECO4NXwCMUsM2Do1ZhpVkISmii1MbdNRTOYrb6BYQXNiFjlA21SGgyhTLtPv4E%2BvxV%2FEwjLW2a5hfd7V%2B3PMnNnbMtfx7BOST7qIM%2Bh3j%2BtbSqLALw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dd5b8cea079bcb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGuGz8n2lZBFpEY8f4d5Beo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F62E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAPjYViNVRdVSTp9XHAw6EI&google_cver=1

43 B
843 B

25ms
25ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAPjYViNVRdVSTp9XHAw6EI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGIzg7PgBMAE&v=APEucNUwyL2jeCsOYTzGM-pyCff621N--O_dBlxt8EYx1FnHQZTGc0XDpEjqEuhL4IFDTo03YQEptv_OITHV-6TBbxjyvTQHVLApt5TvekByJ7WtFqBU2tgxaVJXe8cvKkyTmHiF1Fwq3wHMMAlAXolrOIcYtfyMG9Ht1xtUC2zgIJkntycFu3s

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
an-x-request-uuid: 1cc15c33-faf2-48bf-b599-670e4fd68ca1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.142; 178.162.209.142; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAPjYViNVRdVSTp9XHAw6EI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F62E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA5OTg1OTkxMTk0MDMwMzc2NA%3D%3D

170 B
244 B

24ms
23ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA5OTg1OTkxMTk0MDMwMzc2NA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
an-x-request-uuid: f6e5eca3-243d-4f7c-8118-c7336d5590c1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA5OTg1OTkxMTk0MDMwMzc2NA%3D%3D
x-proxy-origin: 178.162.209.142; 178.162.209.142; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C7E0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bde57a2e4244847cb83f00ea34696e7abae8533fb2b375a6a29518c8aa021642

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C0BD 38 KB
13 KB 14ms
13ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 318475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C0BD 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 15:18:01 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C7E0 0
0 53ms
52ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsumKnUQ1as7R7KdYFpHavKRq2FXWa5plCAADvtcxZuUUhtnshREne_EF-7bH3HAF2QB0MhUzKp1k54vjrbjJI1ROiPfsc70mGUe5wbPljNugOm8RA4XHe_Qox3Q26zAKBSdoCgUTuYuMjNEAgv-1_yZjNsbDkML4CWGms9XYwUus1ZrWp3CDsbB8k_lYU2QBg5YZ8uCDFzllXuwpflQOFjgVYi0XyWJ5mRhTMKrknEY7nOecMqrdfWv2yIxYarFrK9PNZ7n87q8v3VTFm3xEOHNIhzCaXI8onh48GQrbDPLUB32T2aQkT3wiPPpf7efxPMnuzqdwhWvaMGu1aAwH5yCxxBPJveqLQkRrVhHuPwby90d_9bU6dqiSkgO5leIqSKyjI3jJRug95OWQGGOlxLOuAKKMb2sc3_PS0xZhhINiwo8hEiXpNJwDnVjAVgnl4sre8gVRK5Z8XzuKBRFGkio4J8ptGt4nW0zExMqrYaHu-t6g-6TR0ppwBuYUR_jBeLox7wpuC09JEUU-fhdzzISJb-cddzj2ugu9VMr_ift5bSIoyU4vJGyJlkOYZk6i7Je94V_SNNcqhm62Bm3V1heYdEcQF19tOppYuyqHNImg8HZtDLL09iFkRyyGVfWXyUuR-_U1eAeGtCkp-YDxqxf24MFM7_s63UhNtn79r1KZZmsARhXLMO-lkyF8PqQM1DVUUReT7VRmNAfbDehN5MHaELWLhPrdL4ueHOd4xDBp36XPp8GpG_DaUoDpL0O_qeEmCOPgyxh8Gj2hxXsfMIQDwJwIb-wwMP0mbp53od0PhZHZ66xHnAScb9gbuLeI-NENXivUs7NTU8jieon-9HsAVVE2Ma3PSJz7zn9IdpXD0qEHPUaKNaKyOrut98Mio2p7G_jNh4xGZgzRxSKWbur5fcDqc8xvdIgirYv72bEybL-84UEByxyl2o7XfSBCwy-qN6Kr7WH_Sdu8QfOwDYlMMK_cr-tgwWLeEowx9nVDzKINoxsglCo9v4nxWAo16mknhIZwfxax-nfFyWYqA1NDzLwBV56cNOOYGtXXfFHffTiX52YeBs8TTzDZuECO4TaGBrjHfiEg_Z4OVkMiiIi6ZcaFmeOIMZoxRQ7_CWHtQMzEkFvWFMMiAEL61wmHe6cncVorzwr7t1gSegtEMYIp3Ac5Wxtq2apmTRw9nITXURXuXad5q5X9lK0TeJa4dHBmJyDp6_mpGEhPlY7diIBiIGyJBAobN-hnMV2B8AS1jCr0ZuhNvPnva1pH3uELSYdr1BTgE0y5MuQQrgLuYyB7eTeLhYDmwS9vo_WjnO5dBi831TpiGOfM7qbKuozHw5-W5z4Ych3pWpIHg&sai=AMfl-YSBlYArSIVhyWxB-iNKu1CZzt9eFXe2D3fKPkYIyvvwGtmFZuJGpCo1qZLSbKcPPRna0IejTTtCE3EzJ10O0KpVYW8fJS7Ha9q6XdxS2LXjrCfBNlSm4uWyxBVcTWbSkEHOKKBpCZoSaFVrH_udSwwZ8JI4lPCpu-GQSjF3Sigis8SN3dXrSBINahPNkkIFPztkVjnKTtRIuYBknB34gRXXqMjCsh6ccYLUrvsSL40HdnaMFQFvc75fxxiNQAwGb62Ztv5_oArmiGpjJiFFsTtH2O0l2EqVBuprbdhVAJe2nINZ7DhSMjs6I4LAgRQD9Mbz8zymIVuEQndW3l6Bb86EDuD4Jp6yPakF1IkkKD18GQgDPKUCcJRiJwAKZz6TkYSHraeA_OLMU4kuTAkP6stdEGEdkHaaeSmoDoaB6Ebw8iDZToaqyIW_mXFW_7RWRLm_FH4JH4xyp8ax9Tg0wQqDwgmLICYXlbVGPQxsrMN116Tq0wuVHH-iUfUqgnigUky5e91iI-FIMw&sig=Cg0ArKJSzNDQb98KQy2PEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=157&vt=11&dtpt=155&dett=2&cstd=0&cisv=r20231109.72486&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C0BD 0
20 B 161ms
161ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQc0FGpVnZfvHNrGXvcAPs4aJsAsAAAAAOAHgBAI&bg=!rq2lreLNAAZxrfrxUa07ADQBe5WfOP9mM92wmgtuDRD90HR2EdfqEI5OuzzmBQlQ3HvPrfLYEufo2uRgk2IYLqthBhD9AgAAAFVSAAAAAWgBBwoAkSo0QKnsR-uUH49CaX9s6LdAa4zu798tCu2E_X8NJKTEEkXZ0JnZy3UwVL6Cs9dBPsZGJ4L9pEGFAKCAPL3EE4lKFCuqXBfdpJ6m-W1RW9mPl_BuB0cKfm_bnGuOzc2B1LnW79zqa6t7GtEiRy5d7sqvjrOZvLB_N6uHzY5uSV2wNrnP-112GjViEytWt5ezIrKZAuO04dl-Y4g-e1JutwCHWPVMStL9gcreBt1xeijq8oxomrKLXYw_QR_lQljXbtsWGsL8HxYBGvgu7JQRBskiIU1jdprjQgkM-ckKwzarHuj6qSZgOrlIZTETbcJdvwxO2hPAdZzXhBZrycMo3TAE3fApa9WnwCV-jwlgG3VCGevbUD91-lcSyIhT4kLfajaNEpTBwgCfSCxO4HkQ7Rs5mryWq4Iy_Pokw5A49NogXPMdd9HPEFxQtUSjHszgziL9qzEWR7mQy5bx1OFzjz5v8w3Hdpuzjy0xHeAcE1Tt9Cf_F-PNvrDFq5sL21sA9VETpYmD6BUXUGo_92PLhpoST8JSnuwJ91AGNGNd19zHur6XXnFdXe7cyAnIIPumB5a-tOm8dMN2zkm21mWAU7PRM8nbEn9mo2ZBj6D1Tuk1wBkehVkdWo1u2E8KGuI7PWy55N4yUhkWJ9jzibfTeeDFHk-jGzHzzVpo21vseUSW1BLtfgpqtGvfIUh0PfBHqAPc71nZzc1NuHar2Yx7L2pKn39GYM-yDZUsl4zL1tHBb1LZCcewD4DUzx7cDFi-R_KTSoUT9RER0IQee9WHLGlNlBMVF0d_8rNirQ1JsJ2sK8YtG-eehodtaBMyjDB_Sjug20y6nwaKHhtmjNcFUHHoBsT-OeUdEOgpSpt9PmKYFk9TRTZkS1EEPOEBX7SXq4jctNNJEVE2XQnaGQ7Kt7ZNUUADY39Uo-Bk8Gm1bSUoKt1j-58FlBeD4MA10crl7z1q6ch5ZtBqgkeb6KeG4He4n8SEClK9lOh1QduH7K0MwV2BSHFmk6RJWWxksaLPviIa70xR2FxpiDlsIoQmwEWSSdMkJ-H096X6uH_9Say0gy4mt4CGC9neiYYMZkK2mMKAWzATs6S25Y4aWp9Lb1oY7P28A4ar0HkHNhkyPMIjlW1zrEzcGLw078d9msKza4crUAAKOyo1g5L1VKScT_ZeIwD7P9Wx

Requested by

Host: dukeofdefinition.com
URL: http://dukeofdefinition.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 3B02 1 KB
2 KB 161ms
16ms Image
image/png 18.173.190.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.190.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-190-175.muc50.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 02:57:29 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
last-modified: Thu, 21 Sep 2023 16:13:27 GMT
server: Server
x-amz-cf-pop: MUC50-P4
age: 838147
etag: "593-605e0c5a9efc5"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1427
x-amz-cf-id: bd3pW6n-jTjS-R-vavxirfPu5kajiQ9rOK06Mbw5Ir9DiOzSLGvl4g==
expires: Mon, 27 Nov 2023 02:57:29 GMT

GET
H2 200 41PXrQrSlKL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 3B02 2 KB
2 KB 80ms
8ms Image
image/jpeg 2a04:4e42:200::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41PXrQrSlKL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1baf06a0f6e4c2bb9bb2766ff94af0251114a9bfe9d737601a7ab1654e1477ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 27 Sep 2043 12:46:38 GMT
date: Wed, 29 Nov 2023 19:46:36 GMT
last-modified: Sat, 24 Oct 2020 00:50:49 GMT
age: 453364
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: af42f0f1-6ae4-4b7d-8a18-55d748c000f4
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2032
x-served-by: cache-iad-kcgs7200107-IAD, cache-fra-eddf8230047-FRA

GET
H2 200 prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 3B02 3 KB
4 KB 158ms
14ms Image
image/png 18.173.190.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.190.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-190-175.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 01:36:43 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jul 2023 00:29:35 GMT
server: Server
x-amz-cf-pop: MUC50-P4
age: 1447793
etag: "d1d-6001713ba2178"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3357
x-amz-cf-id: r0nnXYT7zhdARUgvZlhIQyJdnFfJHynyPDgd--OXMbOvjheCUy_Xpw==
expires: Mon, 20 Nov 2023 01:36:43 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 3B02 43 B
200 B 315ms
98ms Image
image/gif 52.94.237.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1701287196460&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22dukeofdefi-20%22%2C%22refUrl%22%3A%22http%3A%2F%2Fdukeofdefinition.com%2F%22%7D
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 19:46:36 GMT
x-amzn-RequestId: 13044626-1b5a-44a4-b69b-6ada0facb356
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 3B02 341 B
714 B 155ms
15ms Image
image/gif 18.173.190.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?t=dukeofdefi-20&o=1&p=8&l=as1&asins=0312371217&fc1=000000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.190.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-190-175.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:17:14 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 23:28:11 GMT
server: Server
x-amz-cf-pop: MUC50-P4
age: 178162
etag: "155-5fd19ca299202"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: YZ8YudPIY77nm4V_d7jwbRlu6i8dRKjmQR37YHWHjtQX2U1RWYO5yg==
expires: Mon, 04 Dec 2023 18:17:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7E0 42 B
64 B 156ms
129ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuij5D_1JvosqDoXx6w9AiV2xguqLLEIGxhnSXyVlHgRaL4lJibYrsGRxfAUE4SYmidUUwmTOBCUrvjF8zU8OsdID9f7KVgn4adf9liZzMuxsWjgn21hdRe6eAb3psOEtgY4KKXluKn3jKi&sai=AMfl-YT3jDYdHU0U94h7zkgMKhjYsrgrUMvLHgsmu-JJweO_xxqJMfIs_FZe-26JVPFcCx0pJAO0IblJ5NbzdW3BTFJOmB4IQldlO_5HXiU9QBiD121ZaXntwYyjyWVcghIWF5uaP7UAbhW6cA3LR6PxKNc1azTZeRJiGPE_&sig=Cg0ArKJSzN61xVhGA7rUEAE&cid=CAQSTwDICaaN0uxUfROarpRml0TCYdn8-Iiz38F4QCfYuKcuwKd08GNNGbkHoK4Jl5cCKTqV4e7jKVlAydNN3aEbj9-5vpRVwMUq7VbYLm8fYUIYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3010025664&rs=2&la=0&cr=0&vs=4&r=v&rst=1701287194737&rpt=957&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 19:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
63ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ce11d131197a35ed7d711df87dec56f07970b55991b1e1aa8ca5e4ea923bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12333
x-xss-protection: 0

GET
H2 200 7715 Show response
www.teacherspayteachers.com/widgets/show/ Frame 47B0 16 KB
3 KB 618ms
618ms Document
text/html 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Requested by

Host: www.teacherspayteachers.com
URL: http://www.teacherspayteachers.com/widgets/get/7715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb644058278dfbf1f9e9c63fa786c6e1c4a6008abc025b4b6061c8c472a9050

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Referer: http://dukeofdefinition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 82dd5b93ef0c718b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 19:46:37 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 29 Nov 2023 19:46:37 GMT
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-frame-options: ALLOWALL
x-request-trace-id: 6567951c-e064-43b9-9ea1-3e93102191d0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 19:46:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FED2 13 KB
5 KB 14ms
12ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dukeofdefinition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 12:55:28 GMT
expires: Thu, 28 Nov 2024 12:55:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 829A 829 B
1 KB 56ms
22ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

219ee9ba3f5dc841b175f68deed2db9be964ba3e075180699946fcf023ade741

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DygLWnsdPDKvYTS5Os-yAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dukeofdefinition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DygLWnsdPDKvYTS5Os-yAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 19:46:36 GMT
expires: Wed, 29 Nov 2023 19:46:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame FED2 39 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 15:18:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 829A 0
0 46ms
46ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3538219369129200&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FED2 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SeQQDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 tpt_widget.min.css
assets.teacherspayteachers.com/4c227c9e6/css/customer/ Frame 47B0 6 KB
2 KB 67ms
40ms Stylesheet
text/css 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/css/customer/tpt_widget.min.css

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a67510075c9626da8acb4595dd2e6dd3996944501f6c29b664c1f7748b01cb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: S6HHX0XY11T70A6T
age: 26493
x-amz-server-side-encryption: AES256
x-amz-id-2: lwLskgQadaCFMem5CbrFOa76wUma/F4MV8ij6Eaq9KgibkWmm66B+MWD2TCBJKMEI0BRezxOr8Uwfrd+oJPCIjw/WgGJg97R6eB1RepVhbo=
last-modified: Wed, 29 Nov 2023 11:41:07 GMT
server: cloudflare
etag: W/"25b861b73e480c19137444ab6fda738e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
timing-allow-origin: *
cf-ray: 82dd5b97fc7c718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
assets.teacherspayteachers.com/4c227c9e6/js-min/vendor/ Frame 47B0 94 KB
33 KB 79ms
34ms Script
application/javascript 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/js-min/vendor/jquery-1.11.1.min.js

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7475b1b28017b5c3243d13f3cee1af9687d817fcb1dd864805148ce84632324f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.teacherspayteachers.com/
Origin: https://www.teacherspayteachers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: S6HX54HV4EVFF2D1
age: 26493
x-amz-server-side-encryption: AES256
x-amz-id-2: XA3TXS7hEsUZtD+pbfmvE4s3niE9IlfMDaU6f+U7ZMCD+JTsEPdvQfGPCj1n0KPv2ryaMTv2dZMJwTK5JNjEjA==
last-modified: Wed, 29 Nov 2023 11:40:45 GMT
server: cloudflare
etag: W/"beb521d7a1e436bd2b55b522429df502"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
timing-allow-origin: *
cf-ray: 82dd5b980f4b9142-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 jquery.cycle.all.js Show response
assets.teacherspayteachers.com/4c227c9e6/js-min/vendor/ Frame 47B0 26 KB
8 KB 82ms
37ms Script
application/javascript 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/js-min/vendor/jquery.cycle.all.js

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23688d98ab19e9daaee7318f140b84723199250825e047c19f9dc5a92cd84663

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.teacherspayteachers.com/
Origin: https://www.teacherspayteachers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: S6HQ6M4SNC8AFQBT
age: 26493
x-amz-server-side-encryption: AES256
x-amz-id-2: 8nfF46+dhk6Qvw2WUL9v8nZpSOqOrOBu0wguc6aAkAitDp7PwzTZECHnl0sFKyelJfU3yF1hcCkuPMk/h0YcrlQtR7hxfdBM
last-modified: Wed, 29 Nov 2023 11:40:45 GMT
server: cloudflare
etag: W/"44ed443535dae171e3a9540698056a8c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
timing-allow-origin: *
cf-ray: 82dd5b980f4e9142-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 jquery.browser.js Show response
assets.teacherspayteachers.com/4c227c9e6/js-min/vendor/ Frame 47B0 4 KB
2 KB 74ms
29ms Script
application/javascript 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/js-min/vendor/jquery.browser.js

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef31a50cb86b3b344420ebb88d24bd6459b17ac821bdb301e4050339fec922c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.teacherspayteachers.com/
Origin: https://www.teacherspayteachers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: S6HWB6NKFF1F4CW0
age: 26493
x-amz-server-side-encryption: AES256
x-amz-id-2: sHHaeEapNwy43T6tN3XIBnezNx388vI4wkhsGYAR1ZDYRPcFfwNhmyOA/j9Rlb2N1jQqbe45vNqESmCVX6SR4w==
last-modified: Wed, 29 Nov 2023 11:40:45 GMT
server: cloudflare
etag: W/"5b4e2b6691907d9b92313a4c4704aaa4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
timing-allow-origin: *
cf-ray: 82dd5b980f4c9142-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 logo_v.png
assets.teacherspayteachers.com/4c227c9e6/img/widget/ Frame 47B0 6 KB
7 KB 58ms
31ms Image
image/png 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/img/widget/logo_v.png

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00f18f78fd3858d97bf59eebe973fcceea13f7e87c33ac5d953c04f49a752444

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: VT8JBBSP7XNHZW76
age: 26072
x-amz-server-side-encryption: AES256
content-length: 6432
x-amz-id-2: w+0Sws7YBpY4i37+X3etUA68HfeWDxjG5TLOWuc5qGv1QYgk+84TqJQzQ2QoZ/I1HglM8SD3tO0=
last-modified: Wed, 29 Nov 2023 11:41:18 GMT
server: cloudflare
etag: "3add75529e1fa3c4465051b091bb7398"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b97fc7d718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1401230-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Word-within-the-Word-Test-Bank-Units-16-23-1401230/ Frame 47B0 2 KB
2 KB 515ms
480ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Word-within-the-Word-Test-Bank-Units-16-23-1401230/home-1401230-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5303a43ca607ff6668e24f12eb26eb86c844f9740db011fc0b0ca9aa629cc7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDW589B2FWNSGPW
content-length: 2154
x-amz-id-2: lhuMflJeuDanrH7asB4qzjX+k1x88t6HleWjkkuu7I56TCkHZfNXgZdaJiqvAmNyuEKgUuo7Nds=
last-modified: Thu, 31 Mar 2016 16:50:05 GMT
server: cloudflare
etag: "3c67c2a28825b0acf51a5065638093c9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b97fc87718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1401173-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Dr-Jekyll-and-Mr-Hyde-Reading-Test-1401173/ Frame 47B0 6 KB
6 KB 442ms
442ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Dr-Jekyll-and-Mr-Hyde-Reading-Test-1401173/home-1401173-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54fcd3ee02a9451b9c51e044946d4897b98df7094ce933dd483909cda9b29950

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDN0RC5M3N3JKA5
content-length: 6163
x-amz-id-2: vacs40QHjf0191beGjS4CyXe3Ei4CVN4mNm6LRukVINkYseiKRV26ajwqXPVtgY/BMXkap833SQ=
last-modified: Thu, 31 Mar 2016 16:48:38 GMT
server: cloudflare
etag: "a2a48129258fa8d3b3db98f32de1bff5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b982cb8718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1278527-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Writing-Handbook-2nd-Ed-1278527/ Frame 47B0 5 KB
5 KB 459ms
458ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Writing-Handbook-2nd-Ed-1278527/home-1278527-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8a9aebc0d426032094d6369c1ebc59253aa022366bf63b99097a5ff4bd4ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDNWRDQSFSYBE90
content-length: 4644
x-amz-id-2: yVXbozNO3EdEj32UUd5QaUHLE5m98T0J+wlxWaIJfhxGhm+xRs6l9Zt6h/tyr5WHwIBwfSMlxEc=
last-modified: Thu, 31 Mar 2016 04:57:08 GMT
server: cloudflare
etag: "0964c5260f5aafe109505cb5aee40203"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b986d00718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1278477-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Julius-Caesar-Reading-Guide-Study-Guide-1278477/ Frame 47B0 5 KB
6 KB 431ms
430ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Julius-Caesar-Reading-Guide-Study-Guide-1278477/home-1278477-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4fc1d065938c31f875da2a05a24f88824a48553474292e47ea7dbb20f079b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDTQ1ASGJ8VDE88
content-length: 5616
x-amz-id-2: seTn6AeZyy/waNkCtriGtzuCZlQCv5YmpKgCnhCukRng6l+Yo73yAdK1TjC5FfMFM1xAJEYyywg=
last-modified: Thu, 31 Mar 2016 04:59:49 GMT
server: cloudflare
etag: "3e523caacde3fa7619769c14f6123232"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b986d03718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1278458-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Julius-Caesar-Reading-Study-Guide-Answer-Key-1278458/ Frame 47B0 4 KB
5 KB 478ms
477ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Julius-Caesar-Reading-Study-Guide-Answer-Key-1278458/home-1278458-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

762caeb9fd61d4f2564aa7593f53ad4adc85c2fe25b2decbb5ed51b18884212e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDQK9YTEZQ7H87K
content-length: 4607
x-amz-id-2: u7O4atl0Xu432Qn5d3Eb4bvL3J4RPEMv9kB6w/V5Q/KvZVmazBgijyDGX0XThOsEdjjsj2QORG8=
last-modified: Thu, 31 Mar 2016 04:56:01 GMT
server: cloudflare
etag: "9d04862e7576d80cc110f440a60cd4d2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b986d06718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1278424-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Reading-Guide-Study-Guide-Answer-Key-1278424/ Frame 47B0 9 KB
9 KB 503ms
503ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Reading-Guide-Study-Guide-Answer-Key-1278424/home-1278424-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c0235700464c68facc1734b0a6200fb693c8e1cfab4e582c070cdc97cd00f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDK5F3WQCSYXJ30
content-length: 8880
x-amz-id-2: EM1s9h7NPM3cCDKzyEDu4YOOLXJ0z0G1t0dhIA3SeFUZaQNVGohQifgWEfp3dRR4LIsRqOJPwsuX4nxmBo6vIQ==
last-modified: Thu, 31 Mar 2016 04:59:32 GMT
server: cloudflare
etag: "58f311c8d1f1f907434131b8e9c15794"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b986d08718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1268664-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Unit-Exam-1268664/ Frame 47B0 6 KB
7 KB 456ms
456ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Unit-Exam-1268664/home-1268664-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e7e9e4fab88cf68b1179d73c6a3ab82af7555eedcf80760659b7935a8c3e297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDY6RM2FPM2PYCC
content-length: 6587
x-amz-id-2: 5Okbl0RVqVy0iB+rBQ0R1plqxO7xvoFd/F/GsQYiQ23PZIYrzNPtDo35StHvSfnDaPmAOt0+m5g=
last-modified: Thu, 31 Mar 2016 04:02:07 GMT
server: cloudflare
etag: "c45586b21dc246bbfda55c47d119dac4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b987d1a718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1268640-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Jeopardy-Game-PowerPoint-Review-1268640/ Frame 47B0 8 KB
8 KB 447ms
447ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Jeopardy-Game-PowerPoint-Review-1268640/home-1268640-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

623620ad6e976e7975f380687df8888fd4b82cbe33b9d8c3e2dad0e1dcd6e70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDTHQ3JHT7K2A72
content-length: 7715
x-amz-id-2: ra0d18TuiqdQz+PdVugD348Y68PuXxHZ/uXqsgCsbMfvJm3V3IxwfYUVg2YA+rZbEWtCocoDXG4=
last-modified: Thu, 31 Mar 2016 04:03:47 GMT
server: cloudflare
etag: "17bbcee190b1c5367764b52c791c5aa9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b987d1d718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1268596-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Word-within-the-Word-Complete-Sentence-Worksheets-Lists-21-30-Vol-1-1268596/ Frame 47B0 9 KB
9 KB 454ms
454ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Word-within-the-Word-Complete-Sentence-Worksheets-Lists-21-30-Vol-1-1268596/home-1268596-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd18949f245ac2e10b1179b031c151800793ee7814590e9c43a1a6231dcb438

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDQVEVR43S7MXAM
content-length: 9330
x-amz-id-2: eBFs27eN4AtjsNZc768efgOmFvmtNoSdzSi/TZJFc71Ons/DxaFFFZm4gufS11Fzl0INYKmloZk=
last-modified: Thu, 31 Mar 2016 04:02:44 GMT
server: cloudflare
etag: "726dfd1db0a891d05096873847f94f2e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b987d1e718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1268219-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Cormac-McCarthys-The-Road-Reading-Check-Exam-Entire-Novel-1268219/ Frame 47B0 6 KB
6 KB 485ms
485ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Cormac-McCarthys-The-Road-Reading-Check-Exam-Entire-Novel-1268219/home-1268219-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f856648bb93dad02b8402b81db53440947262040bdbd4a5d74462dd91c4228d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDXK26HGHA7R1HC
content-length: 6117
x-amz-id-2: HGC5IcTAjS4SW3DQBZ79oyN/37tFGyAKAMzuVvZ59CiezCzwVjQxNuO0mcx52qWrsJsxMbH+RP4=
last-modified: Thu, 31 Mar 2016 04:05:20 GMT
server: cloudflare
etag: "c258ab5856e6c2104618e36f1f9c9938"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b987d20718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1268205-1.jpg
ecdn.teacherspayteachers.com/thumbitem/A-Separate-Peace-Study-Guide-w-Vocabulary-Answer-Key-1268205/ Frame 47B0 8 KB
8 KB 473ms
473ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/A-Separate-Peace-Study-Guide-w-Vocabulary-Answer-Key-1268205/home-1268205-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a3155a611e50417aac3023b1eef5fa334866075c19940aa7081813ccbf1cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDPHZJRCHV07AR9
content-length: 7966
x-amz-id-2: snpoJkejv9vuhrTtOiimkbK5JFm/EW597TrIptz5vkrnn6HgQgCUtbjtR3HuU0K1+HbQk0bouqc=
last-modified: Thu, 31 Mar 2016 04:01:51 GMT
server: cloudflare
etag: "b5fa4f06edf2420b452003869ee95339"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b987d21718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 home-1268199-1.jpg
ecdn.teacherspayteachers.com/thumbitem/A-Separate-Peace-Study-Guide-w-Vocabulary-1268199/ Frame 47B0 6 KB
6 KB 502ms
502ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/A-Separate-Peace-Study-Guide-w-Vocabulary-1268199/home-1268199-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3418a93a7def0f41b077fd1b828bebc8f812394fa22da96a51cfc640a39394

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:38 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDT7XXG7P077D4S
content-length: 6164
x-amz-id-2: 9o7by2ew9mln8fKxhNK6p1WowLStjY3lUZ2x33g/Xk7u+EkW/qa+NH9td2HpPxZesfKlegjraCk=
last-modified: Thu, 31 Mar 2016 04:01:52 GMT
server: cloudflare
etag: "ac1eeff8a1bba0d05900ba22944dd020"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b987d22718b-FRA
expires: Wed, 29 Nov 2023 23:46:38 GMT

GET
H2 200 home-1267939-1.jpg
ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Reading-Guide-Study-Guide-1267939/ Frame 47B0 5 KB
6 KB 463ms
463ms Image
image/jpeg 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecdn.teacherspayteachers.com/thumbitem/Lord-of-the-Flies-Reading-Guide-Study-Guide-1267939/home-1267939-1.jpg

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ffc97881b14e88b9ae9187bd033635749ae3e41f4fd5a7a4612d6740facd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teacherspayteachers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
x-amz-version-id: null
cf-cache-status: MISS
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-request-id: WCDQCTHYDJ9Z95B3
content-length: 5427
x-amz-id-2: 0SpAUsYzhas+i9oGO02SyE/WkwwxMGeFQvkFuWQwmQRJr17T7Nxb2+NjxPSWGpxHX5Pkool09K0=
last-modified: Thu, 31 Mar 2016 04:00:35 GMT
server: cloudflare
etag: "c123e5796b1effe6c1d1d86402170154"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b987d26718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 bg_v.png
assets.teacherspayteachers.com/4c227c9e6/img/widget/ Frame 47B0 1 KB
1 KB 53ms
52ms Image
image/png 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/img/widget/bg_v.png?rand=123

Requested by

Host: assets.teacherspayteachers.com
URL: https://assets.teacherspayteachers.com/4c227c9e6/css/customer/tpt_widget.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b648b3a7628475a41aacbda8ebff0a44f186644eae004ed5c42b5f1a8d10ae89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.teacherspayteachers.com/4c227c9e6/css/customer/tpt_widget.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: CRCY5R9WT6ZG0QW3
age: 26071
x-amz-server-side-encryption: AES256
content-length: 1127
x-amz-id-2: 98PYin15pGskj7OPuIdw43AFmXL+9PtcYEaF1sR06Cbifd7LO/tw2sX6PqozG8HgIBH2l9oShdKuWGoXYDmHXw==
last-modified: Wed, 29 Nov 2023 11:41:18 GMT
server: cloudflare
etag: "332bd83566ea633b3614eb22381bd4e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b986d09718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 prev_btn_inactive.png
assets.teacherspayteachers.com/4c227c9e6/img/widget/ Frame 47B0 390 B
568 B 37ms
36ms Image
image/png 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/img/widget/prev_btn_inactive.png?rand=123

Requested by

Host: assets.teacherspayteachers.com
URL: https://assets.teacherspayteachers.com/4c227c9e6/css/customer/tpt_widget.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0145887185eabae981b19fc3fa5bf59b6b3c244dc0ed70028714e664d035084f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.teacherspayteachers.com/4c227c9e6/css/customer/tpt_widget.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: CRCQVKGGZC8AZHVZ
age: 26071
x-amz-server-side-encryption: AES256
content-length: 390
x-amz-id-2: jc7i/dqv+qbfzfl2xtyzmw7HRcxMr4Py+fX8GSxywQRxhzvxPCRmvlUG9CZTbsiEmHbw+wMeRwA=
last-modified: Wed, 29 Nov 2023 11:41:18 GMT
server: cloudflare
etag: "e50ca6306b5fbe2b40e0a18a1e2d54b0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b986d0b718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2 200 next_btn.png
assets.teacherspayteachers.com/4c227c9e6/img/widget/ Frame 47B0 457 B
636 B 29ms
29ms Image
image/png 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.teacherspayteachers.com/4c227c9e6/img/widget/next_btn.png?rand=123

Requested by

Host: assets.teacherspayteachers.com
URL: https://assets.teacherspayteachers.com/4c227c9e6/css/customer/tpt_widget.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e08cb01ab4b8d1bf5c20cfb53abff0f2f889cecb576e9758f7058ca2c544fe2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.teacherspayteachers.com/4c227c9e6/css/customer/tpt_widget.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: CRCSYX0Y6GSCN6K2
age: 26071
x-amz-server-side-encryption: AES256
content-length: 457
x-amz-id-2: IFI7JuixtmjJ2L5zOJ27eeklqp996a3Q3E0U/ZVw873w6r7UcuR95UxMi7PEL/uPlJxaflpGK5I=
last-modified: Wed, 29 Nov 2023 11:41:18 GMT
server: cloudflare
etag: "7da1f5a279a9b7c908daa87977843c3d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82dd5b986d0c718b-FRA
expires: Wed, 29 Nov 2023 23:46:37 GMT

GET
H2

200

main.js Show response
www.teacherspayteachers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame E951
Redirect Chain

https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

22ms
22ms

Script
application/javascript

2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/widgets/show/7715?widgetref=http://dukeofdefinition.com/

Protocol

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed787c0a6184c1c8972e74dfae5c70d20c6156ef43dc655e8deff9527786eb9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82dd5b98ad5f718b-FRA

Redirect headers

date: Wed, 29 Nov 2023 19:46:37 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 82dd5b988d3c718b-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
50ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3538219369129200&bg=!JSalJmnNAAZxrfrxUa07ADQBe5WfOJL-gv65eJWpAj2nU_dFlAZReSbnrT14gZbXk7NgmxT3UhYrQgXZ2OJfx_embK1QAgAAAC9SAAAAAmgBB5kC0ERKGmXWUSZPaMFWeT_taidRAk11QUifzZMfkolGPlHAUQiJ-zLEHNaTvBgwq16T4b5rSTo3ep8KvtPnHYjBWR3gojQRHmiHZ72e0-YOSNQZTMexnwdfThO33cQBsORXL9aFydeqXa3Q-f2qvnxubPXY-aGDGLtHyfpj8x1S0B1Q5ZO9_15vCuplOjOIbRCLP4gJiTYMO6EpX4B20FA5YsEjWy8_UzNbl0Fx3lvQJsOCwzkdtXuXgBL7uW4h5KcN9yj-_uqOHCKjzO0s-lewhOyf4wr7p6wJYoM4aIrfmaEs6JskhsUCyDk10Jtv0NJA3BFbl9GkfM7S_EjTZMJuNg-5KU6tfOqHBm_npGCIjlPDPesUgL2CHhdTB5p7qxHErLFzbjXIDaS3OBnHYyef-EWsvXBGN45UAP7JIbL7_WcG_8tMAYqGDjxKo20GR6GC7PRLWwID2MBLVuZrLtFKk4oq3gcy_PpkLj5Txe0zuwqcBWJaCYYAeVyq02CRAbl19d-JHH0bMjvA8IUCS6PTDYYsNWT5kWCQiOlny5u2gh30asm62zFChxLyage5lkaNjNFFyetTbgfGGpvJwj0McE8zAzFlHqo6paebmNb4K9Y2PsFOHOvDs4osfCgQkoyku9_8B1jjMr5O7m7lsYH3IbL5nIkrinegDWZ7-ZCGvK0Pxh-78jeM6esVHAhzRZtYse7XWQzEVWx3bTQRGe07BggLzATGDqEssT94FkRJMN4bKtvnwXhpdEwtDrCr-TrpHXDPfcbwI9D9HYspyIvgayKx-ntzKS4yrd17SdF5qLx6u-iqUyQ3xLk-qJ9bU9JUpDrc7BGpc7m-IotJ_BJg2f-akd8Be-9Wkq-bALgsVqXD9AketLqKXWcYeWTSWq1VQXc8P0Ao-N8WzVwkTFPeEWE8CNo6Y1yT5Ve-ioCK2CNq56ED8_R4MqtLe40p9Qph8A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dukeofdefinition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H2 200 82dd5b93ef0c718b Show response
www.teacherspayteachers.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E951 0
259 B 29ms
29ms XHR
text/plain 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/h/g/jsd/r/82dd5b93ef0c718b

Requested by

Host: www.teacherspayteachers.com
URL: https://www.teacherspayteachers.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Nov 2023 19:46:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
server: cloudflare
cf-ray: 82dd5b991df0718b-FRA
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-21 02:10:47	Name: ts Value: vreXpYrS%3D1795981594%26vteXpYrS%3D1701288994%26vr%3D1c9e6fa718c0aa30a847ecf0f9de54c8%26vt%3D1c9e6fa718c0aa30a847ecf0f9de54c7%26vtyp%3Dnew
.paypal.com/	1970-01-21 02:10:47	Name: ts_c Value: vr%3D1c9e6fa718c0aa30a847ecf0f9de54c8%26vt%3D1c9e6fa718c0aa30a847ecf0f9de54c7
.teacherspayteachers.com/	1970-01-20 16:34:48	Name: __cf_bm Value: I66HebMvAA11P9pEA.lpQoOiQ5hxejTUMHFReQTBVlQ-1701287194-0-Aei9uXQLmH6+Xo1MTI3wB5If3CU9EsREzlFJEEgBgpeXDMlptLGDn7jX6HXlLU4L0/cyuCnwC4lj6feIuvdiS+c=
.dukeofdefinition.com/	1970-01-21 02:10:47	Name: sc_is_visitor_unique Value: rx416438.1701287195.AFA22F8100E74F16040AA6137D5D8568.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 02:10:47	Name: is_unique Value: sc416438.1701287195.0
.dukeofdefinition.com/	1970-01-21 01:56:23	Name: __gads Value: ID=9ab2cafc02774de4:T=1701287194:RT=1701287194:S=ALNI_MY0C85RBahUsFyxRqKq1qi1EAF2Fw
.dukeofdefinition.com/	1970-01-21 01:56:23	Name: __gpi Value: UID=00000cfd372c62bc:T=1701287194:RT=1701287194:S=ALNI_MZHv5lW0HkzHJ3dpQppoDWlc1ndcQ
.adnxs.com/	1970-01-20 18:44:23	Name: uuid2 Value: 6099859911940303764
.casalemedia.com/	1970-01-21 01:20:23	Name: CMID Value: ZWeVG7I6kl.M4gZXqN69jAAA
.casalemedia.com/	1970-01-20 18:44:23	Name: CMPS Value: 3341
.casalemedia.com/	1970-01-20 18:44:23	Name: CMPRO Value: 3341
.doubleclick.net/	1970-01-21 01:56:23	Name: IDE Value: AHWqTUnEihukQJpKVQaN4OyuBofQTmEigOF1CZkdPKO4_5C2m63UUUf1SCPi5biiuCE
.adnxs.com/	1970-01-20 18:44:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVTg.@F5!]tbPl1M>e)ZlrFUfJ+tGXxoP8_ZHyZM-K'<r%')NVxPnE'E$1Zsm^!t5e4m3If)y3KL9D3I?+KhTD2t
.teacherspayteachers.com/	1970-01-21 01:20:23	Name: cf_clearance Value: y.t5s4nn9rT8UDBtxrHRVN273q6.jX9Q5igqCcbSy3c-1701287197-0-1-de2b1d9e.91c6e355.892a427e-0.2.1701287197

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.dictionary.com/e/word-of-the-day/wotd2.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
assets.teacherspayteachers.com
c.statcounter.com
cm.g.doubleclick.net
cse.google.com
dictionary.reference.com
dsum-sec.casalemedia.com
dukeofdefinition.com
ecdn.teacherspayteachers.com
fls-na.amazon-adsystem.com
googleads.g.doubleclick.net
ib.adnxs.com
m.media-amazon.com
pagead2.googlesyndication.com
rcm.amazon.com
s0.2mdn.net
tpc.googlesyndication.com
wms-na.amazon-adsystem.com
wordsmith.org
ws-na.assoc-amazon.com
www.dictionary.com
www.google.com
www.googletagservices.com
www.paypal.com
www.paypalobjects.com
www.statcounter.com
www.teacherspayteachers.com
104.20.219.77
142.250.185.162
151.101.194.133
169.62.92.53
172.217.16.134
172.64.151.101
18.173.190.175
192.229.221.25
2606:4700:4400::6812:25e5
2606:4700:4400::ac40:961b
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a04:4e42:200::272
2a04:4e42:400::645
37.252.172.123
44.215.133.91
52.46.131.85
52.94.237.66
65.254.227.224
00f18f78fd3858d97bf59eebe973fcceea13f7e87c33ac5d953c04f49a752444
0145887185eabae981b19fc3fa5bf59b6b3c244dc0ed70028714e664d035084f
08ffc97881b14e88b9ae9187bd033635749ae3e41f4fd5a7a4612d6740facd85
0913a831e286f04562515c4cce399dd5db50701f8e98821d9e4e1493ed18b13c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
111c11d1e828920316a7b65368c7d3c9f22312a740b4e22a3731f1d8cc35f8e0
16becd91b09687aaf14b4c062258c6143b4b2d457bc4eba5978a04f0f7a5ba55
176be7cab40b796a9ec4294b316cf83606d3598aceb4fa367f04d66b1b77e0e6
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1baf06a0f6e4c2bb9bb2766ff94af0251114a9bfe9d737601a7ab1654e1477ce
1fd18949f245ac2e10b1179b031c151800793ee7814590e9c43a1a6231dcb438
219ee9ba3f5dc841b175f68deed2db9be964ba3e075180699946fcf023ade741
23688d98ab19e9daaee7318f140b84723199250825e047c19f9dc5a92cd84663
2a3418a93a7def0f41b077fd1b828bebc8f812394fa22da96a51cfc640a39394
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a848c25333d586c98555f634c8e8fa2f5ed2494b7217c5a14be1c86208b428
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
35ce11d131197a35ed7d711df87dec56f07970b55991b1e1aa8ca5e4ea923bee
3abd0e6851a91b25291f6d9925f833eefce57d594bb31b3c3b7a54feec6b2e01
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c8a9aebc0d426032094d6369c1ebc59253aa022366bf63b99097a5ff4bd4ba3
3f7893cc5573695ff62616ca127171b287dc98c5b55190b77c271cb5f79e987d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
46c0235700464c68facc1734b0a6200fb693c8e1cfab4e582c070cdc97cd00f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e7e9e4fab88cf68b1179d73c6a3ab82af7555eedcf80760659b7935a8c3e297
4f856648bb93dad02b8402b81db53440947262040bdbd4a5d74462dd91c4228d
5303a43ca607ff6668e24f12eb26eb86c844f9740db011fc0b0ca9aa629cc7ca
54fcd3ee02a9451b9c51e044946d4897b98df7094ce933dd483909cda9b29950
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623620ad6e976e7975f380687df8888fd4b82cbe33b9d8c3e2dad0e1dcd6e70f
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
71d84577bee5732cc6f21a9a94779ce7012441030172b58851e5e1750b28aa0f
73717e7ee80ff735ed689551193fb236b2fba5b7712539fa8cf42768ba2c8e82
7475b1b28017b5c3243d13f3cee1af9687d817fcb1dd864805148ce84632324f
762caeb9fd61d4f2564aa7593f53ad4adc85c2fe25b2decbb5ed51b18884212e
8258e5f71b91c328b82eee8b75e408307036e1edb1da0f88af674dcf38ea44c9
8a16a0ad6c70096273857c96109e9c9b25c5cda8463cbf5f2d7f886419ece8df
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9053a221a539377a63df26b2b15fe5c4d8b6574b2441f9c812789884c0b0926d
90a3155a611e50417aac3023b1eef5fa334866075c19940aa7081813ccbf1cdd
91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3
92a80f8a7e8a512e662b4c27d9405d107e75928c0766c006d3fbf5773e4b2985
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a67510075c9626da8acb4595dd2e6dd3996944501f6c29b664c1f7748b01cb6e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f480de4c66ee4f7c694222c89c39b8e6a2907060f8b8a1f5062e08ef8afa58
b648b3a7628475a41aacbda8ebff0a44f186644eae004ed5c42b5f1a8d10ae89
bb4fc1d065938c31f875da2a05a24f88824a48553474292e47ea7dbb20f079b9
bc150a332d87b163332c3059687b66f2a3ecf7fb9c7f827cab75d72e9797c264
bde57a2e4244847cb83f00ea34696e7abae8533fb2b375a6a29518c8aa021642
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cdb644058278dfbf1f9e9c63fa786c6e1c4a6008abc025b4b6061c8c472a9050
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
e08cb01ab4b8d1bf5c20cfb53abff0f2f889cecb576e9758f7058ca2c544fe2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed787c0a6184c1c8972e74dfae5c70d20c6156ef43dc655e8deff9527786eb9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef31a50cb86b3b344420ebb88d24bd6459b17ac821bdb301e4050339fec922c1
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
f5670c207bd565acd0c517ed03c81dad66e3547e3a278cb7ae6420ab01e2c009

dukeofdefinition.com Open in urlscan Pro 65.254.227.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

79 Requests

73 %HTTPS

46 %IPv6

19 Domains

27 Subdomains

22 IPs

3 Countries

740 kBTransfer

1581 kBSize

14 Cookies

0 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dukeofdefinition.com Open in urlscan Pro
65.254.227.224 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

73 %
HTTPS

46 %
IPv6

19
Domains

27
Subdomains

22
IPs

3
Countries

740 kB
Transfer

1581 kB
Size

14
Cookies

79 HTTP transactions
1 data transactions