urlscan.io logo urlscan.io
SecurityTrails logo

www.ducksters.com Open in urlscan Pro
104.21.71.249  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ducksters.com/
Effective URL: https://www.ducksters.com/
Submission Tags: tranco_l324
Submission: On October 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 88 HTTP transactions. The main IP is 104.21.71.249, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ducksters.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2021. Valid for: a year.
This is the only time www.ducksters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 104.21.71.249 13335 (CLOUDFLAR...)
14 52.222.214.126 16509 (AMAZON-02)
2 104.16.18.94 13335 (CLOUDFLAR...)
1 104.26.13.111 13335 (CLOUDFLAR...)
6 18.66.122.79 16509 (AMAZON-02)
2 18.66.97.95 16509 (AMAZON-02)
2 2.21.143.57 16625 (AKAMAI-AS)
2 172.217.23.110 15169 (GOOGLE)
1 18.169.85.185 16509 (AMAZON-02)
16 18.66.122.50 16509 (AMAZON-02)
4 172.217.23.98 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 172.217.23.97 15169 (GOOGLE)
8 3.91.171.213 14618 (AMAZON-AES)
8 142.250.185.193 15169 (GOOGLE)
1 2 142.250.181.228 15169 (GOOGLE)
2 142.250.185.194 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
88 20
15    104.21.71.249 (United States)

ASN13335 (CLOUDFLARENET, US)
ducksters.com
www.ducksters.com
14    52.222.214.126 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-126.fra56.r.cloudfront.net
cdn.intergi.com
2    104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.26.13.111 (United States)

ASN13335 (CLOUDFLARENET, US)
www.kidsafeseal.com
6    18.66.122.79 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergient.com
2    18.66.97.95 (United States)

ASN16509 (AMAZON-02, US)
config.playwire.com
2    2.21.143.57 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net
www.google-analytics.com
1    18.169.85.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
mb.moatads.com
16    18.66.122.50 (United States)

ASN16509 (AMAZON-02, US)
cdn.playwire.com
4    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
adservice.google.be
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
1    172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f1.1e100.net
13066ba4b63dc1d6f07cb3401b7bd262.safeframe.googlesyndication.com
8    3.91.171.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-171-213.compute-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
8    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
cdn.ampproject.org
tpc.googlesyndication.com
2    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
Domain Requested by
16 cdn.playwire.com cdn.intergient.com
cdn.playwire.com
14 cdn.intergi.com www.ducksters.com
cdn.intergi.com
13 www.ducksters.com www.ducksters.com
8 kinesis.us-east-1.amazonaws.com cdn.intergient.com
6 cdn.intergient.com cdn.intergi.com
cdn.intergient.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 securepubads.g.doubleclick.net cdn.intergi.com
securepubads.g.doubleclick.net
www.ducksters.com
3 tpc.googlesyndication.com www.ducksters.com
securepubads.g.doubleclick.net
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 www.google.com 1 redirects www.ducksters.com
2 www.google-analytics.com www.ducksters.com
www.google-analytics.com
2 config.playwire.com cdn.intergi.com
cdn.playwire.com
2 cdnjs.cloudflare.com www.ducksters.com
2 ducksters.com 2 redirects
1 googleads.g.doubleclick.net www.ducksters.com
1 13066ba4b63dc1d6f07cb3401b7bd262.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.be securepubads.g.doubleclick.net
1 px.moatads.com www.ducksters.com
1 mb.moatads.com z.moatads.com
1 z.moatads.com cdn.intergi.com
1 www.kidsafeseal.com www.ducksters.com
0 search.spotxchange.com Failed cdn.playwire.com
88 23

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-09 -
2022-07-08		 a year crt.sh
cdn.intergi.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
cdn.intergient.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.playwire.com
Amazon		 2021-04-12 -
2022-05-11		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.be
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
kinesis.us-east-1.amazonaws.com
Amazon		 2021-02-17 -
2022-02-16		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.ducksters.com/
Frame ID: 841ADD737D4EB19058BD2B1B18D5BC57
Requests: 70 HTTP requests in this frame

Frame: https://13066ba4b63dc1d6f07cb3401b7bd262.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25F4BB54ED77C23F39019D3C7E0F9F64
Requests: 1 HTTP requests in this frame

Frame: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
Frame ID: 7CDB112C3B7C3E2A5242DA7EA0E7A2CA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ducksters.com/ HTTP 301
    https://ducksters.com/ HTTP 301
    https://www.ducksters.com/ Page URL

Page Statistics

88
Requests

97 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

20
IPs

2
Countries

947 kB
Transfer

2745 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ducksters.com/ HTTP 301
    https://ducksters.com/ HTTP 301
    https://www.ducksters.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ducksters.com/
Redirect Chain
  • http://ducksters.com/
  • https://ducksters.com/
  • https://www.ducksters.com/
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1f4f6a44e511c7c13acce052bee956fe024d8939578431e18559c388d768d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
expires
Sun, 28 Nov 2021 10:59:03 GMT
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
cf-cache-status
HIT
age
144051
last-modified
Fri, 29 Oct 2021 10:59:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3EC4RdztDa4j4hPA6UVn6cHkPfzgNHPUn%2F%2Bxx3PethWe2dJUBD2sw%2Bq7Oiv%2FlDpNSaGo1Q%2Bi34yJFQj7U2JJZ45NcMXIIGJ3fGcFWhhebDq2RQcGtuolNUw9v7B%2FEpoWIRyhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a69a1468e74410d-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sun, 31 Oct 2021 02:59:53 GMT
content-type
text/html; charset=iso-8859-1
location
https://www.ducksters.com/
cache-control
max-age=2592000
expires
Tue, 30 Nov 2021 02:59:53 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXdUrbxp8e4XfS1cr1%2BRYmxYC5h%2FDqCd%2BEJVxtqC2kH8hWiY0lXEQV3eg%2FPk3rcI74j7%2FuC%2FX2YAauHRiGy71OWFWADFmN5ezv08UQkmHbBkkUWdhNJv6zoAs8dKDag4"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a69a1437d0c410d-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tyche.js
cdn.intergi.com/hera/ 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/tyche.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
79c02e6660a7461876cfa376acc0c356cce15b61b1f6100db0b649ac3d6cde72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=45327, public, must-revalidate
content-encoding
br
x-amz-cf-id
Jme8WlXf6bOCOJPXuVwcl20F1iPCu-kMLXhU4le-pyKcJGOwSMAb9w==
jquery-1.10.1.min.js
www.ducksters.com/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducksters.com/jquery-1.10.1.min.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
br
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2403437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 18 Aug 2017 00:44:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Whe5ZB6XqqANK9XgB42ngwyWseemcXQIGM5p6qE77coTGmJIc87BvNoYIhbiICSPQkQNEx1fpTE3NrAbI9Wc8ahpsFH3pFfEKDx4Z1E2dy9cxgIViaPanAEyCs1rkezXZh3LTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6a69a146ce9a410d-PRG
expires
Mon, 03 Oct 2022 07:22:37 GMT
jquery.sticky-kit.js
www.ducksters.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducksters.com/jquery.sticky-kit.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
881a8e16a9aa3dde622ecdb17620b378a6f5bfb67609d79a63cd610d6f14a1b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
br
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2403437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 20 Apr 2017 00:54:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uu28IYnZdsZ0ysOXYm1r4PfFeszUsxLRN1hLW1KnRxflTiyN718ptm3uT08H%2BjlclDzq8nE%2B4YqS2FQWe2n6hEnc0Z0okwLsDJvGvHpLSmAldEJUrb%2B5WnAXwVSc9fNYCnTE%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6a69a146ce9b410d-PRG
expires
Mon, 03 Oct 2022 07:22:37 GMT
sticky4.js
www.ducksters.com/ 		2 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducksters.com/sticky4.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1d2e6843d61701d00bc1081fdc466940c2f596885124bba67d21a6006d9e68
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
br
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2403437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 18 May 2017 15:21:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6VBY8OVXyYGY8t73Ko9cKB%2FMykpomSdOjOE3NsXeHMmhx8fltLAGOHXQpgz9PUorLBv3ZQ%2F8j3g1mz17GFnXY%2FrH1E2gIsQeewybdSLBeA8CyunP%2FnJ3Np7oGFjfi9olmfiaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6a69a146ce9c410d-PRG
expires
Mon, 03 Oct 2022 07:22:37 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3321040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
975
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpv%2BAp0exBZNS7h0t9bFxQYsAIDmrdfv5S1tX4Kz75lGQXThkLLL1ZU4WDhmSuyWwYS9eZ9xmBq%2FNtWzimnvmLcxwN0wwph3eIVt9l9Yj5Eo%2FtZ8YdU%2FPyrs9z8ZV46TJUXfCGyj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a69a1470e5227a0-PRG
expires
Fri, 21 Oct 2022 02:59:54 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4271700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5978
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xHoyt2RJ66csf75FvJPqGQGb3F%2BIC74Xhay8XBXKsRe%2Bub9AWZWYBTZK2IwT%2Blcuv5Lxz7ciHQ5uNQlICCIO3kKjnrj0cdc1UqNrRc%2B7habVKIiqwqFqycpFADj2qbU1f4yfocc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a69a1470e5327a0-PRG
expires
Fri, 21 Oct 2022 02:59:54 GMT
header.gif
www.ducksters.com/graphics/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/header.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36185
last-modified
Tue, 19 Jan 2021 19:51:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO1D%2BBeXzQA52xGBxwrrKUDdCC3%2F4KnhXvq6mubF5T4qfFMvVcFBUf29TbrEz%2B2ivz0L3FhkFi4xFGhOlX%2Fr1TPalMsHi7sCwHilyVMKT90xu9Pui5mrCFMxxC8tFaYZ9Soo2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a1472b502778-PRG
expires
Thu, 27 Oct 2022 04:51:08 GMT
mobile.gif
www.ducksters.com/graphics/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/mobile.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2403436
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5904
last-modified
Tue, 19 Jan 2021 19:51:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktmU%2FtwUDih7B2jkEdw8zuHJeQLSA0JnxhqYj5pgRLufj6gPnwWh6KYcNDCf3vVaXsD2yweLQfEw4ta%2FFftza6fVROnv3SaJkq2R4l9k51tp4mO%2FxKAHtkkKmsiKLYldWAU7nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a1477b672778-PRG
expires
Mon, 03 Oct 2022 07:22:38 GMT
home_duck_history.gif
www.ducksters.com/graphics/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/home_duck_history.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5533851b7d67db230189fe9c85796763ee84ac2ff6f9e60c8849a036fcda9040
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306464
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8382
last-modified
Wed, 08 Feb 2017 21:41:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TYmZjs%2BlR7TV%2FhWYbPMyA100pLR53Lbo9iH3e7pvPxVV4wm1Lo9279w6dtL6v0bmlQ9EnosSP1wYB3q%2F1GtH6WzytUnGIOA03jWfyg1qYytnUj%2F8C7%2FWXPM0lrH2D%2BktUZpmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a147ab712778-PRG
expires
Thu, 27 Oct 2022 13:52:10 GMT
home_duck_bio.gif
www.ducksters.com/graphics/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/home_duck_bio.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edac2e92c551951830e96916a9e5b3c5fe48237eb6436ae85fbefd037a766c46
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10205
last-modified
Wed, 08 Feb 2017 21:41:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0DX4LRkl%2F%2F23Yt2TdbFg1Q50EmFKYbZd3ycmSgXYUv%2F5HMoOj57R%2FMAMsLOKeWmXYxOtrFpkL%2FZsVsYNYZH4z%2BGwNFaEnElgSnAy32ah8Bj6ssMN867Gh7zzarosm%2BrQoXhsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a147bb752778-PRG
expires
Mon, 31 Oct 2022 02:59:54 GMT
home_duck_science.gif
www.ducksters.com/graphics/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/home_duck_science.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96cc38cfeb78e902e483c17f9ac04f2952a82686542d146a45136421efc7576f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7722
last-modified
Wed, 08 Feb 2017 21:41:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iHjh4hg7LWatkmJkD9n8yIrW5YRk%2Fdqfy4BSyek788ZlN%2FXdbrQaiXA%2Fo1uuRQ4NVP8o0Oa8xJDhk33sOc7%2BuvqJimgeDRfxwmYVnt87WEn5wVHCynWJVbf7n0bCkeSuhg4hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a147db812778-PRG
expires
Thu, 27 Oct 2022 13:52:11 GMT
home_duck_games.gif
www.ducksters.com/graphics/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/home_duck_games.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c954a339be44695196534585eaf26e52abd608f43fd6ba1a271a3a800fcc83
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11165
last-modified
Sat, 11 Feb 2017 00:39:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLQ9tUpUFO20OKrpPVQbdMLmyTXTCLWJGZRj8vPoXQrBoBOQjgcrZuG98NkPozF0W1y7CTIEm6Cjf%2FVMo5S1VfzvYNWwcHtRapAwfKx7431r2pRP3fDtM2X6r5RvwmIa7XJKiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a147db822778-PRG
expires
Thu, 27 Oct 2022 13:52:11 GMT
home_duck_geography.gif
www.ducksters.com/graphics/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/home_duck_geography.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cc0025a2b90907913a2586cfc6832fe0da221a7ec01421b69a192a3d4aaed0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2317644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7746
last-modified
Wed, 08 Feb 2017 21:41:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul908cP79u42TNbeVCifZFXbW1ciM7zCdi4Rel2rm6f7JqsDEhyD7Kt%2BrZkSqV0BQPK%2B0jFKFUV8kF0qrQeigqNl%2FJqXZSyGTAOC2xUEr%2FSed8H56c8Pv9ZJuC2faxQwRyu8cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a147db832778-PRG
expires
Tue, 04 Oct 2022 07:12:30 GMT
home_duck_fun.gif
www.ducksters.com/graphics/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/home_duck_fun.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c153290495ae00c5254a0ac46197a5c26f141da5ea4c974876b06bf04141284
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2317644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11928
last-modified
Wed, 08 Feb 2017 21:41:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lB2UgTYtoJG1PGyq8GMzbOiS%2B%2Bw8ODOgQsjSiVX5ncOamC%2BuxZ9MJvC%2Bjnc38zeNNMNzM0xwfnPr3lU82HSd%2B7DK%2FshckQas9JNNRa1bT5v1CQyi7%2BUQ4YgrGWg6e31zqvuFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a147db842778-PRG
expires
Tue, 04 Oct 2022 07:12:30 GMT
ducksters_large_darktm.png
www.kidsafeseal.com/sealimage/19800482453259065/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kidsafeseal.com/sealimage/19800482453259065/ducksters_large_darktm.png
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3202be6a3814ed585b6e36a13b88b2aa5f56c8f8939acd95d2306b9dbe1091a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 28 Oct 2021 16:24:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZvtMF%2FEyPJn02R9y9vU%2FbSpfUxbnZUDIOGmOVTmLSUhKxDiQX83HQOW1QAyD1HBRPxaH%2FECB1eWLyY%2Bxp2RyZUO677mI%2F400boNfBfQzfbbqyK33dWGL38MrYlxXRPbLcl4hvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a69a14818a1412c-PRG
content-length
19007
kids_club1.png
www.ducksters.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/kids_club1.png
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60388748b4d1d9dcb193c8f537c293afbd480bc278520224c49e48bd06a425f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
vary
User-Agent, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2317644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10143
last-modified
Sat, 14 May 2016 15:30:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Ft9FyaEcRltvDHFEzE9ylfuRiS60HZuOmv7I0nFuhE2Ae89SpXnMzrb8DdAIeDyB%2FTxssC%2FR0SazRuJNCefORRsIUB5mF5aZc%2FEiiXZEYNp6J3MQ4FEyB1abOlp6DThI054YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6a69a147db862778-PRG
expires
Tue, 04 Oct 2022 07:12:30 GMT
videoCard.1451368a7b5e945a3252.js
cdn.intergient.com/pageos/1.6.27/ 		551 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.6.27/videoCard.1451368a7b5e945a3252.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 03:39:59 GMT
via
1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
last-modified
Mon, 18 Oct 2021 18:06:15 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:bfb44d87e9e552efe6f335d770ab135a/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
83996
etag
"bfb44d87e9e552efe6f335d770ab135a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
551
x-amz-cf-id
_YlUqYMJ1gf5QmQgJ4heaBlAIOVb1sniuIpQMw2EB1dFdHRbxIIk-g==
batchHandler.292de00282b644b2ec50.js
cdn.intergient.com/pageos/1.6.27/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.6.27/batchHandler.292de00282b644b2ec50.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
225a5d44793400c62040e70a55fc77beed0a3cbc0d7ac361abbf4085392b1e20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 23:35:06 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:06:10 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:de92c4772058b0bc43087610c61d14a5/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
12289
etag
W/"de92c4772058b0bc43087610c61d14a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
FJd5tzYJlnRJ5Q9aECiOvwm6ngbOM1at9KsWmskSh2a_ZxIKh11FGQ==
banner.json
config.playwire.com/1015702/v2/websites/62069/ 		39 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/1015702/v2/websites/62069/banner.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
3dc8a36dd5fb53f5060e0bfa69872219871bb3c31967d0034acad925a97faf9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 14:03:39 GMT
via
1.1 vegur, 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
46574
x-cache
Hit from cloudfront
content-encoding
br
server
Cowboy
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
DE
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
34YOfoP9omJN5nz_X4INIQO3VKqIOGJHybVI_-gORSEVbDGV8Vvasg==
moatheader.js
z.moatads.com/playwireprebidheader597261727146/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1e6f4c795337ff4e514d972bcb14e6f717fe96857630799ab895c45d330c67c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 15:27:19 GMT
server
AmazonS3
x-amz-request-id
5TPFE326ZRTF2EYA
etag
"1df48c0f86be3c3ee937f8e82b9ed036"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=34650
accept-ranges
bytes
content-length
76136
x-amz-id-2
Fqw0ZVGozfgrwt6d6N9sCHibPwVADeDgi3/w+YnUmUVv6R5xSFBhhgoMJjensTD5F95VB1W0r8Q=
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
3560
date
Sun, 31 Oct 2021 02:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 31 Oct 2021 04:00:34 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1858647594&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ducksters.com%2F&ul=en-us&de=UTF-8&dt=Ducksters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=140404264&gjid=1745070876&cid=196686384.1635649194&tid=UA-714916-2&_gid=1894757507.1635649194&_r=1&_slc=1&z=537821995
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ducksters.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 02:59:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ducksters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
aws-sdk-kinesis.min.js
cdn.intergient.com/pageos/js/libs/ 		227 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.27/batchHandler.292de00282b644b2ec50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de7b10eaab1f3ee093d20cc0c5d8c60dfe788b58ac8a4a8ddfe534be975df598

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 21:40:36 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 13:10:54 GMT
server
AmazonS3
age
19159
etag
W/"cc1354171ad23accb0ee3568226633e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
fZsewR02AtogXD-pXCQLfEuZQpLVxJGk5EVdcSlmECM3NAh32nMXwQ==
vendors~gdpr.f92225b828d740c7c57f.js
cdn.intergient.com/pageos/1.6.27/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.6.27/vendors~gdpr.f92225b828d740c7c57f.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:36:57 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:06:15 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:9b5e3fdd31d877679a5666fe44299ea9/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
8578
etag
W/"9b5e3fdd31d877679a5666fe44299ea9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
-Yg5DAm8tKZY4TaJEPoWPp-k-T07zxKQ90M4GuRZ8GObo-1J8nTGDA==
gdpr.b95decdf3fae99b9a6c0.js
cdn.intergient.com/pageos/1.6.27/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.6.27/gdpr.b95decdf3fae99b9a6c0.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63de30a657bccde3628bdb506e684eddcff3e21a0969d89b07c1230c3629019e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:00:38 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:06:13 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:231d2c1af38f5f850b57d2b8067b6bfa/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
7157
etag
W/"231d2c1af38f5f850b57d2b8067b6bfa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
DDOtgghwvVZsEV9xofDVqBWmlwligfBRwtKhBZ837cp1mAwg8rwNpQ==
trendiVideo.a26b617a1eb6c7b1d2a4.js
cdn.intergient.com/pageos/1.6.27/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.6.27/trendiVideo.a26b617a1eb6c7b1d2a4.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97ead3877ab9968a51a83525400a035dd0ce871474e8097526ed792835c02f41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 01:03:21 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:06:15 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1634580368/ctime:1634580368/gid:20/gname:staff/md5:d5eb2c22ccd4d74c1f23bbc2d4668a71/mode:33188/mtime:1634580368/uid:501/uname:thomascreamer
age
6994
etag
W/"d5eb2c22ccd4d74c1f23bbc2d4668a71"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
BvXV03OwyrHdfie034XtNlg4GBE0jkl8VOYMSuNOWzxU5XFP1H_IeQ==
tyche.js
cdn.intergi.com/hera/releases/4.4.20/ 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d58e5173aa77594781fbbd9ea267e60cb224b9ed9bf780ee7fbb74af19bc5e5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
rrp9h3UPqyLmT1jxan3.qeosexGA8bHh
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:f7b36fb6bf7f1df9b862fef0f6cecd61/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
1890
etag
W/"f7b36fb6bf7f1df9b862fef0f6cecd61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 02:28:25 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
c_B26FRfbizQ3390IWvM4gxEzCTQFLYbYqL_6pHJzzQVwN9_el3v2Q==
v2
mb.moatads.com/yi/ 		254 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Z%2Bt7GydOacklaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Fe6rgEk%2F0rYACQ%3D%3D&sc=1&os=1-yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.ducksters.com%2F&pcode=playwireprebidheader597261727146&callback=MoatNadoAllJsonpRequest_44864623
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.85.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
ab9022908dfd3461745cb5ba33c29beef3c3a8e1d770459aba5b4671036fc5c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"5d3a20ce69fdf1b8b950ec479dfbd44284400e16"
content-length
254
content-type
text/html; charset=UTF-8
runtime.05de6b0ea45677a1a6c9.js
cdn.intergi.com/hera/releases/4.4.20/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/runtime.05de6b0ea45677a1a6c9.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9a71b81af22b4823fda97cdc3d5a5f8f209ff5acb6c6f590a958fc5e7c484da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
jzCGoOyBJsrW5_BIklD4Wt08CJHLhnSN
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:08 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:80452be1a33fe5e3d9d7ff28d3783f5e/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
80707
etag
W/"80452be1a33fe5e3d9d7ff28d3783f5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 04:34:48 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
XAwFdx_4jYafexPUSbctT6zREnWL6R2bAQj_DkSM4erv6lh6XIdYIQ==
npm.core-js.ffb4b0a70697fbafb4fe.js
cdn.intergi.com/hera/releases/4.4.20/vendor/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.core-js.ffb4b0a70697fbafb4fe.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
yNwgVZShYf9bdtyCBLLwGGUpO6ELk3JH
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:804f5a4d76247f98873a77739d825de0/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
1773
etag
W/"804f5a4d76247f98873a77739d825de0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 02:30:22 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
fg899GyE26WyP86GHZ9wGbChKFZE2Feg9SijxaGT9MyK4aORvhbvIw==
npm.babel.e42d14b31536f4c718ea.js
cdn.intergi.com/hera/releases/4.4.20/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.babel.e42d14b31536f4c718ea.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
3VwFVSasYkf9sUjFHhhXu95Wax5g01hS
content-encoding
br
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:f3bb19c23da5015c288c890ccb181355/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
171368
etag
W/"f3bb19c23da5015c288c890ccb181355"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 03:22:59 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
rx0Buy2pGbre6FhUelFU1EASL22RZwDW30zBOwnftCBSt_rQ4bcMOQ==
npm.lodash.922cd3f43a34caef1c38.js
cdn.intergi.com/hera/releases/4.4.20/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.lodash.922cd3f43a34caef1c38.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
f5Nau8NwFN7L70FSsYb4JdZzDH0MuFh.
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:0c61d46da45d9ab039a485d6e9e04701/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
7768
etag
W/"0c61d46da45d9ab039a485d6e9e04701"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 00:50:27 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
lOxWLS6xMS9tKVAJnToQ6-QcL30H_KU-d8CM-2i3n0TLJ8JG2i8PmQ==
npm.intersection-observer.8aa2efdfa26796cda0fc.js
cdn.intergi.com/hera/releases/4.4.20/vendor/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.intersection-observer.8aa2efdfa26796cda0fc.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
zsMJ0ng_K9AhI4lddDx3W0LGQd01a1GX
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:2be2cdb69171257c85e47d90ae2f6b2f/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
3920
etag
W/"2be2cdb69171257c85e47d90ae2f6b2f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 01:54:35 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
BXz_mz-aATghC_a0lN-nXzeDfMIgMlOvPeZOgWSpJp3rP-EJjjKbFQ==
npm.process.940d3a7ac2b6ed08f335.js
cdn.intergi.com/hera/releases/4.4.20/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.process.940d3a7ac2b6ed08f335.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
QiLkwJM8fhJodyaJEGupWfVzHKziod_X
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:c3f55d7eac6bd8289f3c5184e9fd1118/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
81226
etag
W/"c3f55d7eac6bd8289f3c5184e9fd1118"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 04:26:08 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
pex4kZ2A_6z868nGe752DRh4mVTluNktPykSf2ws6ly4-0S5MdPegw==
npm.webpack.1e0f2b4c3cee24713006.js
cdn.intergi.com/hera/releases/4.4.20/vendor/ 		231 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/vendor/npm.webpack.1e0f2b4c3cee24713006.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
M1THDJyH9Bb7TKXLTtla9v6fPw4G37qE
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 12:05:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:436272b3faaa8c97115625bc8504abbf/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
8571
etag
"436272b3faaa8c97115625bc8504abbf"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 31 Oct 2021 00:37:05 GMT
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-length
231
x-amz-cf-id
Rlh5CE56tkgQDLrN2VkAUOECxVzGXeo6D7SGzMGGZraMV6JZefA35g==
lib-main.aa0becec495b9d9b6de4.js
cdn.intergi.com/hera/releases/4.4.20/lib/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/lib/lib-main.aa0becec495b9d9b6de4.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Xs8Bsmy9XR8PXppeSYGxneyTzQbXwZyd
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:4f9983efbe731c3569545c1c49d9a965/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
84711
etag
W/"4f9983efbe731c3569545c1c49d9a965"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 03:28:04 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
xiM2779TMMV7DEMTwAnnMKQnvU2PKfEB3E6EJgM7BhKstvv4R7Bceg==
main.9f147b17a613af2d3924.js
cdn.intergi.com/hera/releases/4.4.20/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/main.9f147b17a613af2d3924.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d16f6f0436e8fdfa3eaa4b572edfe42ac61a514c99a38e502d917ec210982f25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 21:52:10 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 12:05:08 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:6192023fa414f78aa7eaef1ec7f84afb/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
18465
etag
W/"6192023fa414f78aa7eaef1ec7f84afb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ahSiOQ_DBS8C3ojT2HALrnqujD1Zpksm
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/javascript
x-amz-cf-id
9LkB_Px_9_mc9L06QcHfGfF1xZYOcBlZmy8LYEnliqhz_EjVh6DI9Q==
lib.55782284870bfbbd6c84.js
cdn.intergi.com/hera/releases/4.4.20/lib/ 		138 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.4.20/lib/lib.55782284870bfbbd6c84.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Hligg.9HYpu6zfclm.GRZ1tw0hES86hJ
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 12:05:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1633521905/ctime:1633521905/gid:20/gname:staff/md5:64d609d6dc753b7c1abf5d5d2b095aa1/mode:33188/mtime:1633521905/uid:501/uname:thomascreamer
age
76044
etag
"64d609d6dc753b7c1abf5d5d2b095aa1"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 30 Oct 2021 05:52:31 GMT
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-length
138
x-amz-cf-id
XyScnWwyd1GIm2TQQ9C9jp_IJfhVyBhnrwz9t8qYQLhnOvRxOYd2hA==
embed.js
cdn.playwire.com/bolt/js/zeus/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt/js/zeus/embed.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.6.27/trendiVideo.a26b617a1eb6c7b1d2a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
748c627bea599a8c020899623955628ff0bec212d1c4e74ec3f85ca7a741aa84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=45327, public, must-revalidate
content-encoding
br
x-amz-cf-id
bOgcbXd-_GVUlGTlxHUsrKGsVwzhka1_-foffA0Xi2EASRXYuLddCA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/main.9f147b17a613af2d3924.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
8890d5165e2344bf369ae00f21aa7dd2a15ea3188686aa01ff64533474e72db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1029 / 223 of 1000 / last-modified: 1635545117"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27327
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 02:59:54 GMT
pubads_impl_2021102701.js
securepubads.g.doubleclick.net/gpt/ 		353 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121586
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 08:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 02:59:54 GMT
7.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/ 		150 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/7.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89ed271e5f437cd47ab4da94c4aa893c55b427e2b0438afaf8f3db3bcef887b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.3wJMJAm88I7Xnhx_kEm4Or25UpMuMzi
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:08 GMT
server
AmazonS3
age
5411
etag
W/"cb67692360c1b8bcbf62055c5e1bf3db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 01:29:49 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
bvsSjXD9GLhPg9cusNmAA4rgL5w3I1FWtq-fWJuy0SZMvjYfEE8_sQ==
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 02:59:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 31 Oct 2021 02:59:54 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.ducksters.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ducksters.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		87 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2264843315262621&correlator=3166451904198211&output=ldjh&impl=fifs&eid=31063213%2C31063335%2C31063339%2C31063140&vrg=2021102701&ptt=17&npa=1&tfcd=1&sc=1&sfv=1-0-38&ecs=20211031&iu_parts=96780239%3A87674693%2C1015702%2C62069%2C1015702-62069-desktop_leaderboard%2C1015702-62069-desktop_leaderboard-HP%2C1015702-62069-medium_rectangle%2C1015702-62069-medium_rectangle-HP%2C1015702-62069-bottom_rail%2C1015702-62069-bottom_rail-HP&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F6%2C%2F0%2F1%2F2%2F7%2F8&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%2C1x6%7C728x90%7C970x90&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26in_view%3Dtrue%7Cpos%3Datf%26slot_id%3Dmed_rect_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26in_view%3Dtrue%7Cpos%3DFIXED%26slot_id%3Dpw-oop-bottom_rail%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP&eri=1&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26sitecont_cat%3Dkids%26hour%3D2%26day%3DSunday%26OS%3DWindows%252010%26browser%3DChrome%252095%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.4.20%26kver%3Dv1%26ab_test%3Dna_A%26got_consent%3Dfalse%26page_focus%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1635505143&dt=1635649194562&dlt=1635649194023&idt=509&frm=20&biw=1600&bih=1200&oid=2&adxs=265%2C818%2C800&adys=398%2C838%2C1897&adks=440268110%2C293378379%2C3107548512&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ducksters.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1070x100%7C488x0%7C1600x1897&msz=1070x0%7C488x0%7C1600x0&ga_vid=196686384.1635649194&ga_sid=1635649195&ga_hid=1858647594&ga_fc=true&fws=0%2C4%2C0&ohw=0%2C524%2C0&btvi=0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e0c34f26e92378323177947676bc311b0a90ee07438e6dc53371aba764f464d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14156
x-xss-protection
0
google-lineitem-id
-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ducksters.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
13066ba4b63dc1d6f07cb3401b7bd262.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25F4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://13066ba4b63dc1d6f07cb3401b7bd262.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 31 Oct 2021 02:59:54 GMT
expires
Mon, 31 Oct 2022 02:59:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pre_content.json
config.playwire.com/1015702/v2/ 		1 KB
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/1015702/v2/pre_content.json
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe44a934c027b2033ab3f1c85324ea29014676bcb10932323d3e89e446dd1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 19:18:43 GMT
via
1.1 vegur, 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
27671
x-cache
Hit from cloudfront
content-encoding
br
server
Cowboy
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
DE
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
ft6NsfqX5MoH4FPGTUBGdLEMovVIfE6gmzLekYv2t3pVYYAT1vZc_Q==
1.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/1.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50eb4030ad099d06ac09d021f0bfaad06975b984ca09c700875fc4b502a98211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
otJaLRv0n.VLdQy3Ho8GXvuizpMUeXPF
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:08 GMT
server
AmazonS3
age
6592
etag
W/"39c665102b9748cacffd5f1ca23633b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 01:10:50 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
rIlCRT1NcUFMsUUO1CmsjtTrZEuC4-ZR5aQaYcCSB3k1vM8IKIiA-g==
frame.html
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1418a464c731dc22106bd7f6328c89d18b12915af081d0567b77c72fdb13c98b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/

Response headers

content-type
text/html
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
x-amz-version-id
8MsFp8DH9Xxjj.0zZrb1rMPbSzR283zy
server
AmazonS3
content-encoding
gzip
date
Sun, 31 Oct 2021 01:29:50 GMT
etag
W/"738090103f07f7beadbc728ec1da7cd1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
G1_6CysYo6Fjb75vYVBRycE7aKZ8K2dtKqvW-XeI2I3PouGc_Cj0jA==
age
5411
zeus_boot.b403c9d62628373d927f.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		124 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0922fc40ae00be52383733c55b4de03619a835f8638c707839bc18fdc46126ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
DutQ7et7t5ksRI_e3HyHrJ5Bb4MT.aK4
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:10 GMT
server
AmazonS3
age
80722
etag
W/"e2c7895686e5f39bddc089e2edb8f5d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 04:34:33 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
H5faE0cQGfN9Ys18XQXf9_w3IasH7J_QdwjvNF_0ajNWMwzPXcyEGg==
frame.f36cc9760182a5064d71.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		127 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.f36cc9760182a5064d71.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d656d149faf62a79bbb9f8f14bcfcde9ebd60d2da74cc16b3b26230bcf4e6df2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
dhvn6t5KxadWs_Y8uJWVNSJPjTZruXQ1
content-encoding
br
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
80025
etag
W/"810d38fcba5275c64a8401af366e4cc3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 04:46:10 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
VlmGg2iNkJVO0CrcRt0kowRoVFplvzbtXw0rsCZGuA8AMdCQJLr91w==
pegasus_theme.29dba5b7398e655b8918.css
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/pegasus_theme.29dba5b7398e655b8918.css
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3a0fe37dbe5bd54b1bc4a7fbd8563d44249f7814fba0b04e54296f61e95bd34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
nF6mtuPjxtEraEDnvOulqXPwOIECxC1w
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
86236
etag
W/"93ff4e0d93877f6afa692e6156c212a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 03:02:38 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
tu9YmEcEDFJZprlMrGsBf2EBrixKZezKCTvsKLgYNqQ4n1K6q-og3A==
pegasus_theme.29dba5b7398e655b8918.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/pegasus_theme.29dba5b7398e655b8918.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7b9b0450a1f175240dc5f7b078b4649a295bec055ab0f2b42852a77d4b6241e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 00:52:34 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
7641
etag
W/"1ec7742cab2c0b5f0667fc265cd14777"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
tf7BGgF7lEyidu9l1UlX6H_AkWoCJhr0
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
content-type
text/javascript
x-amz-cf-id
ZK7PN3Uy0rKAwSoRM5HaaaHNmnxE74AwMSHzUgQC0BqLISUCByO8SA==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Origin
https://www.ducksters.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-amzn-RequestId
ebfa2866-0543-ace0-b202-208c1d95b05e
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Date
Sun, 31 Oct 2021 02:59:54 GMT
Content-Length
0
/
kinesis.us-east-1.amazonaws.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash
1a5faa8a5d2a84456b2f04c0220bb48b26f6cb9fc9577770b40dbbd183e8685d

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=ASIA44GIABD572XAZ4SO/20211031/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=44736f0136d3f7c05b822e1d5642f48f3467e22d26ccd4063983903a56d6ad28
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
4e4c512969949f0ebb91540d8fca398c71a00ba6ee1c5d6b94a4cf5a9037c635
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-amz-security-token
FwoGZXIvYXdzEFkaDLVjJ/V1g4j7odEdFSKCAbal53VwiUrg02oTCy66Bv9nHl6xiyQ424T0GsEEDbdjzydN6fdOz4xLN0B1YMcxxkxuyvBD6XJz80Y0irwnDyKjdH/g14r4cHONlsao2lOceiHbkWuO+HSUciXhvuc3HkncT5VyZWqVepjuli6E4BrNI2GzwPQzCAh0+wLhI4cRp8souq33iwYyKM76qYAgpELxo5pgZNtZqjTjXaSjeJ0nFVE4X3PeWUbZXVrKpfk6q3w=
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-Date
20211031T025954Z
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
Referer
https://www.ducksters.com/

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId
cb8128bf-9b4d-2139-9279-205464181b26
Date
Sun, 31 Oct 2021 02:59:55 GMT
Content-Length
1145
x-amz-id-2
GTV/0Y8K/Uqc6HfdyXTpDN6Ne8u04DsG7Jo9ZgJerXn/bkTuIqDb6Gg+BdzJL3CnCWDzQJaYT5qLnJg1GfYCLqG3+bzED7f/
Content-Type
application/x-amz-json-1.1
admgr.98aa128f162435d09e40.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		133 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/admgr.98aa128f162435d09e40.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa745bf070ef0a1e43bf90f2736549a7e956c0967e6b930f6c0a22d585d8a6a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
2CFtjy2K0gfIi4Rh.H4GYU8LVo7E6poc
content-encoding
br
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
2660
etag
W/"37c4086c73dbeb2ff47455a138624a9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 02:15:43 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
n1ENYAKL0ubRkxan3V1grlYJLeSt1x41nKlK94p6p2rSD_CIabgNWw==
pegasus_appearance_manager.c07ee0b791f471e5f1e8.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/pegasus_appearance_manager.c07ee0b791f471e5f1e8.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5b9a8e702564f839d23baa6b090c28c88e11590b67ed2ebfdbacb8370095646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
YLC0hDiWBFnVXGZx6_Wopt3IlNMBbjLU
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
86320
etag
W/"ca31fd1fae649ef00b777036f3941cf0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 03:01:15 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
v5mlZqtLWmGZsVC9DbDnB3wi5GAQd974lD1YB8dwR9bjAw-URly4gw==
pegasus_controlbar~scrubber.e7f4cb6ff553198caacd.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/pegasus_controlbar~scrubber.e7f4cb6ff553198caacd.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b87a090dcc8df19e4c01623179a2c21a6f23a09220fd13c6e4a5aa44e0cc1b7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
w3Sgvyj5F5YNg0R85BwqTovZB4QqPvcv
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
8734
etag
W/"7365403aeb16fb675a4eea55d2226994"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sun, 31 Oct 2021 00:34:20 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
VzgBIA6SUpv0eNZho2c2l9TdgjnLaYTTqV36yul1_lCwyHx9yVvSHQ==
pegasus_controlbar.7c79a0074488e10cdbe8.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/pegasus_controlbar.7c79a0074488e10cdbe8.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbfc6d5f575f2855f6023ceb68a7a3f8efb815dfa53189a746d5d7f69eda8b3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
_vBWl5kRRpHQAhc3i6p7dRG7HaQV4oGg
content-encoding
br
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
79633
etag
W/"e183342687367ae663ad1ff6e5d60a7b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 04:52:42 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
Cq1g7ZpYuBD82aq0gVZqxpXqL6UaBnbn944jfGXhwXzZjbkQGSyYxQ==
zeus_mouseinput.1ae60750a1e939b322ac.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_mouseinput.1ae60750a1e939b322ac.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdf9ff51b2db78d37663d1a34a0695d15558f12e4b8f0a1e28eb0953619191a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Tf55rxTqXI7cz7QcAdP6cNmiXYIZ37ZS
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:10 GMT
server
AmazonS3
age
81577
etag
W/"ab009098036985874ad5e93e427cccd4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 04:20:25 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
4FP5_nC_vV--s9sXYSAZEmdNJiVit34SMnuJs3Bk_owWHRYyTSHANg==
pegasus_content.4444d621557dcd79b572.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/pegasus_content.4444d621557dcd79b572.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47a08255118e2ccd394760cbcb33f3bba5993f8c7162cda9a84e78301748b8cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
abnxSCedl5huIItZ.WKo8Oe5WHe6liZ3
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
83393
etag
W/"04b4a8dee25ae95944f3611fd2c74881"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 03:50:02 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
kqd5zv31lCU5TI4LoGtse6zyXeMb4dkP4KQbSYgX-rqduJwLw0SH_Q==
scrubber.c8ca985d63da316db69d.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/scrubber.c8ca985d63da316db69d.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fda4b5b603c94be1d774fbd98412ef4858b7c908eb4d09531b7f7f025db64951

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
0s3RVXkgOhVaU.J1gSRB7f_bAKsAz1Vs
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
77011
etag
W/"c6b3d1905131eac2f64f37fe19e90f56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 05:36:30 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
AzFbwz8M0M3CsaPrB7KBvHKhMGzjIK-iGHC09DZ2-zCWt-Mk57M6GQ==
pegasus_watermark.6b5d9e6da94a549816f5.js
cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/ Frame 7CDB 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/pegasus_watermark.6b5d9e6da94a549816f5.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/zeus_boot.b403c9d62628373d927f.js?b403c9d62628373d927f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55fc4f6158444fce6bde082d0fcc18b251ace1dd33ab3d01535c1144f7329370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
BYbcGWXAViZfy6r4WGXMyeDxiPFTFEao
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 18:15:09 GMT
server
AmazonS3
age
85348
etag
W/"4fa2f032580a4bae305a7151a45f41ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
date
Sat, 30 Oct 2021 03:17:27 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
f7zsRUT7pNcfXAUZZO7noKHFBAIa_a3jvC2IicW-g6dR8i4VuVuing==
231253
search.spotxchange.com/vast/2.0/ Frame 7CDB 		0
0
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Origin
https://www.ducksters.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-amzn-RequestId
c1cb027b-a1a1-fd6e-9833-0a90b977e1d0
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Date
Sun, 31 Oct 2021 02:59:55 GMT
Content-Length
0
/
kinesis.us-east-1.amazonaws.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash
6292696fb748188584b401aacd6bc2b1c9f6ec2bdcb4a3e116bf3404eb50b5de

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=ASIA44GIABD572XAZ4SO/20211031/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=3a49a921bc747ad028961d8f8d0af91a238db1f44ab4d22ddc78c18434f58b5c
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
80c77f435edff4f4b2bc8df1cd6a033b002f90a49290f79d894c461cb0cbc7ec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-amz-security-token
FwoGZXIvYXdzEFkaDLVjJ/V1g4j7odEdFSKCAbal53VwiUrg02oTCy66Bv9nHl6xiyQ424T0GsEEDbdjzydN6fdOz4xLN0B1YMcxxkxuyvBD6XJz80Y0irwnDyKjdH/g14r4cHONlsao2lOceiHbkWuO+HSUciXhvuc3HkncT5VyZWqVepjuli6E4BrNI2GzwPQzCAh0+wLhI4cRp8souq33iwYyKM76qYAgpELxo5pgZNtZqjTjXaSjeJ0nFVE4X3PeWUbZXVrKpfk6q3w=
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-Date
20211031T025954Z
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
Referer
https://www.ducksters.com/

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId
c9d6d1a8-0d7a-fe32-902e-d94315ace28c
Date
Sun, 31 Oct 2021 02:59:55 GMT
Content-Length
1145
x-amz-id-2
G1RCdsgu59wjBiQEv5ltia2fde2NL3wv/tSqUzrjdi28M+Ne6iYtNnf2ZsXPGUepR5vmS9l8cjgP08t0eKuopCDDxfcfZn+Q
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Origin
https://www.ducksters.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-amzn-RequestId
e46a67d5-22de-9caa-bd92-6f3e8143b16f
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Date
Sun, 31 Oct 2021 02:59:55 GMT
Content-Length
0
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Origin
https://www.ducksters.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-amzn-RequestId
dfea4f89-4410-f028-8612-47622b789a2f
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Date
Sun, 31 Oct 2021 02:59:55 GMT
Content-Length
0
/
kinesis.us-east-1.amazonaws.com/ 		923 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash
4b4f2220fe4fe4900a83fbef5ea2bbf2831c9d98b9b83d3567facbe053df63f5

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=ASIA44GIABD572XAZ4SO/20211031/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=a51b99a0383e1f24c281f0389c61c30bfda81484685b719678045de9561ab734
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
5cb378bb9d8a90837147edb58a6490827446ac3c29b58ae2b2386cf079b78460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-amz-security-token
FwoGZXIvYXdzEFkaDLVjJ/V1g4j7odEdFSKCAbal53VwiUrg02oTCy66Bv9nHl6xiyQ424T0GsEEDbdjzydN6fdOz4xLN0B1YMcxxkxuyvBD6XJz80Y0irwnDyKjdH/g14r4cHONlsao2lOceiHbkWuO+HSUciXhvuc3HkncT5VyZWqVepjuli6E4BrNI2GzwPQzCAh0+wLhI4cRp8souq33iwYyKM76qYAgpELxo5pgZNtZqjTjXaSjeJ0nFVE4X3PeWUbZXVrKpfk6q3w=
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-Date
20211031T025954Z
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
Referer
https://www.ducksters.com/

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId
c0c2d7ca-6a30-9d82-993a-df21c9adb047
Date
Sun, 31 Oct 2021 02:59:55 GMT
Content-Length
923
x-amz-id-2
3ZxzKUVg08UBMLW945xXDokoM+Mp//ThUwxalQf6CvMlcebfYBweG9QDOrUrLF+a8l8rqEQ2sxXVbmi/hCqde+iHmaXevnh/
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ 		257 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-213.compute-1.amazonaws.com
Software
/
Resource Hash
35492e1ad8f7186280fb21256c5951494674f868d0fc27d6bb22917b96e4f1ef

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=ASIA44GIABD572XAZ4SO/20211031/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=e0fd4e3a7478f5ae5c3b96cd5f6d215c626509473d597f3350697aaefc44589b
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
f386e65cc1eb6e3fa9cc1c3077d4c9b3602606bcd5e1a5448aef3f4204a1a2ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-amz-security-token
FwoGZXIvYXdzEFkaDLVjJ/V1g4j7odEdFSKCAbal53VwiUrg02oTCy66Bv9nHl6xiyQ424T0GsEEDbdjzydN6fdOz4xLN0B1YMcxxkxuyvBD6XJz80Y0irwnDyKjdH/g14r4cHONlsao2lOceiHbkWuO+HSUciXhvuc3HkncT5VyZWqVepjuli6E4BrNI2GzwPQzCAh0+wLhI4cRp8souq33iwYyKM76qYAgpELxo5pgZNtZqjTjXaSjeJ0nFVE4X3PeWUbZXVrKpfk6q3w=
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-Date
20211031T025954Z
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
Referer
https://www.ducksters.com/

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId
d1c9bd66-fb1d-f7f3-8831-b58d94759df4
Date
Sun, 31 Oct 2021 02:59:55 GMT
Content-Length
257
x-amz-id-2
Qg80S+AQpvCu0vqv1T+W9xsdxcupUgkyWegj5IgZzC6RehetB2KcI0en/0yQRjAh+ECdew2yZbJe+vYnmZBEYPAbzJr+aV0p
Content-Type
application/x-amz-json-1.1
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55667
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4996
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28494
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1635
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12816
x-xss-protection
0
server
sffe
date
Fri, 29 Oct 2021 11:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Oct 2022 11:45:58 GMT
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa156d4c2779789e4b6e0aa3a251fc36d4263adfc13e723a60c515d8e21ba68e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
report_ad_style.css
cdn.intergi.com/tyche-assets/report_ad/ 		1 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/tyche-assets/report_ad/report_ad_style.css
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.4.20/main.9f147b17a613af2d3924.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5651133b0392ce80a91d2e057fcfaf0b227307b35f32f11060e65c6e494c0a94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
yQJG2B2SnzFKKyF.jAa0ZlOr43UtUwUI
content-encoding
br
last-modified
Tue, 06 Nov 2018 18:42:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"5ee185abd03eb7c5f89cfb8cd1c06255"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
cache-control
no-cache
date
Sun, 31 Oct 2021 02:59:55 GMT
x-amz-cf-id
spSBTVIiHfSAmFGw9mJ9wxjsVuPpaPedzIkVF24GZEffqOSlCWR9BQ==
17068179495239740038
tpc.googlesyndication.com/simgad/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17068179495239740038?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlz8M8y5L_PDu9rOvnyUKUHGpXXXQ
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
fba0f8001dbd03ec73831321c01c29882477abcb567c5c880aad9e43d6617f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 20:06:08 GMT
x-content-type-options
nosniff
age
111226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 20:11:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 29 Oct 2022 20:06:08 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
49301
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 31 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Oct 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
11815
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 31 Oct 2021 23:42:59 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuXjcItElH1q2he4ecPB_fmXZpozE-ZDBK9CnsS871pUZ6LueA2CiEdP1zhxA0VoeGGjj6
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CptUhqgZ-Yc6qJciS7_UPvu6ZgAW_uNCNZt6k2eDeDsL85vCFKxABIK-N0CxgOaABxvXM_AHIAQKpAi6C9C-RZbM-4AIAqAMByAMIqgTcAU_Q6jSPNwdoebLSGzDeplFxmHrpPAB3nHSTZnP632IykFMTYa-jul5XF1rfObd297gRiS9L0lrIChKlFXnSw-8vBGHvgKuHvBFK5gTmPNXFgrTltkx0SzaWhAPZsvVpLEYjbChblpwupFDbQPrlcC5yUhnwOda_HI5aFKY1O1UxPmdNR0D1v7ouTrN4XSJcusGTbPEj4fgt7GI98SdTGwRvR3ZkwO2KV7i0BV7CJq4NxPY8CgRGBgQGQXdNZRwuS2thIwZMofZ3vpiagnPVzvbbke_fRigCA6GirrnABI7u6ubWA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeiirODAqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDPuQnSCAkIiOGQcBABGB_yCBthZHgtc3Vic3luLTcxOTIwODAxMTAwMzg2NzCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNTA2MDY2MzM3OTA0MDcxMxinsh4&sigh=Y-5CwGJvuBM&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
close-button.svg
cdn.intergi.com/tyche-assets/report_ad/ 		619 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.intergi.com/tyche-assets/report_ad/close-button.svg
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
xhZoq6wMR.69xI4eIXn8TGqPwvpKTgWa
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
last-modified
Tue, 06 Nov 2018 18:42:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"3500c4be67d6d8f0469a8d37dd63a832"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
no-cache
date
Sun, 31 Oct 2021 02:59:56 GMT
accept-ranges
bytes
content-length
619
x-amz-cf-id
OHGOzsIDYO6EqFFp1X9ssOEtO2tFOJhupMrbxBJv4cx7HiJRGff-SA==
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
5cf8bfcbfd784bed3da7a72109aa9ffe27635d29e954b2b6e62c01ebfbea87fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8567
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0
si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Sun, 31 Oct 2021 02:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN3nOWD6aNJz5mDVvx_0HX4pok3XIkVOKMq0PvYkh-W59_IlbQdEqtt0Epynn83t46z3hNhWeGQT9fnna8V1EtgbhWcnd8-wgqGft57ZRtmla3oinEsQ&sai=AMfl-YRHWrhHGLvO9EXEFolyaxmcRqySCQX4bDgJEqvs1uj_8aVUqImW454PKqGWyMH_woOqf4EXWvJI4J7xpPasFq051lXaoZYFSYoMu4lvWHI_UYLpEs9h0UeCqxx2RBRF&sig=Cg0ArKJSzJ_szEeAre4EEAE&cid=CAAScORogbt8MiOL8ULBd_ivEvrlFNXuz6C3XonI2he_vGW6CilXxls3g9bHnDEEzr92QtCDq49WFueNGcD-imHdCk8UXNrHoc9HlPku4v9NP3oYE1GIZ7z9K7PyIaOTudIzmIIbhVYHofWrUhjWzAjB0iY&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=48&tls=1048&g=100&h=100&tt=1048&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=440268110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 02:59:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
search.spotxchange.com
URL
https://search.spotxchange.com/vast/2.0/231253?VPAID=js&custom_skin=1&content_page_url=https%3A%2F%2Fwww.ducksters.com%2F&player_width=320&player_height=180&x_source.pchain=playwire.com:fcddfba7adc2d929&pchain=playwire.com:fcddfba7adc2d929&schain=1.0,1!playwire.com,62069,1&ad_volume=0&custom[campaign_id]=0.0&custom[channel]=231253&custom[content_page_url]=https://www.ducksters.com&custom[page_full_url]=https%3A%2F%2Fwww.ducksters.com%2F&custom[player_height]=180&custom[player_width]=320&custom[adunit]=trendi_video&custom[device_type]=desktop&custom[owning_pub_id]=1015702&custom[player]=tyche_trendi_video&custom[pub_id]=1015702&custom[synd]=false&custom[secure]=true&custom[vid_id]=&custom[vpi]=VPAID_JS,MP4&custom[vid_long_form]=false&custom[vid_location]=corner&custom[product]=ads_only&custom[sticky]=true&custom[trendi]=false&custom[refresh_count]=0&custom[pagecount]=1&custom[ab_test]=na_A&custom[instream]=true&custom[custom_path]=ROS&custom[ws_id]=62069&custom[cp_placement][]=cp4&custom[sitecont_cat][]=kids&custom[window_width]=1600&custom[window_height]=1200&custom[abs_dist_top]=1100&custom[abs_dist_left]=1400&custom[rel_dist_bottom]=0&custom[rel_dist_left]=90&custom[daisy_chain_count]=1&gdpr=1&gdpr_consent=0&custom[got_consent]=0
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| tyche object| pageos object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling object| _pwLogger boolean| excludeMoat boolean| pwKruxEnabled string| _pwKassandraVer boolean| _pwUserInCA object| webpackJsonppageos object| __core-js_shared__ object| core object| PageOS object| ramp string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| scroll_it function| scroll_it_wobble object| jQuery110109158894325081455 object| cookieconsent function| checkSearch function| checkSearchFooter object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_44864623 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi function| _xamzrequire object| AWS object| webpackJsonpTyche object| Tyche object| consoleHandler object| kinesis object| ggeac object| google_js_reporting_queue object| _pwBoltAB boolean| boltSampling number| boltSamplingRate boolean| __pwSpotxServerSampleRate string| BoltBaseURL string| __pwPageOSVersion string| __spotxVastVersion object| webpackJsonpBolt4 boolean| BoltDebugMode object| pageOSScript object| pageOSLoaded object| Bolt4 object| BoltAdBlockDetector boolean| BoltGlobalIsLoading object| ZeusGA object| Bolt object| Zeus function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| AMP object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG object| GoogleGcLKhOms function| FormProxy

9 Cookies

Domain/Path Name / Value
.ducksters.com/ Name: _ga
Value: GA1.2.196686384.1635649194
.ducksters.com/ Name: _gid
Value: GA1.2.1894757507.1635649194
.ducksters.com/ Name: _gat
Value: 1
www.ducksters.com/ Name: usprivacy
Value: 1---
www.ducksters.com/ Name: playwirePageViews
Value: 1
www.ducksters.com/ Name: pwUID
Value: 988756739284728
.ducksters.com/ Name: __gads
Value: ID=f6c038caa85591d0-2258d27705cb00af:T=1635649194:S=ALNI_MYh83l-xzqV2elIThteoFExJgXApA
.doubleclick.net/ Name: IDE
Value: AHWqTUnX9iwbXypBynihXHphsxfjNUIuOzlc8Gnwroe9jKMxk1T5aIf9ttfw-B192f4
.doubleclick.net/ Name: DSID
Value: NO_DATA

5 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.3.63/7.js(Line 6)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: https://cdn.intergi.com/
Message:
Refused to frame 'https://cdn.intergi.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063339(Line 5)
Message:
Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13066ba4b63dc1d6f07cb3401b7bd262.safeframe.googlesyndication.com
adservice.google.be
adservice.google.com
cdn.ampproject.org
cdn.intergi.com
cdn.intergient.com
cdn.playwire.com
cdnjs.cloudflare.com
config.playwire.com
ducksters.com
googleads.g.doubleclick.net
kinesis.us-east-1.amazonaws.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
search.spotxchange.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ducksters.com
www.google-analytics.com
www.google.com
www.kidsafeseal.com
z.moatads.com
search.spotxchange.com
tpc.googlesyndication.com
104.16.18.94
104.21.71.249
104.26.13.111
142.250.181.228
142.250.185.193
142.250.185.194
142.250.185.226
142.250.185.98
142.250.186.98
172.217.23.110
172.217.23.97
172.217.23.98
18.169.85.185
18.66.122.50
18.66.122.79
18.66.97.95
2.21.143.57
3.91.171.213
52.222.214.126
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
0922fc40ae00be52383733c55b4de03619a835f8638c707839bc18fdc46126ff
0c153290495ae00c5254a0ac46197a5c26f141da5ea4c974876b06bf04141284
13cc0025a2b90907913a2586cfc6832fe0da221a7ec01421b69a192a3d4aaed0
1418a464c731dc22106bd7f6328c89d18b12915af081d0567b77c72fdb13c98b
1a5faa8a5d2a84456b2f04c0220bb48b26f6cb9fc9577770b40dbbd183e8685d
1d1d2e6843d61701d00bc1081fdc466940c2f596885124bba67d21a6006d9e68
1e6f4c795337ff4e514d972bcb14e6f717fe96857630799ab895c45d330c67c8
21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c
225a5d44793400c62040e70a55fc77beed0a3cbc0d7ac361abbf4085392b1e20
2a1f4f6a44e511c7c13acce052bee956fe024d8939578431e18559c388d768d8
2cddcc76dd7b01e07130b647637c2c81f27ab4a0214973a010e712813f311138
2dfe44a934c027b2033ab3f1c85324ea29014676bcb10932323d3e89e446dd1e
3202be6a3814ed585b6e36a13b88b2aa5f56c8f8939acd95d2306b9dbe1091a2
35492e1ad8f7186280fb21256c5951494674f868d0fc27d6bb22917b96e4f1ef
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3dc8a36dd5fb53f5060e0bfa69872219871bb3c31967d0034acad925a97faf9a
411626d5e8eb3616fad95e39e91afe59dcfd424b9492c2c43c76a5199dc69768
47a08255118e2ccd394760cbcb33f3bba5993f8c7162cda9a84e78301748b8cc
4b4f2220fe4fe4900a83fbef5ea2bbf2831c9d98b9b83d3567facbe053df63f5
50eb4030ad099d06ac09d021f0bfaad06975b984ca09c700875fc4b502a98211
5122ba93a9303c1dd09b760b3195122db1beef3b3d673b2274ec5ff2e8512ad1
5347c78f51c7cf4a4e84d4be12317338a93ff8da7df24519360728769e48a91b
5533851b7d67db230189fe9c85796763ee84ac2ff6f9e60c8849a036fcda9040
55fc4f6158444fce6bde082d0fcc18b251ace1dd33ab3d01535c1144f7329370
5651133b0392ce80a91d2e057fcfaf0b227307b35f32f11060e65c6e494c0a94
5cf8bfcbfd784bed3da7a72109aa9ffe27635d29e954b2b6e62c01ebfbea87fc
61c954a339be44695196534585eaf26e52abd608f43fd6ba1a271a3a800fcc83
6292696fb748188584b401aacd6bc2b1c9f6ec2bdcb4a3e116bf3404eb50b5de
63de30a657bccde3628bdb506e684eddcff3e21a0969d89b07c1230c3629019e
6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2
748c627bea599a8c020899623955628ff0bec212d1c4e74ec3f85ca7a741aa84
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
79c02e6660a7461876cfa376acc0c356cce15b61b1f6100db0b649ac3d6cde72
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
881a8e16a9aa3dde622ecdb17620b378a6f5bfb67609d79a63cd610d6f14a1b7
8890d5165e2344bf369ae00f21aa7dd2a15ea3188686aa01ff64533474e72db6
89ed271e5f437cd47ab4da94c4aa893c55b427e2b0438afaf8f3db3bcef887b4
94360a6ab3ea5a75cb34a06ef2ff905d7ea0a7dc43eefcff9b6f90e737fa4e41
96cc38cfeb78e902e483c17f9ac04f2952a82686542d146a45136421efc7576f
97ead3877ab9968a51a83525400a035dd0ce871474e8097526ed792835c02f41
9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d4c2682d10f0750f0e1142e25fce055f0ae596c7a277bbaf2427ddae146bc
aa745bf070ef0a1e43bf90f2736549a7e956c0967e6b930f6c0a22d585d8a6a8
ab9022908dfd3461745cb5ba33c29beef3c3a8e1d770459aba5b4671036fc5c2
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b60388748b4d1d9dcb193c8f537c293afbd480bc278520224c49e48bd06a425f
b7b9b0450a1f175240dc5f7b078b4649a295bec055ab0f2b42852a77d4b6241e
b87a090dcc8df19e4c01623179a2c21a6f23a09220fd13c6e4a5aa44e0cc1b7c
bbfc6d5f575f2855f6023ceb68a7a3f8efb815dfa53189a746d5d7f69eda8b3e
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bed31c2062d8bcd1167d1be160c5d65dbf8b1ea2a75fe7f91a5396fe71e51cc0
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cdf9ff51b2db78d37663d1a34a0695d15558f12e4b8f0a1e28eb0953619191a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16f6f0436e8fdfa3eaa4b572edfe42ac61a514c99a38e502d917ec210982f25
d58e5173aa77594781fbbd9ea267e60cb224b9ed9bf780ee7fbb74af19bc5e5d
d656d149faf62a79bbb9f8f14bcfcde9ebd60d2da74cc16b3b26230bcf4e6df2
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de7b10eaab1f3ee093d20cc0c5d8c60dfe788b58ac8a4a8ddfe534be975df598
e0c34f26e92378323177947676bc311b0a90ee07438e6dc53371aba764f464d2
e3a0fe37dbe5bd54b1bc4a7fbd8563d44249f7814fba0b04e54296f61e95bd34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e990f8a7023db06444f9552e7bde007060d0e1e86b72ae845f24471bce3339e5
edac2e92c551951830e96916a9e5b3c5fe48237eb6436ae85fbefd037a766c46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33f6446320fb034227d51337ec86a0f263cb1ed53e4275cae2fb55b322504cc
f5b9a8e702564f839d23baa6b090c28c88e11590b67ed2ebfdbacb8370095646
f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524
f9a71b81af22b4823fda97cdc3d5a5f8f209ff5acb6c6f590a958fc5e7c484da
fa156d4c2779789e4b6e0aa3a251fc36d4263adfc13e723a60c515d8e21ba68e
fb0da9c5679e4e04fe036c10e42d93ed5a9a3a8f632db1cfdcdf6352ee4ff789
fba0f8001dbd03ec73831321c01c29882477abcb567c5c880aad9e43d6617f25
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d
fda4b5b603c94be1d774fbd98412ef4858b7c908eb4d09531b7f7f025db64951