game.defflkinqdoms.com Open in urlscan Pro
104.21.3.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://game.defflkinqdoms.com/
Submission: On March 27 via manual (March 27th 2022, 7:12:20 am UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 25 domains to perform 122 HTTP transactions. The main IP is 104.21.3.4, located in and belongs to CLOUDFLARENET, US. The main domain is game.defflkinqdoms.com.
TLS certificate: Issued by E1 on March 25th 2022. Valid for: 3 months.

This is the only time game.defflkinqdoms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	104.21.3.4 104.21.3.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	143.204.98.7 143.204.98.7	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:c000:d:2820:3bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	143.204.103.41 143.204.103.41	16509 (AMAZON-02) (AMAZON-02)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:7400:19:bcbe:a700:21	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:3e00:11:e0c9:84c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.73.243.156 184.73.243.156	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	54.200.147.126 54.200.147.126	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.14 143.204.98.14	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.12 143.204.98.12	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:4600:6:f5a3:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.201.93.216 35.201.93.216	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	35.190.80.55 35.190.80.55	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:600... 2600:1f14:600:6e02:3ac2:4b12:fb19:8b21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
122	37

24 104.21.3.4 (None, )

ASN13335 (CLOUDFLARENET, US)

game.defflkinqdoms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net

imagesvc.meredithcorp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c000:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

karma.mdpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.103.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-41.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:7400:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)

d30qdagvt44524.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:3e00:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)

d9jj3mjthpub.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.243.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-243-156.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.200.147.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-147-126.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-14.fra50.r.cloudfront.net

ddrvjrfwnij7n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-12.fra50.r.cloudfront.net

cookie-stream.ipp-meredith.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4600:6:f5a3:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

chirp.bizrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.93.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.93.201.35.bc.googleusercontent.com

gwiqcdn.globalwebindex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.80.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.80.190.35.bc.googleusercontent.com

gwiq-v3.globalwebindex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:600:6e02:3ac2:4b12:fb19:8b21 (Boardman, United States)

ASN16509 (AMAZON-02, US)

aamapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	defflkinqdoms.com game.defflkinqdoms.com	415 KB
22	googlesyndication.com def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	201 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	195 KB
8	segment.com cdn.segment.com — Cisco Umbrella Rank: 1466	69 KB
7	cloudfront.net d30qdagvt44524.cloudfront.net d9jj3mjthpub.cloudfront.net ddrvjrfwnij7n.cloudfront.net	8 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 450	131 KB
7	meredithcorp.io imagesvc.meredithcorp.io — Cisco Umbrella Rank: 8523	240 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	112 KB
5	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 1737 adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	segment.io api.segment.io — Cisco Umbrella Rank: 1034	891 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832 ampcid.google.de — Cisco Umbrella Rank: 47428 www.google.de — Cisco Umbrella Rank: 6433	2 KB
3	globalwebindex.net gwiqcdn.globalwebindex.net — Cisco Umbrella Rank: 13751 gwiq-v3.globalwebindex.net — Cisco Umbrella Rank: 11032	6 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	50 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	37 KB
1	aamapi.com aamapi.com — Cisco Umbrella Rank: 10561	180 B
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1068	438 B
1	bizrate.com chirp.bizrate.com — Cisco Umbrella Rank: 33504	277 B
1	ipp-meredith.com cookie-stream.ipp-meredith.com — Cisco Umbrella Rank: 12590	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	112 KB
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 3832	172 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 727	462 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 604	13 KB
1	mdpcdn.com karma.mdpcdn.com — Cisco Umbrella Rank: 10755	112 KB
122	25

	Domain	Requested by
24	game.defflkinqdoms.com	game.defflkinqdoms.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net game.defflkinqdoms.com tpc.googlesyndication.com def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net game.defflkinqdoms.com def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	cdn.segment.com	game.defflkinqdoms.com cdn.segment.com
7	cdn.cookielaw.org	game.defflkinqdoms.com cdn.cookielaw.org
7	imagesvc.meredithcorp.io	game.defflkinqdoms.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	api.segment.io	cdn.segment.com
5	securepubads.g.doubleclick.net	karma.mdpcdn.com securepubads.g.doubleclick.net game.defflkinqdoms.com
4	d9jj3mjthpub.cloudfront.net	game.defflkinqdoms.com
3	www.google.com	1 redirects game.defflkinqdoms.com tpc.googlesyndication.com
3	c.amazon-adsystem.com	karma.mdpcdn.com c.amazon-adsystem.com
2	googleads4.g.doubleclick.net	game.defflkinqdoms.com
2	googleads.g.doubleclick.net	def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com game.defflkinqdoms.com
2	gwiq-v3.globalwebindex.net	gwiqcdn.globalwebindex.net
2	def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	cdn.segment.com www.google-analytics.com
2	d30qdagvt44524.cloudfront.net	karma.mdpcdn.com game.defflkinqdoms.com
1	s0.2mdn.net	def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
1	www.googletagservices.com	def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
1	aamapi.com	karma.mdpcdn.com
1	www.google.de	game.defflkinqdoms.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	ampcid.google.de	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	gwiqcdn.globalwebindex.net	www.googletagmanager.com
1	chirp.bizrate.com	game.defflkinqdoms.com
1	cookie-stream.ipp-meredith.com	game.defflkinqdoms.com
1	ddrvjrfwnij7n.cloudfront.net	game.defflkinqdoms.com
1	ampcid.google.com	www.google-analytics.com
1	www.googletagmanager.com	cdn.segment.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	js-sec.indexww.com	karma.mdpcdn.com
1	karma.mdpcdn.com	game.defflkinqdoms.com
122	37

This site contains links to these domains. Also see Links.

Domain
my.cozi.com
secure.myrecipes.com
www.magazine.store
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.magazines.com
www.meredith.com
www.meredithcontentlicensing.com
meredithaccolades.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.defflkinqdoms.com E1	`2022-03-25` - `2022-06-23`	3 months	crt.sh
*.meredithcorp.io Amazon	`2021-11-08` - `2022-12-06`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
karma.mdpcdn.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
ipp-meredith.com Amazon	`2021-05-18` - `2022-06-16`	a year	crt.sh
*.bizrate.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
gwiqcdn-v3.globalwebindex.net GTS CA 1D4	`2022-02-08` - `2022-05-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
gwiq.globalwebindex.net GTS CA 1D4	`2022-02-09` - `2022-05-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
aamapi.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://game.defflkinqdoms.com/
Frame ID: C68CF14A1459AF82F9DA5C93ECF394A4
Requests: 92 HTTP requests in this frame

Frame: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 691E5E34AC0068186A20C1A98996A06D
Requests: 1 HTTP requests in this frame

Frame: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5406F69FF4E7621E665A95943430A3BF
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 79F3F554BEE7E4499A32ED4F748164FA
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1E0640D2626253ECA425B82757D0E57
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 880533D7AAD3E90AAD2E93822074F25B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNWcqq8itRQFlKmtmGXOVaLYQ0uSp3Mvh7LCE7UnxcEEuIWyPYDnTEOQspsxIIWCzuQBKG2jQKW4R7CqVstkamqvL68vRg
Frame ID: 2951541ECDB0A9BF9566BC8B14AF5604
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BBDA6D014AB6F296DCC141E370DAB9A8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyRecipes | Recipes, Dinner Ideas and MenusBack ButtonFilter Button

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

122
Requests

98 %
HTTPS

64 %
IPv6

25
Domains

37
Subdomains

37
IPs

4
Countries

1767 kB
Transfer

5675 kB
Size

29
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://my.cozi.com/meals/?box
Title: Recipe Box this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://secure.myrecipes.com/common/profile/member/optout/
Title: Email Preferences

Search URL Search Domain Scan URL

URL: https://www.magazine.store/?utm_source=mmtime&utm_medium=redirect&utm_campaign=050718alltitles
Title: Subscribe this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.facebook.com/myrecipes/

Search URL Search Domain Scan URL

URL: https://twitter.com/My_Recipes

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/myrecipes/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/myrecipes/

Search URL Search Domain Scan URL

URL: https://www.magazines.com/allrecipes-magazine.html?utm_source=myrecipes.com&utm_medium=owned&utm_campaign=i202mrrfw2800
Title: <div class="inner-container"><img src="https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fgame.defflkinqdoms.com%2Fimg%2Fmisc%2F300x250_magazines_and_more.jpg" alt="Magazines & More" title=""></div>

Search URL Search Domain Scan URL

URL: https://www.meredith.com/national-media/digital
Title: Advertise this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredithcontentlicensing.com/
Title: Content Licensing this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://meredithaccolades.com/index.html
Title: Accolades this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/nmg/privacy
Title: Privacy Policythis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/legal-ti/myrecipes/privacy_terms_service.html
Title: Terms of Servicethis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/adchoices
Title: Ad Choicesthis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/legal/web-accessibility
Title: Web Accessibilitythis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

122 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
game.defflkinqdoms.com/ 343 KB
36 KB 697ms
643ms Document
text/html 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df8da20c903b4ac6cc3900ab5fadc91a0564bc66de57569d97714475e60df67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 27 Mar 2022 07:12:12 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb%2FtihhrwE20Y8LJLwy60%2F8gif1uuzI47mOuE%2Fyk8dsZ6zF272iHGnytNzP9yZO74SCAS2XcJwFcBwCiN4A9%2BGeTNeMn8bzqKLL0EN%2FBKSl0BnuC%2FwSKLoPWVm6hPj96yxXCluHlkIsm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2650f8ae93769e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-2882ed8d38c07c137cf1-hash.css
game.defflkinqdoms.com/dist/ 1 MB
164 KB 319ms
318ms Stylesheet
text/css 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/style-2882ed8d38c07c137cf1-hash.css
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7be09796ab0e56d9fc3191c46a39096157156fe9c23422ab5389d209991c195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk9OP2cUW1o0Adwk58u6vxp%2F8bSxZ6ZYz4h%2FlxCiUtkuNhbdW0Ihufyd0waoZFEGX%2BIjp6D9NdFH6Eg8bSqbCXwfVLfV1zQs3f6gBVnXQVPsnHoNOlL11vykxTE6aAmki27KIz7BEmhK"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f2650fcdb14769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 main-a12a3d75be46115db2cb-hash.js Show response
game.defflkinqdoms.com/dist/ 282 KB
87 KB 260ms
260ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370e10d6844532487d15481671f85e69490163db93e259623e280fe02c3f36c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAk%2BQX8i4rq7RRkacDGyv3MFwy8l%2FKquBf5fBOKr%2Bl97d0ZsVW6e4zjzZNag8JvH10OfpqNNEvp7ePzJ0e%2BPEhavang2YTNkHcilUnLoATKzMnBQyHP1LrSTj6zyQYpvoNs4FtNTy021"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f2650fcdb15769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 78 KB
79 KB 81ms
23ms Image
image/webp 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?q=60&c=sc&poi=face&w=800&h=533&url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F19%2F2017%2F01%2F03%2Fchile-con-queso-su-2000.jpg
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 628b76b77dfa617044dcf307bfe95361a936bb584badba82b395257b88c239f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 22:17:40 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 22:17:39 GMT
server: nginx/1.16.1
age: 723272
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RwgxBRMr588ebKdyyKPqLf8rWJfyw3-HuXDh-xTa-oiskNkx1BjCBA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 62ms
23ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dVKVlVU+J+RB4CMcqf9NTw==
age: 12142
vary: Accept-Encoding
content-length: 6678
x-ms-lease-status: unlocked
last-modified: Wed, 23 Mar 2022 03:08:06 GMT
server: cloudflare
etag: 0x8DA0C7A5A3A7B0E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d1c51035-301e-013c-1b68-3e2a68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f2650ff8dcc9247-FRA

GET
H2 200 karma_mre.mdp.com.js Show response
karma.mdpcdn.com/service/js-min/ 362 KB
112 KB 75ms
12ms Script
application/javascript 2600:9000:2156:c000:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/service/js-min/karma_mre.mdp.com.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c000:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2901f9da2400dd7c716a730e105e2d23d0af7a6e9a28c7ab194e4f682a0d38b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kUO4akj9khMrk8QsC9mwzn3AxIUL7CgG
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 20:07:14 GMT
server: AmazonS3
age: 98
etag: W/"c19c2b4c343f697c3d2af1dc55638c57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Sun, 27 Mar 2022 07:12:12 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9H2UwdjSPTszo5qGNtww7Qd6pF64Iw9AqXlBai8E2ZGU9WbxG24flg==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/ 90 KB
25 KB 56ms
15ms Script
text/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44466021a0ec4f179409f501ec3bbd49da100971b8e01d10527aeaf1f387bc0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ismrIDbtGJn8WJfvnZtMsShyh9U9llGx
content-encoding: br
etag: W/"0897d426bfe5c74c70cc6e9eea103371"
age: 98
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 04:13:43 GMT
server: AmazonS3
date: Sun, 27 Mar 2022 07:12:12 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uID8Ns9ptj7AW5JNFmaD9HZSTSTIBNaz7e6H-bLYFsWD1C4_J1-7PA==

GET
H3 200 muli-variable.woff2
game.defflkinqdoms.com/font/ 24 KB
25 KB 256ms
255ms Font
application/font-woff 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/font/muli-variable.woff2?281-hash
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/style-2882ed8d38c07c137cf1-hash.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6f05e40b647c083ceb6accec2ccd5fd386579b612bf3bb053182faf6b307a7

Request headers

Referer: https://game.defflkinqdoms.com/dist/style-2882ed8d38c07c137cf1-hash.css
Origin: https://game.defflkinqdoms.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FPYkwzlal1ljeOoBFwq35CIjnNCLVGVBypbhrpjQIUC70ai9h3E7aNe%2FQVeQUhgzdt7MUG78WlD%2BEucgkqiqf5v82V6IKp%2FGM8ezxgh4NmVmD7dccvtPmZszdIi2xKrpDSRrBAbj0S1"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f2650ff680de62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 librebaskerville-bold.woff2
game.defflkinqdoms.com/font/ 18 KB
18 KB 231ms
230ms Font
application/font-woff 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/font/librebaskerville-bold.woff2?281-hash
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/style-2882ed8d38c07c137cf1-hash.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2

Request headers

Referer: https://game.defflkinqdoms.com/dist/style-2882ed8d38c07c137cf1-hash.css
Origin: https://game.defflkinqdoms.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZG4lMtqoKkMSl2qAM1zUjCZFfEDN1IPS70%2BoXCmKY0gDK4wpIsxtADgXiI1Pd0UnYwJoebxOyqo8kmzhi5sSWhznNqfq7fGfvc0N8C9cs0gGT%2BdKR7SvzasU7gRMNsFdhtIYET4bY6p"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f2650ff6810e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cb1cc6968d4127ccc115422624fae0483e07a09dd659a8ceaf8116d342aad71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/ 21 KB
5 KB 26ms
8ms XHR
application/json 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b5cc2fb1b7a429f33e24ae305b1c637ad53720f5085beb047e7a2b6c1c437ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Z.q0OGLgy9H38N0yvpoLNU4G.FFO5TXV
content-encoding: gzip
etag: W/"d2f012a51d18f202ff8d286841dbed7c"
age: 2250
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 23 Feb 2022 02:34:53 GMT
server: AmazonS3
date: Sun, 27 Mar 2022 06:36:09 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kWtm4bCKxzQfH4jyBXMdVdlxoCAMXVjvzyC_AXBLMT4Qd6qhAKv2gg==

GET
H2 200 6e7c13d6-08f7-4ac6-8e32-4ac3959ab9f8.json Show response
cdn.cookielaw.org/consent/6e7c13d6-08f7-4ac6-8e32-4ac3959ab9f8/ 4 KB
2 KB 89ms
60ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6e7c13d6-08f7-4ac6-8e32-4ac3959ab9f8/6e7c13d6-08f7-4ac6-8e32-4ac3959ab9f8.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27993e6b12703ceaecba917bfb4ca7722ab95b447cfe705b0e5027656c3f6b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: +ce6H+RSTVN/nnzF8vaGlg==
vary: Accept-Encoding
content-length: 1491
x-ms-lease-status: unlocked
last-modified: Fri, 01 Oct 2021 16:36:04 GMT
server: cloudflare
etag: 0x8D984F98F9FA66C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6207c523-301e-0115-42f9-405c2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f2651005ffc9b40-FRA
expires: Sun, 27 Mar 2022 11:12:12 GMT

GET
H3 200 / Show response
game.defflkinqdoms.com/hermes/ 0
514 B 871ms
870ms XHR
text/html 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/hermes/?keys=globalTI_SID,muuid_date,last_request_id,visit_ts,previous_ts,first_request_id,pageview_count,hid,muuid_origin&domains=all
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kl0yESpG9LVcqoV8ZQGPNHQ6tSZTjSI87p2uxdaICoCBS%2FtN0T9Boa1OOZqZkRDw4NwXV0x1NnA%2BkGC8pgLZ664jP5GbNqU2i6FoEMpcv%2B1dqbo6EA%2B32glQWY2YFXWgTih0dlH4tJqJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: no-store
cf-ray: 6f26510038ace62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 4109-23ec62505d283c6e1716-hash.js Show response
game.defflkinqdoms.com/dist/ 13 KB
5 KB 153ms
152ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/4109-23ec62505d283c6e1716-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31da26bdb0a17730feff965b59b7d2b1fff69dcd0fe6ff086e56c6301cdcaf09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQjIrTrgBHvrgw1oX2F7XjUt1gatTCeaqxf592nhKxMAZ%2B1SXovUt9F0GUH%2FDgzV1sVczPoHOkEsv1pD4vwuGmHQ%2FFolM1TUqFNBV8G4ucB%2BdHCcVPOKkEXyw61LeIGn8dy%2BwJTK4L2D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510038b3e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 8945-c8a5750ac262d7bb4763-hash.js Show response
game.defflkinqdoms.com/dist/ 7 KB
3 KB 230ms
229ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/8945-c8a5750ac262d7bb4763-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5461769f51dd998e0256515f22b468b58be03746e35ee99d18be616b0eff3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU%2F5ZeOZjaZ1JlglXQzj28c0gpgmAI5KNFYfe4sh8W95r9AWcsejFPT8z3GwnXQ3oY69%2BmnRRYTfCo0Qjy44HS5eu8UWERgdcIrRG49nghZXC84P86GZdvaq8RiNZpUWfMM1cYja4N9Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510038b6e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 8066-b7733787b8588c92b197-hash.js Show response
game.defflkinqdoms.com/dist/ 7 KB
3 KB 218ms
217ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/8066-b7733787b8588c92b197-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52244f69950e251f37da03e1097923a562ba47a50f9655ad79e1d3a2e0f9b859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IrPVmemRYATvQzQstkSMvpv99iB2LqlugS4EbWJco0mNNDdBrSv4tIglYGNKrj0rpEbuX8p9gkwrokIOODph0e9dn63WKwVnAxpq9qHiX9n5dv3YbbhdwsjKuAwcMYJPd8JI0lCW7Za"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510038b7e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 1351-cca76a9e7ef8ac4b689d-hash.js Show response
game.defflkinqdoms.com/dist/ 10 KB
4 KB 247ms
246ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/1351-cca76a9e7ef8ac4b689d-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37accabdeb52d109b8dec32c6afd5658839978d306b5b30b4bf354cdc445d9c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJkzViiHbPVcZOPJXy5uAFnpii2HTLRLd5MlGKB0armHBHFajhUD222hD0WcwhKT10KQNl1tmYt0Qzq0S4ITOU1RY%2FX4pnc19rJ8FglWtdDSYREq%2FPbugmFDXIhsLpVWHUEj%2FLYGTa2l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510038b8e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 4429-19b08896a8cfcff983c7-hash.js Show response
game.defflkinqdoms.com/dist/ 8 KB
3 KB 167ms
166ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/4429-19b08896a8cfcff983c7-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b4dc90c267835bb1938e3abc1e2e02d80544ac78d0e70f53a4d6b87223529b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTo1wR54p%2FUlrZJoCg32VrktHrueoMmIF9YJJMmJ8a3FoX713ziG767S6GDBdv6Fu5Y77gsY%2Fo1NoF6UQAFTTR%2FPgFqxPkLbb67Yxy9veSh0dWjo%2BkgccSKuy7nMzDAtzXSjxZhFN2rS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510038b9e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 9663-0479c3b47fabca512fee-hash.js Show response
game.defflkinqdoms.com/dist/ 16 KB
5 KB 956ms
955ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/9663-0479c3b47fabca512fee-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214a2cf87cd92dcfda39f9f89b99e4fc47a39ad9d3a9de07e8b228c1a1043bb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNbvV%2F3o5%2Fh2CZTHXG32KDP7UFsKrWYyJVOjHPfNpVsdLxEByMRYTx%2B33AkZPLPZaYNUMjd2GQbuPOQCpB1c%2FGBun2Ot%2BkI1k0gttrS3LqYEwJ91lO1dbD8jqkvO96YUXKKPX%2B0YUoSi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510038bae62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 6273-439c794738e094371f4f-hash.js Show response
game.defflkinqdoms.com/dist/ 9 KB
4 KB 263ms
262ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/6273-439c794738e094371f4f-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bdb833f3f3b2384cbbf0683c0cc0b060838d1e8d6622d254ce3632d42ca37ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEuBtg9SQCJ1Ym73c28zOF6hNHBD2yIG1X1Yw3P4Rejupl4M0XBnP8Fo%2Fesg7ftL162r5%2FnJD4En0n8fGuELfs%2Fk2uaH21c7qgo%2F8hsOPRM46IXjmDeH87iRX2QlgNSfZsLe7zC0D3tl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510038bfe62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 202-8ece2e9abb51b45545f7-hash.js Show response
game.defflkinqdoms.com/dist/ 16 KB
6 KB 917ms
917ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/202-8ece2e9abb51b45545f7-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddb2f22434079d4bf4f4c67c7f227814be750cc6d07e8c8b88519398dd19d3a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDMKpgAh9mTDFlNv2rMjuqih8hekaIrv4hyd7Mi4Plb0woXyzHopmO3bBJCtqVGDfub5GsCGyVsT5myhxLkWuzR%2FxSk9NSiKfR%2F2Y%2FSSg2aBuq2crKBdlOxGoKTEN5S4wiE3mOSavKe1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048c3e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 6329-49f324896c6ce39be4f1-hash.js Show response
game.defflkinqdoms.com/dist/ 7 KB
3 KB 1074ms
1074ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/6329-49f324896c6ce39be4f1-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515ce1ae80e2d3f3e5b9b2162c152150e0b675ca174ca7df61e44564f707bcd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XL8jZ%2BuaurDOrHboHQM2U%2F1fTK85a9EoghbR%2BbGLsu%2BNuRGPJqU2AGpS4jWbahF85qFEOGm%2FuPBen2yUafs1HjMtBRPnXQd8ylG1sGn0eFwK475yjPxYq%2BT35ey99OQJBNK5qn0Tj7p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048c4e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 5142-74036ce8d62475e59300-hash.js Show response
game.defflkinqdoms.com/dist/ 10 KB
4 KB 181ms
181ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/5142-74036ce8d62475e59300-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b07fa64cb9d86017c5f1f9eda05a91df1f1375eeb81113b83115af379f2dc00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bby8F2CcrdAfOejLSSFhoxVmnGs%2BsXaBzHKS0PFZg7rRv26G4bQBoZE6UuDvGBNjEQ7MTml19MLCgSBtwSCrKQ5Ot%2BWYv3kXgPijorKFwxPJVY%2Buz5%2BvuViK9rxCcFLqDLgWV1psY2UV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048c5e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 9795-0ef378f5d00b2245165f-hash.js Show response
game.defflkinqdoms.com/dist/ 6 KB
3 KB 892ms
892ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/9795-0ef378f5d00b2245165f-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e587f8a64c4a19b6f676ba2c9865c83beadf4169260480c4ac3653ad7ce1de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aAUfuE9p6p6qzLmzpp3TDapHRC4m0pJpy2r%2FeqI7TDnFzavk4urIUcDEhSIsM8BoTKvCmpaQE3a4dU1WyF6pkVlX%2B8jqdBSlkbeQLT%2Ba524HfebuLHmTYjIJr6rEQHCixuMu324N73K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048c6e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 5952-a0e3340a56037fc77049-hash.js Show response
game.defflkinqdoms.com/dist/ 9 KB
3 KB 996ms
996ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/5952-a0e3340a56037fc77049-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7138baf649f735f809fb6af8bb4719f6f2db4ac33c4370d37d5dd2286b4a1414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBwXpsGxsIRvk0wLDCIr0V%2B2phaFAvg72Fo1bTbr4ICI7TH6kruwPJDnnybc7VJ4xETAlMIAqUSwSzTqFu0EHzoFq8kHMc9WxBgFdvDY3L5gHIhsw1Sox6LZvuxkwqp8U86%2BcLg6Ez5N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048c8e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 9669-56254ae74c0298963ce9-hash.js Show response
game.defflkinqdoms.com/dist/ 17 KB
7 KB 868ms
868ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/9669-56254ae74c0298963ce9-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5cb028600716ce4c4ee8b5ed39a355527e93be3fe6b12a0bd66deadc2d36a04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2F8IsQjOaW8WhiR2PcwE7Jgf4GLJyxH6589L9CxPWDkF0U55O9NLha6C7V7yb8OfmsMTBeBYdUzxJLP1s0E4iQWN3XVAjOPL9e1sYK3s2aAkyz54zef9phDglXSLs5Ks8qhbH9EFfDUw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048c9e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7757-3161e028b6af6027096d-hash.js Show response
game.defflkinqdoms.com/dist/ 7 KB
3 KB 1050ms
1050ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/7757-3161e028b6af6027096d-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d100335c620a92316c5053ce22e371e0832e6259d1142f8dbf05a7ee20fda3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5IOdQB6WddPb3uCJPeObW3iS3FWc619aKWGagNy8MMPBdqYIcFiNOhwjTVjKDAAzCaaU2cbWHAptpyW%2Fs2HkIqml%2BWLXWPkstTSxWpI1LciTpabCtPyekaYxiIht24K3XUqd7DQT%2Bkb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048cae62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 569-be5b3cf503bda374d6ce-hash.js Show response
game.defflkinqdoms.com/dist/ 34 KB
11 KB 967ms
967ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/569-be5b3cf503bda374d6ce-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc78b56ba9cadc62db7a9578b345fb35893b00fbad528d22338d7af02e2f474c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atFIRSw%2Bpgk4HDBlwAnSqLju5dgi0LYarK7E0urxjRjK4Mv7Enmk%2Bq5YHjMOZGxtV6IJ3rapSX4Bth54GcH9yj4s9oJGzwTUVaCb4XK7ZKYEniNzMOG7KpFpND9qu2%2BsaiFHjoAo%2Fcr6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048cbe62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 4428-404c5c0597cb5d83489e-hash.js Show response
game.defflkinqdoms.com/dist/ 26 KB
11 KB 929ms
928ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/4428-404c5c0597cb5d83489e-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9314f8a88556ca21428f0b4ec42b9c730f5dd855054f0fc0d145cd0588bfdab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BS1EKyZDe9sRfWifRTwFqVGMfnBiV43d%2F%2B5iW7DgVck14Anmi7xThU04vQPMIMnPClO0RLwMLCWXtl5UC7q1xmy8KDGg81Lq0H0wWSQD2NexygHPUy%2BnNKW62aLjzLQZnrXOtxuKemT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048cce62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 5438-746bfddc85511d9ddf9e-hash.js Show response
game.defflkinqdoms.com/dist/ 11 KB
5 KB 977ms
977ms Script
application/javascript 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game.defflkinqdoms.com/dist/5438-746bfddc85511d9ddf9e-hash.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/dist/main-a12a3d75be46115db2cb-hash.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e3f49c910a2e824f177618976c8a9033939ea72cc1df0205b773453bcdaf69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5E04Pg0Ng3bxKCrk7Q3dLm3x%2Bgjkcb5qylwVG4rKg0e3yxvKNYtKI6Q%2BcTh1BXj0gwWkmWTfHLLv10E%2FDjJVFITlCF8lfW98%2BpMVMBi8lv938UOvdtFhYjEaRWJCEnP%2FNlN53enN5wR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f26510048cde62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 130.bundle.d084dbba667083833ad9.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/130.bundle.d084dbba667083833ad9.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6cc91b88a0e4b6ceb9c85e5388d8a52e4983ae06a623c945c539874f59e0931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:39:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 2809961
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 23:29:32 GMT
server: AmazonS3
etag: W/"df620a8d52b38219b01cc610c8489e6a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: DxiEFF4r6s6__T2Gs.HIC3YcQ3vwsINF
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: TqWjc8QX74Y5eYwne6e1PYQgXtU4xrIINTkHKKL_0JioNMjNAdZXXw==

GET
H2 200 ajs-destination.bundle.b3c9ba070dc87eeae516.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.b3c9ba070dc87eeae516.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f10d3ce13fc8ddeb5eb488e5e4029e2bf515b0bfb54088ea429c6359026e7af8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:17:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 982465
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 22:15:03 GMT
server: AmazonS3
etag: W/"acb678a2b6aecdc47f03f0a1046873dd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 9ylQykfoYhLt8djc4GdQQWxbUAcMwsF9
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: D3vdFaCw588dnGdlZWmDB61DbD2L4F6y4i2FIuKzQ7UbwdkFxsWLaw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 141ms
51ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_mre.mdp.com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c62e0a97d9093d0049279ace9849b6a250ff3324a68490a06bd5ebb6f291aa17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28039
x-xss-protection: 0
server: sffe
etag: "1170 / 45 of 1000 / last-modified: 1648245909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Mar 2022 07:12:12 GMT

GET
H2 404 segments
d30qdagvt44524.cloudfront.net/production/ 0
0 231ms
203ms Script
application/json 2600:9000:2156:7400:19:bcbe:a700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=b508a11e-c62c-444d-9de3-a7ce698ddc1d
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_mre.mdp.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK 184003-52190608802424.js Show response
js-sec.indexww.com/ht/p/ 36 KB
13 KB 42ms
9ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_mre.mdp.com.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: af34237a192972deb44d32c8f526dec767b3c7a417257a7f0101ad5650b2192e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 07:12:12 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Mar 2022 06:11:34 GMT
Server: Apache
ETag: "da3023-8f90-5db2d1158f611"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=194
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12652
Expires: Sun, 27 Mar 2022 07:15:26 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 45ms
10ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_mre.mdp.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 189
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 16743QS498M0EJWSR5DQ
date: Sun, 27 Mar 2022 07:12:12 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yiNJVyMWud6kZmtiYYm-OWV9kSXAkMxDxzEQgSKRqZFZqPqwzL8SHA==

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
460 B 37ms
8ms Image
image/gif 2600:9000:2156:3e00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.21&type=karma&globalTI_SID=b508a11e-c62c-444d-9de3-a7ce698ddc1d&request_id=87f4e0a5-e655-4148-8520-db215637ac3d&url=https%3A%2F%2Fgame.defflkinqdoms.com%2F&host=game.defflkinqdoms.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F99.0.4844.51%20safari%2F537.36&muuid_origin=defflkinqdoms.com
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:01:06 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
age: 54667
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: vDH8ZcYCgk6uastkh4tsi9UshOxpdYJXM3QOdpDllufo1nXnS6_S_Q==

GET
H2 200 schemaFilter.bundle.c7078f16bc63f13b58ad.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 7ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.c7078f16bc63f13b58ad.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83c69a85ae5ce23e12728f8f0c6aa480d7e4c587489899e07abbc7ceb58c3111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:39:33 GMT
content-encoding: br
vary: Accept-Encoding
age: 2809960
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 23:29:32 GMT
server: AmazonS3
etag: W/"a31a84c48f8617b8d0fccb41af179b20"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: UDMZvkUZpbSZFn5zwksonnddbd8a.YMd
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: iGI5CPUvBkhbBoVst1-cYiCE-Rf_NNId85W3b6d14URha5TtzwyQow==

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 8ms
7ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf78eaea38d3f752633061d945ceb00649048329acde4450c5bf06d8205fa24d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 11:52:04 GMT
content-encoding: gzip
age: 156008
x-cache: Hit from cloudfront
content-length: 4745
access-control-allow-origin: *
last-modified: Fri, 04 Mar 2022 22:04:57 GMT
server: AmazonS3
etag: "725c9394a3f4482000e7a1a42aaceb41"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: CxgWOakB0_fAwwarnLSSsQb_ACMNVxib
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: VctStzxbGpk3yTYXWT18iv0Xkb_nkKSKvX-ZDenqj9BnJ9aG5A9-Cw==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 8ms
8ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61e30021b4f5466e1a6c9d4599b100c1e72f4c6162dc3d656bc3ed7dae00bb89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:33:46 GMT
content-encoding: gzip
age: 1100307
x-cache: Hit from cloudfront
content-length: 1344
access-control-allow-origin: *
last-modified: Fri, 04 Mar 2022 22:04:57 GMT
server: AmazonS3
etag: "e0f5b8ec276a05ac7b57aac9ddb79cdc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: wo9pAOviiaa2LBEupw2OtNlZXDXBlbNI
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: pwn1ii0UQxrg6TiLw7ZpgsvL1M1rd1mAiFWDaN52fcMKJYfeo9D4Sg==

GET
H2 200 commons.54701049fd6fb8497e9e.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 9ms
9ms Script
application/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:06:01 GMT
content-encoding: gzip
age: 122772
x-cache: Hit from cloudfront
content-length: 22174
access-control-allow-origin: *
last-modified: Fri, 04 Mar 2022 22:04:55 GMT
server: AmazonS3
etag: "7741fd16ad2418cd17ab981f8207b106"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: qY1XkjB6D03pre9o8HvW7GJ61NjQ0_Ys
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: agJfukmdAFN-G6qRusKzZTbbijNOwtQPuCRHbad7TT6MVksdvrDMYA==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
462 B 46ms
26ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6f265100ded492b3-FRA
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
172 B 335ms
122ms XHR
application/json 184.73.243.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=game.defflkinqdoms.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.243.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-243-156.compute-1.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://game.defflkinqdoms.com
date: Sun, 27 Mar 2022 07:12:13 GMT
access-control-allow-credentials: true
server: nginx/1.20.2
content-length: 2
vary: Origin
content-type: application/json

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 102ms
102ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fgame.defflkinqdoms.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:12 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://game.defflkinqdoms.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 0V9OkTi-ALJdTGGqZl6NyfGnUTgfZNZKO1kl-UkSBgT2-Eres0En4A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 34ms
11ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 192
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Sun, 27 Mar 2022 07:09:01 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7Atx_Hgnxq3Q24WhpN-bMX6eoWU7EDuAwkkkCl6Kdh6OMpLQ_3qXlg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 394 KB
112 KB 171ms
90ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7FHMG4&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef11f7a681100e9830c631fd52527a17cd6d2e08ff589c72ef78a053b5607235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113678
x-xss-protection: 0
last-modified: Sun, 27 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 27 Mar 2022 07:12:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5843
date: Sun, 27 Mar 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 27 Mar 2022 07:34:50 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.22.0/ 311 KB
74 KB 22ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 07:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 12126
vary: Accept-Encoding
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
server: cloudflare
etag: 0x8D962BA8ADAEF03
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3ab12d86-801e-0161-07cf-11da6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f26510128609247-FRA

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
179 B 508ms
167ms Fetch
application/json 54.200.147.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.147.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-147-126.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://game.defflkinqdoms.com
date: Sun, 27 Mar 2022 07:12:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6e7c13d6-08f7-4ac6-8e32-4ac3959ab9f8/86f12906-a768-4b08-a21a-105e2e7ca78c/ 147 KB
26 KB 70ms
70ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6e7c13d6-08f7-4ac6-8e32-4ac3959ab9f8/86f12906-a768-4b08-a21a-105e2e7ca78c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6766a668d0c122de7f535bd1f6811f3bd0b44ab53b476b7529fe2a2cb2033f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 3p6tjhReMKmEtYl1BrBrwQ==
vary: Accept-Encoding
content-length: 26515
x-ms-lease-status: unlocked
last-modified: Fri, 01 Oct 2021 16:36:21 GMT
server: cloudflare
etag: 0x8D984F999C7E329
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c903b622-301e-00dd-7e12-418b48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f26510179a69b40-FRA
expires: Sun, 27 Mar 2022 11:12:13 GMT

GET
H3 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 82ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 06:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Mar 2023 06:46:55 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 55 B
92 B 90ms
45ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=game.defflkinqdoms.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6ff873da51351241b26cd30686ab540c0df1254ca34c7704c976edd74cdd2740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 27 Mar 2022 07:12:13 GMT

GET
H3 200 generic-image.svg
game.defflkinqdoms.com/img/icons/ 3 KB
2 KB 845ms
845ms Image
image/svg+xml 104.21.3.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.defflkinqdoms.com/img/icons/generic-image.svg
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 910a4f988dd25038187d1bae46b7e72d01f03ce97ce1cc1b6df8cfbbcd43c740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBSxd3t1oVQ74owbbKrqlQLBJyj30ftp%2FswFtzW%2FErQE7TTSp6BErtwVsKHyvumKDd%2B3x9IRHwxqgCfJ3blNlil%2FW7mNgEaFFfZog7RULDGYPhZJQetaZP5%2B70G5mlCKvo46ItQbYAEI"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6f265101c9c2e62c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 2 KB
3 KB 34ms
33ms Image
image/webp 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F19%2F2016%2F03%2F17%2Fcinnamon-sugar-doughnut-bites-sl-x.jpg&w=96&h=96&c=sc&poi=face&q=60
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 3259e7e875fb07ce351f7926bce344a0a4342b1d9fd52afe89df0070d5397d3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 22:25:26 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 22:25:26 GMT
server: nginx/1.16.1
age: 722807
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g_YBuAtVQfDstIyHFn2DsLbyvkjl_F2w0W217BGBo8j25PNu-eWxWw==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 79 KB
80 KB 24ms
23ms Image
image/webp 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F19%2F2016%2F01%2F12%2Fchicken-tinga-tacos-ck.jpg&w=96&h=96&c=sc&poi=face&q=60
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: nginx/1.14.1 /
Resource Hash: c321b728a30ca4bfc9a3eed10432c4dd1163c62a4dee09dcd5ea4a659fb59801

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 21:02:47 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 21:02:47 GMT
server: nginx/1.14.1
age: 2628566
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WU-c_M8iy81nG3PTa8DGCTRZitObk3sVJEKOCVjCxO44zN7ehQ8Bng==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 40 KB
40 KB 28ms
27ms Image
image/webp 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F19%2F2019%2F06%2F12%2FMR_BlueberryPoundCake-muffins31.jpg&w=96&h=96&c=sc&poi=%5B900%2C675%5D&q=60
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: nginx/1.14.1 /
Resource Hash: d9698823deaa0d5b43b0d994bf5c43a0bae357105cd8f4684f5a74198638dee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 21:02:47 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 21:02:47 GMT
server: nginx/1.14.1
age: 2628565
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: V-3EHTieRj8RrFLPIGV8ZzWmpWWNdlLLbPVJhgLHFklfz6JMHhIoFw==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 2 KB
2 KB 30ms
29ms Image
image/webp 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F19%2F2016%2F03%2F21%2Fdark-chocolate-avocado-cake-2000.jpg&w=96&h=96&c=sc&poi=face&q=60
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: nginx/1.14.1 /
Resource Hash: 4eacd85578a01bfcb852bc8105cb2b23a8fd234163984f66cc8ae70af4f2899c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 21:02:49 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 21:02:48 GMT
server: nginx/1.14.1
age: 2628564
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2ci88qGu9DSAwrrUxdlKFg2x14ZRdMFSXHDfpEcvVzGLV9JFeTzbQg==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 19 KB
19 KB 30ms
29ms Image
image/webp 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F19%2F2022%2F03%2F24%2Fchili-ice-cream.jpg&w=500&h=335&c=sc&poi=%5B857%2C569%5D&q=60
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 279296630430021bcd4c4cd5d80222504a19cd718a37a580e5f0d84a20876476

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:23:06 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 17:23:06 GMT
server: nginx/1.16.1
age: 222547
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hjUrAX03LQh0XWNzhYDhbSjD2GvJ0MKaKqpjHnk_vV0j32eDerF8MQ==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 17 KB
17 KB 41ms
41ms Image
image/webp 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F19%2F2022%2F02%2F02%2Fbatter-175240339.jpg&w=500&h=335&c=sc&poi=%5B932%2C786%5D&q=60
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 940e0d585416018bcbf4aeeed62839ddb605d47cf4fbcd2df1402f79bb149ee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:02:16 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 19:02:16 GMT
server: nginx/1.16.1
age: 4018197
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-image-msg: IMAGE NOT PROCESSED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: khTdHxKcqk90Yt81_YeYc1Vf8Qk0NiZ_bX8Y0vDA6oZYA_o2acf0mg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
537 B 145ms
47ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://game.defflkinqdoms.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 13 KB
3 KB 51ms
50ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA867F281F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d3fb1242-601e-00ce-4812-41bea9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f2651021ab19b40-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 57 KB
14 KB 59ms
58ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f149e7c38f464d9bd33c60ec2f2cf3ef8b9ff5a713015193a5122b06b955a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: q+A0UmQu4DkuMO5ekBd+gg==
vary: Accept-Encoding
content-length: 14253
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:11 GMT
server: cloudflare
etag: 0x8D962BA870DA01B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fc7c24ff-601e-0046-6c12-410670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f2651021ab39b40-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 20 KB
4 KB 51ms
51ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e95131c9-601e-0124-5c12-4107fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6f2651021ab49b40-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK gpc.min.js Show response
ddrvjrfwnij7n.cloudfront.net/js/gpc/ 6 KB
6 KB 36ms
7ms Script
application/javascript 143.204.98.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddrvjrfwnij7n.cloudfront.net/js/gpc/gpc.min.js
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-14.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 02:30:40 GMT
Via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Sep 2021 17:12:35 GMT
Server: AmazonS3
Age: 16898
ETag: "0595aed5727019b05fd2c207a5b462bf"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 5706
X-Amz-Cf-Id: ATD1FR2M8gcI2BFqll158l9hDZZli5NYDp8otFxSg2GWYBKcSDZcIw==

GET
H/1.1 200
OK s Show response
cookie-stream.ipp-meredith.com/v1/ 834 B
2 KB 415ms
352ms Script
application/json 143.204.98.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cookie-stream.ipp-meredith.com/v1/s?c=PHPSESSID%3D4bbb6ccdefa7901b7e9ea160262f40a9%3B%20last_request_id%3D%3B%20request_id%3D87f4e0a5-e655-4148-8520-db215637ac3d%3B%20previous_ts%3D%3B%20visit_ts%3D1648365132823%3B%20pageview_count%3D1%3B%20globalTI_SID%3Db508a11e-c62c-444d-9de3-a7ce698ddc1d%3B%20muuid_source%3DCLIENT%3B%20muuid_date%3D1648365132823%3B%20first_request_id%3D87f4e0a5-e655-4148-8520-db215637ac3d%3B%20muuid_origin%3Ddefflkinqdoms.com%3B%20initial_referer%3D%3B%20ajs_anonymous_id%3D57f6a6b4-6146-468b-9852-ba3d1c992973%3B%20AMP_TOKEN%3D%2524RETRIEVING%3B%20_gcl_au%3D1.1.721752453.1648365133%3B%20muuid_no_hid%3Dyes%3B%20muuid_link%3D87f4e0a5-e655-4148-8520-db215637ac3d%3B%20muuid_session%3D4163fe32-4af1-41ca-b305-76508fe4f9bd%3B%20muuid_channel%3Ddirect%3B%20muuid_current_channel%3Ddirect&url=https%3A%2F%2Fgame.defflkinqdoms.com%2F&pixel=b508a11e-c62c-444d-9de3-a7ce698ddc1d&tz=etc%2Funknown&brand=MyRecipes&valid=1&cms_id=2175769&muuid_date=1648365132823&request_id=87f4e0a5-e655-4148-8520-db215637ac3d
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-12.fra50.r.cloudfront.net
Software: /
Resource Hash: 3e9abc777c77f6bc590088280934c5094b4d1c84415f53a988a50d0b9470c0fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 07:12:13 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront), 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1, FRA50-C1
x-amzn-RequestId: dd94b9e6-a331-41e5-9853-3e9defeaa699
X-Cache: Miss from cloudfront
Content-Type: application/json
X-Amzn-Trace-Id: Root=1-62400e4d-2962e83a6fed64d172a61f5a;Sampled=0
Connection: keep-alive
x-amz-apigw-id: PocsJGXyIAMFl4Q=
Content-Length: 834
X-Amz-Cf-Id: X9SieqZL0WicWP9-xnqM8iiPuql0cxwQzonNhulq-WQ3axfo-D2j1A==

GET
H2 200 sync.js Show response
chirp.bizrate.com/ 0
277 B 385ms
312ms Script
text/plain 2600:9000:2156:4600:6:f5a3:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chirp.bizrate.com/sync.js?tc=b508a11e-c62c-444d-9de3-a7ce698ddc1d&u=https%3A%2F%2Fgame.defflkinqdoms.com%2F&r=
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4600:6:f5a3:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:13 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA50-C1
x-cache: Error from cloudfront
content-type: text/plain;charset=UTF-8
content-length: 0
x-amz-cf-id: S5OG46tzB1jevapfGII2A4EplAvCciUSKu0fWpIwjjsyB5VwXrRzqg==
x-application-context: application:prod:8080

GET
H2 404 segments
d30qdagvt44524.cloudfront.net/production/ 0
0 9ms
9ms Script
application/json 2600:9000:2156:7400:19:bcbe:a700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=b508a11e-c62c-444d-9de3-a7ce698ddc1d
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 gwiq.js Show response
gwiqcdn.globalwebindex.net/gwiq/ 6 KB
6 KB 63ms
15ms Script
application/javascript 35.201.93.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7FHMG4&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.93.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.93.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 06:34:50 GMT
age: 2243
x-guploader-uploadid: ADPycdsV_xXag_M7OpKTUVfxkh1QaBBwtdPufmEme8mysK47EiKvujHjP7Pc3DMyU1MVIFMcPWPWl5cXQoYir0mMxP0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5766
last-modified: Wed, 15 Apr 2020 08:49:27 GMT
server: UploadServer
etag: "aba61abde9777087262fb27526ba1ef6"
x-goog-hash: crc32c=yYfjgA==, md5=q6Yavel3cIcmL7J1Jroe9g==
x-goog-generation: 1586940567400828
cache-control: public, max-age=3600
x-goog-stored-content-length: 5766
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 27 Mar 2022 07:34:50 GMT

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
349 B 7ms
7ms Image
image/gif 2600:9000:2156:3e00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?v=1.0.25&pulse=0&url=https%3A%2F%2Fgame.defflkinqdoms.com%2F&vs_max=18833&browser=chrome&w=1600&h=1200&dom_delay=1237&js_delay=463&domain=game.defflkinqdoms.com&os=windows%2010&tld=defflkinqdoms.com&tz=etc%2Funknown&category=homepage&request_id=87f4e0a5-e655-4148-8520-db215637ac3d&type=sitenavigationelement&utime=1648365133285&cms_visits=%5B%222175769%22%5D&channel=direct&current_channel=direct&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&seg_cnt=1&write_key=vendor&recipe=Course%2CBaking%2CGlobal%2CHealthy%2CFavorite%20Ingredients%2CHolidays%20and%20Occasions%2CQuick%20and%20Easy%2CConvenience%20Recipes%2CBBQ%20and%20Grilling%2CHow%20To%2CExtra%20Crispy%2CWell%20Done%2CNews&muuid_channel=direct&muuid_session=4163fe32-4af1-41ca-b305-76508fe4f9bd&ajs_anonymous_id=57f6a6b4-6146-468b-9852-ba3d1c992973&muuid_date=1648365132823&muuid_source=CLIENT&globalTI_SID=b508a11e-c62c-444d-9de3-a7ce698ddc1d&pageview_count=1&visit_ts=1648365132823&muuid_origin=defflkinqdoms.com&gpc_enabled=no&gpc_iab_global=no&meta_canonical=https%3A%2F%2Fgame.defflkinqdoms.com&meta_title=homepage&meta_published=2020-10-27&meta_brand=MyRecipes&meta_caas_name=myrecipes&meta_graph_id=cms%2Fonecms_posts_myrecipes_2175769&meta_env=production&meta_valid=1&meta_type=homepage&meta_cms_id=2175769
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 03:22:08 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
age: 13806
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 0P2vP2z9YsCTIOUXhUsZh254gQeB2Gc0TnLBp5q3fr0DM9-l0lulgA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=game.defflkinqdoms.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=game.defflkinqdoms.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
42 KB 892ms
891ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=259901864944635&correlator=2809213898568651&eid=31064927%2C31060545%2C44755509&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&npa=1&iu_parts=3865%2Cmre.mdp.com%2Ctier1%2Chomepage%2Ctier2&enc_prev_ius=0%2F1%2F2%2F3%2F3%2C0%2F1%2F4%2F3%2F3%2C0%2F1%2F2%2F3%2F3%2C0%2F1%2F4%2F3%2F3%2C0%2F1%2F2%2F3%2F3%2C0%2F1%2F2%2F3%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C299x251%7C300x600%7C300x1050%2C300x250%7C299x251%2C1x1%2C1x1&ifi=1&adks=1443879068%2C2626429948%2C1235763270%2C3340592100%2C2415415054%2C3829581176&sfv=1-0-38&ecs=20220327&ists=3&fsapi=false&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%7Cslot%3Dleaderboard-flex-2%26refreshType%3Dhard%7Cslot%3Dsquare-flex-2%26refreshType%3Dhard%7Cslot%3Dsquare-fixed-16%26refreshType%3Dhard%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&eri=1&cust_params=path%3D%26channel%3Dhomepage%26ctype%3Dhomepage%26tags%3D%26id%3D2175769%26type%3Dhomepage%26abTest%3Dmdextest%26concepts%3D%26taxons%3D%26mtax%3D%26pv%3D1%26otabc%3D0%26npa%3D1%26otgeo%3D1%26muid%3Db508a11e-c62c-444d-9de3-a7ce698ddc1d%26mrid%3D87f4e0a5-e655-4148-8520-db215637ac3d%26dockedleaderboard%3Dfalse%26dockedrail%3Dtrue&ppid=b508a11e-c62c-444d-9de3-a7ce698ddc1d&sc=1&cookie_enabled=1&abxe=1&dt=1648365133384&lmt=1648365133&dlt=1648365132267&idt=1044&biw=1600&bih=1200&adxs=436%2C436%2C1098%2C1098%2C0%2C0&adys=16%2C2393%2C3052%2C5024%2C18833%2C18833&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fgame.defflkinqdoms.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x106%7C1600x23%7C300x19%7C300x19%7C1600x18851%7C1600x18851&msz=1600x90%7C1600x19%7C300x19%7C300x19%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1111237949.1648365133&ga_sid=1648365133&ga_hid=916740677&ga_fc=false&btvi=0%7C1%7C2%7C3%7C4%7C5&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

fa95a8a618c5040777f40441b69f93020e2d0d32e26e8f6b3a1137db2cf496c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42580
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://game.defflkinqdoms.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 691E 6 KB
4 KB 252ms
44ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 27 Mar 2022 07:12:13 GMT
expires: Mon, 27 Mar 2023 07:12:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
466 B 249ms
43ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Mar 2022 07:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://game.defflkinqdoms.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
178 B 167ms
166ms Fetch
application/json 54.200.147.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.147.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-147-126.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://game.defflkinqdoms.com
date: Sun, 27 Mar 2022 07:12:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
178 B 167ms
166ms Fetch
application/json 54.200.147.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.147.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-147-126.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://game.defflkinqdoms.com
date: Sun, 27 Mar 2022 07:12:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
438 B 56ms
12ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=445821&u=https%3A%2F%2Fgame.defflkinqdoms.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 07:12:13 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.164], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://game.defflkinqdoms.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 27 Mar 2022 07:12:13 GMT

POST
H3 204 c0248 Show response
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ 0
13 B 36ms
20ms XHR
application/json 35.190.80.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiq-v3.globalwebindex.net/v2/gwiq/campaign/c0248
Requested by: Host: gwiqcdn.globalwebindex.net
URL: https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.80.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.80.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://game.defflkinqdoms.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://game.defflkinqdoms.com
date: Sun, 27 Mar 2022 07:12:13 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

OPTIONS
H2 200 c0248
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ Frame 0
0 57ms
21ms Preflight 35.190.80.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiq-v3.globalwebindex.net/v2/gwiq/campaign/c0248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.80.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.80.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-requested-with
Origin: https://game.defflkinqdoms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type, x-requested-with
access-control-allow-origin: https://game.defflkinqdoms.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 1800
access-control-allow-credentials: true
date: Sun, 27 Mar 2022 07:12:12 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 87ms
43ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=916740677&t=pageview&_s=1&dl=https%3A%2F%2Fgame.defflkinqdoms.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aBhAAEABAAQCAC~&jid=2084308161&gjid=1319194313&cid=1111237949.1648365133&tid=UA-97981691-18&_gid=1548807955.1648365134&_r=1&_slc=1&cd5=2022%2F03%2F18&cd6=2020%2F10%2F27&cd7=own&cd8=homepage&cd9=front%20end&cd10=myrecipes.com&cd13=2175769&cd36=homepage&cd44=0&cd74=homepage&cd75=false&cd90=87f4e0a5-e655-4148-8520-db215637ac3d&cd92=1648365132823&cd93=cms%2Fonecms_posts_myrecipes_2175769&cd99=2175769&cd100=homepage&cd67=b508a11e-c62c-444d-9de3-a7ce698ddc1d&z=237796932

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://game.defflkinqdoms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97981691-18&cid=1111237949.1648365133&jid=2084308161&gjid=1319194313&_gid=1548807955.1648365134&_u=aBhAAEAAAAQCAC~&z=1226872567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 27 Mar 2022 07:12:13 GMT
content-type: text/plain
access-control-allow-origin: https://game.defflkinqdoms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 137ms
52ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97981691-18&cid=1111237949.1648365133&jid=2084308161&_u=aBhAAEAAAAQCAC~&z=277772078

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 136ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97981691-18&cid=1111237949.1648365133&jid=2084308161&_u=aBhAAEAAAAQCAC~&z=277772078

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 134ms
50ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

397f22b2057f7e8f4b55ca19c6254ddf68186da4b94a015fbdbb31b927e97904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 07:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10386
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 238ms
58ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 07:12:14 GMT

GET
H2 200 init-182h1kagypftheeqt3p.js Show response
aamapi.com/api/ 1 B
180 B 520ms
167ms Script
text/javascript 2600:1f14:600:6e02:3ac2:4b12:fb19:8b21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aamapi.com/api/init-182h1kagypftheeqt3p.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_mre.mdp.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:600:6e02:3ac2:4b12:fb19:8b21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
server: openresty
content-encoding: gzip
expires: -1

GET
H3 200 container.html Show response
def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5406 6 KB
3 KB 88ms
40ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 07:12:13 GMT
expires: Mon, 27 Mar 2023 07:12:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 79F3 222 KB
62 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 79F3 16 KB
6 KB 190ms
105ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 79F3 96 KB
29 KB 198ms
113ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 79F3 5 KB
2 KB 213ms
127ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 192412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 25 Mar 2023 01:45:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 79F3 42 KB
13 KB 214ms
129ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 482508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Mon, 21 Mar 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Mar 2023 17:10:26 GMT

GET
DATA 200
OK truncated
/ Frame 79F3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90559d66b179f0700840d0192f42be29ec19c8eb548f2b703e8fb8512cb4040d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15122000505671849322
tpc.googlesyndication.com/daca_images/simgad/ Frame 79F3 101 KB
101 KB 42ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15122000505671849322

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0ad78fd5bbf32be9dd4c7acd065ef6e403bbf400bd99c45edb963b590f977c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:15:33 GMT
x-content-type-options: nosniff
age: 460601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102996
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 15:57:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Mar 2023 23:15:33 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 79F3 2 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 43946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Mar 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 79F3 295 B
536 B 40ms
39ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 5320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Mar 2022 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 79F3 0
0 65ms
65ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1lfvTQ5AYr-OHcmB3gPhoqTYDb2okoRpo8it1cwP1tDuiY0OEAEgqP3AEmCV4pCCoAegAdmZv9MByAECqQKNYEMGJ22yPuACAKgDAcgDCKoEgAJP0Bx8kpinXLW8AqGIIcX80lKg7A1vzfGQ-ICsiH4uguSWQr0Cj5Psbwnn_gYYYEQ-rqIeukuaCnzIIuS3tP-AJLbVKP18oVDdeWqf5lCNV6p8gb9KOUfB97TwDX-BwtD7l9WBP-vrz24qYfVd1YmDTO8ICGOpZ1hdtv1BTCnsSNVHBUmt5ZiVHkL5llm3P1YeRM8e4ak30z4WVhiDPSfBv-tZppTNGPOuvrsE-H-h0WJxpcsSv7EUmVPSW_cV0Ij5VepDz9z4-VUP7bsKaG3p0PVZG2ChcZ3IO4WRCcPyBcx0-Nmo5SLEotxnSFEAMubVnK9h0JwCZRYbdul2XMUIwASI0Knt-QPgBAGSBQQIBBgBkgUECAUYBKAGAoAHj-bArAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCEqQvSCAkIiOGAcBABGF2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMDk3ODA2NDUzMjE0MjIxNRjajhE&sigh=-h64CPJMb3Y&uach_m=[UACH]
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1E0 13 KB
5 KB 83ms
36ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Mar 2022 13:02:49 GMT
expires: Sun, 26 Mar 2023 13:02:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 65365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8805 783 B
534 B 92ms
45ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

33d95812388ecd69dcdcc57394f6abae8651a31768fe6fb7c28608c76c4e148f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WS/uYkOEhg/4sMISghJJPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 27 Mar 2022 07:12:14 GMT
date: Sun, 27 Mar 2022 07:12:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WS/uYkOEhg/4sMISghJJPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2951 0
434 B 135ms
51ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGKf3s7sBMAE&v=APEucNWcqq8itRQFlKmtmGXOVaLYQ0uSp3Mvh7LCE7UnxcEEuIWyPYDnTEOQspsxIIWCzuQBKG2jQKW4R7CqVstkamqvL68vRg

Requested by

Host: def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
URL: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 27 Mar 2022 07:12:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 5406 19 KB
8 KB 88ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 06:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 06:21:27 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 5406 6 KB
3 KB 86ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:10:31 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5406 0
571 B 201ms
90ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6W5e9-CDi_mSnFnyAgBjqUTPkhBJI82Ek76RVw8NrG2bfc1zr4lKDJ512ALMje3Ny5CZlMnKc-PJm1p_SGd5xgP5A02HqARBlCO_2moY_Qvfe96DajAnEzUJszHRPDgpp6i2XGmZndFJjUtFkZjx0FNmC8ynKqE-n9dF30ye7wVdknIYskQg3uQyr_g2QzYStaGEZvEBUxR_EDVzq0rtETI_jgQEsWfdhplzSSgqb0yOjqqxtV68jKAxIIqNvPt8kuSnNVcf9tK5SoGwuP1o46rQLx_fdo4UBdPleI7H0hSX9QHglK5-4zrZcv65uNh3EWjFGmpUa5Cofu9jdRMyOKYrAB4OT2zeuAH0cPg1Vr-xaXqwiUE7AXKs6xb5EXsHQeRT6MBkttfEOD28fMh-_dlD6kSovyMhlruj6tdj7W0MzbrzRFuZuubAOAYovZ2pdkIDvfMJYluCiKzuG0RdyMQ5LayB8FXMNM7lVR2EgF7ozIp7y-UQD38NZcerZjJIwjD-Wo1VokEg_y4_wtkxbrTtmd1KvFwwe6-NuYliaCEcV4ByVhAVU7yZr3UL_FvVu5jkzprL2oc4uy2i44N4oUu_Me0RhGCUupOKIhxWA4J2-LP0ZSB7wQRCvZPoHv-kGs8SDO_jtKQhn35kc_9h-PF3sPj_Tn2Dg8csPQk30ZE_-eUtA6Bw9kWwpE7xSMCPPzEIyXbQKX88LBUd8wQrRt9jVhOTbQHYDOq5NTVFrVMV7jyxZ-lSsja4MM-B4W27ha1xLP58gTlxDhH2nE-eWChHMo2EfhLCAkad7mM227unZ9kWnONe1PWNfO3-Lmo8263qIrEHsr_wWr4JWYGI7AZkr8ayqhnj2dd2iOEH8D8RbB8LbqP6gfFSvOsZm5mk__cAAASpy8HONka6OKvExks5E6w2sUnoHITlTY_WqWsW32as8oOtXpQXwTP8N_80o03DzB8q-hRQ5oJOO5sNHUR5cHDXG-73V3eMiV3u3Ku1Qibqx9Mp2sLqFY3VhsyTvx2QxPFcNQvWacX4eg_d24fZxrVy5Mdfbu7Rz3xlh5JDaZ9nikVVP7Dw14srJ6Zw_Qt3Sc8QQVryLjy5LA8ASqQ5PMH9aZHPSqLwwSXmjuCSLumufk60c3CCv6dMuyMEV6U3NZZ3FPin5Kz-2FdkbQx5W4QDHmgehsQAn0mhtex9Tp8xbbNA&sai=AMfl-YS5O9-MVUy2xkgmCC_p9tAFNbJxG3aQw9PCXXwyP0YksEeKD0XQjytlGVIB_oMDJKgFdUmSUCDKKnWjfOhyrtvH-jSFCU6y2flK_Zt5RoO0HNcXuB4zm7_4f7nMoRPe22BwHtdM2MNmCwAK2tyVljG799jPMKvRm3BnxVYdfY7bfh2p4Mok3Vi0OrYGvbhcNvZexPJv5zqImtvHrHGW-Shl8h2xeayCKL_t2kzCvRaPhJlwqXdKe8XP1h6P8fr5XdDzuOk_Hu33OclHmqqoRVJPQbbIiCf9GrK5synQYU2Flt3_sg4bPHHGHPndRKVTUNRHPrstVmkNyS0Hta6JxknLUUAPXQMLXgRoseMENunzuAIvyBNOg_0zYQp4IUh4wR3TDp-2kwy_PRHyEsyYs8A-qk3DIbhKSa81Ba40vZJUaOmYUF9wGqfP2nlxiVYvGBhSZ-43h1rqwJacFiVlCQwp_LVL8W9J6SlmhzRhfPb0LpsL&sig=Cg0ArKJSzFsUWRT0vCfFEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220323.25125&adurl=

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 27 Mar 2022 07:12:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5406 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:36:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5406 42 B
63 B 115ms
72ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtDZoDQlLzc0LVTm6bxKVU1PmydVEFADR4gImcHWju8QKCJv2lyBRYUn_khOMGLUEHnTXUUNXTWTHL2yu5jnI3f_HIjzzoYiyRG-5Mrvo17dGpDBI

Requested by

Host: def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
URL: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 5406 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
URL: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:05:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5406 119 KB
37 KB 131ms
47ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
URL: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 07:12:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 5406 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
URL: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:11:49 GMT

GET
H2 200 759945806609660301
s0.2mdn.net/simgad/ Frame 5406 50 KB
50 KB 152ms
40ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/759945806609660301

Requested by

Host: def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
URL: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5235cbf8944664df0f507cd063884648773b54d269f65776c28e2e2e3f0a6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 08:56:05 GMT
x-content-type-options: nosniff
age: 166569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50929
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:59:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Mar 2023 08:56:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8805 0
0 115ms
92ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=259901864944635&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response
pagead2.googlesyndication.com/bg/ Frame C1E0 35 KB
13 KB 71ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 15:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 15:02:08 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BBDA 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Mar 2022 18:37:47 GMT
expires: Thu, 23 Mar 2023 18:37:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 304467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 79F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

144ms
100ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sun, 27 Mar 2022 07:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js Show response
pagead2.googlesyndication.com/bg/ Frame BBDA 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 13:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13603
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 13:02:49 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5406 0
23 B 117ms
73ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: game.defflkinqdoms.com
URL: https://game.defflkinqdoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 07:12:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 5406 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 868c28653f2c365beeb8326e07a62101f9e05b83eb7cf66089c31b0f5efb3798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
178 B 167ms
167ms Fetch
application/json 54.200.147.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.147.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-147-126.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://game.defflkinqdoms.com
date: Sun, 27 Mar 2022 07:12:14 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C1E0 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?x7oYUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:12:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BBDA 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwTmJTQ5AYr2OHcmB3gPhoqTYDQAAAAA4AeAEAg&bg=!19Sl1JDNAAbzJazn0yU7ACkAdvg8WhJ-y0P2Pf0Iq5h9zPqreQE6L41m1ojVvJWWYLYglG0aLiuCrAIAAAD5UgAAAAJoAQeZAyePFBkp8o2zsZR1OSRglXmnUMfogA6AqNaJ1E6iRLjjsAAMmbFI0aND7DGDOsQgxHV_vaLIXcXqSYED7clgFH0mVUTvKkK8tD_mq9eNg856j7rcCz2eBGf7zWNpwfKy1Wnyqw8UTu42YmZB_WCWZbPn5uFOgjy5G3jZHSJgVMf52HypNOYUBG-Y0NuijqbvZcQ-kOeeV6qthGWc3VAgv5o9bedI3ToCa1lstVqsQiAUaOlZSisJuLTfEVnDobF_C3GjPWYbjaFqvKiGJtGc5Fr0PjGbAE5kl9PRcy8TLnLs7ml-Ov93edp3g3q5u7F_m8Dn8mlxuJPmQe6PZdlBW7CuTmEwo2cIzunLRgfLM64koXCxYUz-ZFsY_3KnumB91CFRcW7ULfcrDkWReCKHxeoEXxjtHqkmNCWo-4jJZrpT2Wox5gFcnXD_AKYcFPCftFXvydxJmircbz7x0sgAJICpaKaTI8PP6ea_YU9bih1iSwV7wvu5zLPdRr3Ax_eBdFqwAsxH_LYw-34JFHsWHjdabp4NsyMxn4Rp6y5UjF-PLmpMJvkBDywKar_HPKME5PluJ8WCm1-RJT1KFtyGx4fcssGo1ZQlIzhO4Y1K4ViXxNfqBkpXAjg0oEbZ5Q-sh3JQO7HWJ350z5ImW-rIOu6YNSsu2eHwK9Mlw_y9abmWWQ5RvtXz0xkdQGxiEzBn_tO0CKkvFMl8aZWiFggw_5qsVHvrTGn9jNg3izr9-gUPOr0KfygeqU50GvjuEm02lBmZDI1HeCd2z3jG5nMqMjc1nGzy7jSsmcSBvMmK9axlZP9X_Z6tL0PY5wljnPb7QIESqqAbR4chB5jY_7eTo1GRvjOFTsYt9nuTBGkZmfBDy5IUP0WwAtzCWlseTBexya897So4hG7lYGSy-_AxXgog-021czitrDmyB584iE53OWwGp6tyOMOtgsQFPoq3FYbReqJrW9C-AOz_x8fX_P1B68Ys6EkUfs_QBLt15wABrvxgyTrKE5PYjPCwvjYwcEA94zOxM41WbXiBVpPmTgOTxG6Lkn9IQcIZvgjrctX6gaqvlr826u0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=259901864944635&bg=!fX6lfjrNAAbzJazn0yU7ACkAdvg8Wro1vMRE5RytkEkVvIfwjuPfdtsy_CHHBO9vRASWCYXzrCv9_QIAAAFLUgAAAAJoAQcKALACbUNktWCYQoYxZnvWZWsj2HBUpBWP7_Q4K5WQBsRMCjKWFteb3CQidvvUsn_9_I6UJwxyYhEL7eXK2vsBfrZLaMiOm6TSL6ao1omIODJRS9WJ8M6Uhx8TnRDtoiSFV4iAahl3PiBpRyiJnw5UE6GqUPu2eLVpZzn1KKs3ZztSt-rKU_74LycvpyCIfjpNw7ex6gjbjQGvLRh1ejpiVBuS0rq9Q2St_fkdM9bxHYPNu5kCyAlPZj-ZABFlh4p_4W2zYpyrvfsE3Y2k8iLcLqTqHqhiJo4OXMB---U5X2D5cPmp1xowL0GKfJ4DWtZhO8YEo2Zx1QYrmja-V2eLKJAkSSF3Y1VDSBd5WzTwjeFJvXl_65uIBtk1mj25t7BePLJ4AyLMuaZFpR6CUbxJZ_m055UrCI2h42Wf3hThfWOeCpa58BHBh_53c_jyUd19dHXPFT-xdJxWFcDBtrzo5F34R7nZblVq_ixLZZw29nTkRRS9bvVcEGbyBCzM2efV2-h1IJ74xI3UhASpl-qAMDr5oVaMofXFwz2vioDoTSwEMFztWdQoOIQQIXII53tBXhDvZpshqFclUpN2y1uwuseW6QcMfetaSibvA39r-gnnhZFtoAqdoc4k4qDLy4xMsA1mDHOPebz0NU1ZaS3IvoC8Hz6wON612hAUPynRPnLBCc3Fh5K-S-sRgJgAZo4P-hwulN8cF36LCL7RjpUlA0QWheE6Pfd1RE7LZcCnsvGWm8hymnLWTXQ5dEqohtbCfsO_JiI9GSeXvU_4McpocHZkPFYeH4DyuNFIO3xShroqUUuMTfrG43ugkfVu3JvXfE7YncOyDByYFjqPwgjPIPtqM1qV0uaQDRRIYL9XPhBRNv3CmzLiLeUlx-Cbos6qH-CfNPmSfYuKc4piHYaB8VOMxlgwsdUw-MOGbKSs-0OkCSusJoelmc_p9OaayZrD9152Z7t_B_Et7-s8kRRiMbD3paTgXWGLG44embVE113mzxUfZ8hJ-IHgJFyLNXAXRSI3BM7w2Lc0Pv3v9A5cCqn-O7NvDm1ihBTyR9L99qRR6ngmGFR6DLkzF0ehx8-phL03yk4kciYr678gB17UXyP-CZlKCSGSpIJDiGePpJXNfczHGhBUH-HGnNEip8xWKWQWtmKhngEI6zEsQt2WFsmIcIMvLaUCXoKWzcY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5406 42 B
64 B 121ms
74ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCC_h6297y77q3c-amdeHpL9fsgtNB02DjDOqWFNgk19TsL2Qc5eS0sKwfweXnrDxTsI_aQIk_Tm2PUWKT8vCMj2AwN3HGd0e3sj3-&sai=AMfl-YRYO2inR9i-H-Z_bXXmTV2NeqZUyILVG_WJIlX6YFm-mbUNH9vWTBrNynKi4oX3-uA78aictsPTNrmCIeMdfUr-s_Ea1jjMT9Adz9TW54pc7El3R_oNKJverbfE44ChSxWrriTJcWIZefnsT2lS5Dap&sig=Cg0ArKJSzEG-q48NHldtEAE&cid=CAASUORof4QLRGHtj2tK19lq-DLBxJ-ZRMFQeIXqzapa_mhMGSzyUkHeDuTGVt3nYaxAik7E_U28SudouUS79HSgcFOtLoFUKeLNhg0uUWYJq-yU&id=lidar2&mcvt=1001&p=16,436,106,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1443879068&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648365134333&rpt=330&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 07:12:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
349 B 7ms
7ms Image
image/gif 2600:9000:2156:3e00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-2&v=1.0.1&browser=chrome&utime=1648365133437&url=https%3A%2F%2Fgame.defflkinqdoms.com%2F&globalTI_SID=b508a11e-c62c-444d-9de3-a7ce698ddc1d&request_id=1d71ae8c-6dfa-472f-9536-617ba74529b9&gpc_enabled=no&gpc_iab_global=no&domain=defflkinqdoms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 03:22:08 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
age: 13809
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: nnSnDavtG9WDqXyGa2usGvnnnNKmzierK1olmYzIVxtDXZSRihcceQ==

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
350 B 7ms
7ms Image
image/gif 2600:9000:2156:3e00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?v=1.0.25&pulse=5000&url=https%3A%2F%2Fgame.defflkinqdoms.com%2F&vs_max=18852&browser=chrome&w=1600&h=1200&dom_delay=1237&js_delay=463&domain=game.defflkinqdoms.com&os=windows%2010&tld=defflkinqdoms.com&tz=etc%2Funknown&category=homepage&request_id=87f4e0a5-e655-4148-8520-db215637ac3d&type=sitenavigationelement&utime=1648365138296&cms_visits=%5B%222175769%22%5D&channel=direct&current_channel=direct&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&seg_cnt=2&write_key=vendor&recipe=Course%2CBaking%2CGlobal%2CHealthy%2CFavorite%20Ingredients%2CHolidays%20and%20Occasions%2CQuick%20and%20Easy%2CConvenience%20Recipes%2CBBQ%20and%20Grilling%2CHow%20To%2CExtra%20Crispy%2CWell%20Done%2CNews&muuid_source=SERVER&_gid=GA1.2.1548807955.1648365134&_ga=GA1.2.1111237949.1648365133&muuid_channel=direct&muuid_session=4163fe32-4af1-41ca-b305-76508fe4f9bd&ajs_anonymous_id=57f6a6b4-6146-468b-9852-ba3d1c992973&muuid_date=1648365132823&globalTI_SID=b508a11e-c62c-444d-9de3-a7ce698ddc1d&pageview_count=1&visit_ts=1648365132823&muuid_origin=defflkinqdoms.com&gpc_enabled=no&gpc_iab_global=no&meta_canonical=https%3A%2F%2Fgame.defflkinqdoms.com&meta_title=homepage&meta_published=2020-10-27&meta_brand=MyRecipes&meta_caas_name=myrecipes&meta_graph_id=cms%2Fonecms_posts_myrecipes_2175769&meta_env=production&meta_valid=1&meta_type=homepage&meta_cms_id=2175769&seg_segmentId=57f6a6b4-6146-468b-9852-ba3d1c992973&seg_request_id=87f4e0a5-e655-4148-8520-db215637ac3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://game.defflkinqdoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 03:22:08 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
age: 13811
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: KnwIMqwclDU_MnpYYVgDYx9oHtH2n57F4zzh_VZWfmg4bBmdo4HFGw==

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
178 B 167ms
166ms Fetch
application/json 54.200.147.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/GOHtmvx7P418NzMUhs4RsTlJDwGB9Ecz/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.147.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-147-126.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://game.defflkinqdoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://game.defflkinqdoms.com
date: Sun, 27 Mar 2022 07:12:18 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ipp-meredith.com/v1	1970-01-21 21:40:45	Name: sid Value: b508a11e-c62c-444d-9de3-a7ce698ddc1d
game.defflkinqdoms.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4bbb6ccdefa7901b7e9ea160262f40a9
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: last_request_id Value:
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: request_id Value: 87f4e0a5-e655-4148-8520-db215637ac3d
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: previous_ts Value:
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: visit_ts Value: 1648365132823
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: pageview_count Value: 1
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: globalTI_SID Value: b508a11e-c62c-444d-9de3-a7ce698ddc1d
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_date Value: 1648365132823
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: first_request_id Value: 87f4e0a5-e655-4148-8520-db215637ac3d
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_origin Value: defflkinqdoms.com
game.defflkinqdoms.com/	1970-01-20 01:52:46	Name: initial_referer Value:
d9jj3mjthpub.cloudfront.net/	1970-01-20 19:12:41	Name: cross_site_muuid Value: 681c9b07-bc8d-5a70-aafa-82be5de1cda3
.defflkinqdoms.com/	1970-01-20 10:38:21	Name: ajs_anonymous_id Value: 57f6a6b4-6146-468b-9852-ba3d1c992973
.defflkinqdoms.com/	1970-01-20 04:02:21	Name: _gcl_au Value: 1.1.721752453.1648365133
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_no_hid Value: yes
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_link Value: 87f4e0a5-e655-4148-8520-db215637ac3d
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_session Value: 4163fe32-4af1-41ca-b305-76508fe4f9bd
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_channel Value: direct
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_current_channel Value: direct
.globalwebindex.net/	1970-01-20 10:37:55	Name: GWIQ Value: ver=3&gwid=f5dfeda8-663f-45b5-86a5-92d0b8b4e5e4
.defflkinqdoms.com/	1970-01-20 01:52:48	Name: AMP_TOKEN Value: %24NOT_FOUND
.defflkinqdoms.com/	1970-01-20 19:23:57	Name: _ga Value: GA1.2.1111237949.1648365133
.defflkinqdoms.com/	1970-01-20 01:54:11	Name: _gid Value: GA1.2.1548807955.1648365134
.defflkinqdoms.com/	1970-01-20 01:52:45	Name: _gat Value: 1
game.defflkinqdoms.com/	1970-01-20 19:23:57	Name: muuid_source Value: SERVER
.defflkinqdoms.com/	1970-01-20 11:14:21	Name: __gads Value: ID=932c45bdfcb3bc92-22e51c9d66cd0052:T=1648365133:S=ALNI_Mbg8oXlMaRFvtdWl_X1Chl16MDq1A
.doubleclick.net/	1970-01-20 11:14:21	Name: IDE Value: AHWqTUl6akTpa-YmWfrP-D0fGR2KhPfc1Yeewfuyr9V2ihJnLvI_ihhqwD3PyDcREsI
.doubleclick.net/	1970-01-20 01:52:48	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=b508a11e-c62c-444d-9de3-a7ce698ddc1d Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=b508a11e-c62c-444d-9de3-a7ce698ddc1d Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aamapi.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
api.segment.io
as-sec.casalemedia.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.segment.com
chirp.bizrate.com
cookie-stream.ipp-meredith.com
d30qdagvt44524.cloudfront.net
d9jj3mjthpub.cloudfront.net
ddrvjrfwnij7n.cloudfront.net
def95a670a4c7f4cad6205cbfad6ca22.safeframe.googlesyndication.com
game.defflkinqdoms.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gwiq-v3.globalwebindex.net
gwiqcdn.globalwebindex.net
id.sv.rkdms.com
imagesvc.meredithcorp.io
js-sec.indexww.com
karma.mdpcdn.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.21.3.4
142.250.181.226
142.250.186.34
143.204.103.41
143.204.95.188
143.204.98.12
143.204.98.14
143.204.98.7
184.73.243.156
2.18.234.21
2600:1f14:600:6e02:3ac2:4b12:fb19:8b21
2600:9000:2156:3e00:11:e0c9:84c0:21
2600:9000:2156:4600:6:f5a3:efc0:93a1
2600:9000:2156:7400:19:bcbe:a700:21
2600:9000:2156:c000:d:2820:3bc0:93a1
2606:4700:10::6814:b944
2606:4700::6810:9540
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9a
35.190.80.55
35.201.93.216
54.200.147.126
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b4dc90c267835bb1938e3abc1e2e02d80544ac78d0e70f53a4d6b87223529b3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14e587f8a64c4a19b6f676ba2c9865c83beadf4169260480c4ac3653ad7ce1de
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
214a2cf87cd92dcfda39f9f89b99e4fc47a39ad9d3a9de07e8b228c1a1043bb2
279296630430021bcd4c4cd5d80222504a19cd718a37a580e5f0d84a20876476
27993e6b12703ceaecba917bfb4ca7722ab95b447cfe705b0e5027656c3f6b1f
2901f9da2400dd7c716a730e105e2d23d0af7a6e9a28c7ab194e4f682a0d38b3
2cb1cc6968d4127ccc115422624fae0483e07a09dd659a8ceaf8116d342aad71
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f149e7c38f464d9bd33c60ec2f2cf3ef8b9ff5a713015193a5122b06b955a7b
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
31da26bdb0a17730feff965b59b7d2b1fff69dcd0fe6ff086e56c6301cdcaf09
3259e7e875fb07ce351f7926bce344a0a4342b1d9fd52afe89df0070d5397d3a
33d95812388ecd69dcdcc57394f6abae8651a31768fe6fb7c28608c76c4e148f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
370e10d6844532487d15481671f85e69490163db93e259623e280fe02c3f36c1
37accabdeb52d109b8dec32c6afd5658839978d306b5b30b4bf354cdc445d9c8
397f22b2057f7e8f4b55ca19c6254ddf68186da4b94a015fbdbb31b927e97904
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3df8da20c903b4ac6cc3900ab5fadc91a0564bc66de57569d97714475e60df67
3e9abc777c77f6bc590088280934c5094b4d1c84415f53a988a50d0b9470c0fa
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
40d100335c620a92316c5053ce22e371e0832e6259d1142f8dbf05a7ee20fda3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44466021a0ec4f179409f501ec3bbd49da100971b8e01d10527aeaf1f387bc0b
4b5cc2fb1b7a429f33e24ae305b1c637ad53720f5085beb047e7a2b6c1c437ed
4eacd85578a01bfcb852bc8105cb2b23a8fd234163984f66cc8ae70af4f2899c
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515ce1ae80e2d3f3e5b9b2162c152150e0b675ca174ca7df61e44564f707bcd4
52244f69950e251f37da03e1097923a562ba47a50f9655ad79e1d3a2e0f9b859
546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a0ad78fd5bbf32be9dd4c7acd065ef6e403bbf400bd99c45edb963b590f977c
5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e30021b4f5466e1a6c9d4599b100c1e72f4c6162dc3d656bc3ed7dae00bb89
628b76b77dfa617044dcf307bfe95361a936bb584badba82b395257b88c239f5
6766a668d0c122de7f535bd1f6811f3bd0b44ab53b476b7529fe2a2cb2033f3f
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53
6bdb833f3f3b2384cbbf0683c0cc0b060838d1e8d6622d254ce3632d42ca37ab
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
6f5461769f51dd998e0256515f22b468b58be03746e35ee99d18be616b0eff3d
6ff873da51351241b26cd30686ab540c0df1254ca34c7704c976edd74cdd2740
7138baf649f735f809fb6af8bb4719f6f2db4ac33c4370d37d5dd2286b4a1414
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c69a85ae5ce23e12728f8f0c6aa480d7e4c587489899e07abbc7ceb58c3111
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868c28653f2c365beeb8326e07a62101f9e05b83eb7cf66089c31b0f5efb3798
86e3f49c910a2e824f177618976c8a9033939ea72cc1df0205b773453bcdaf69
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
8b07fa64cb9d86017c5f1f9eda05a91df1f1375eeb81113b83115af379f2dc00
90559d66b179f0700840d0192f42be29ec19c8eb548f2b703e8fb8512cb4040d
910a4f988dd25038187d1bae46b7e72d01f03ce97ce1cc1b6df8cfbbcd43c740
940e0d585416018bcbf4aeeed62839ddb605d47cf4fbcd2df1402f79bb149ee8
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af34237a192972deb44d32c8f526dec767b3c7a417257a7f0101ad5650b2192e
b6cc91b88a0e4b6ceb9c85e5388d8a52e4983ae06a623c945c539874f59e0931
b9314f8a88556ca21428f0b4ec42b9c730f5dd855054f0fc0d145cd0588bfdab
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
bf78eaea38d3f752633061d945ceb00649048329acde4450c5bf06d8205fa24d
c321b728a30ca4bfc9a3eed10432c4dd1163c62a4dee09dcd5ea4a659fb59801
c5235cbf8944664df0f507cd063884648773b54d269f65776c28e2e2e3f0a6c9
c62e0a97d9093d0049279ace9849b6a250ff3324a68490a06bd5ebb6f291aa17
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6f05e40b647c083ceb6accec2ccd5fd386579b612bf3bb053182faf6b307a7
cc78b56ba9cadc62db7a9578b345fb35893b00fbad528d22338d7af02e2f474c
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d9698823deaa0d5b43b0d994bf5c43a0bae357105cd8f4684f5a74198638dee8
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
ddb2f22434079d4bf4f4c67c7f227814be750cc6d07e8c8b88519398dd19d3a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb028600716ce4c4ee8b5ed39a355527e93be3fe6b12a0bd66deadc2d36a04
e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef11f7a681100e9830c631fd52527a17cd6d2e08ff589c72ef78a053b5607235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10d3ce13fc8ddeb5eb488e5e4029e2bf515b0bfb54088ea429c6359026e7af8
f7be09796ab0e56d9fc3191c46a39096157156fe9c23422ab5389d209991c195
fa95a8a618c5040777f40441b69f93020e2d0d32e26e8f6b3a1137db2cf496c6
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

game.defflkinqdoms.com Open in urlscan Pro 104.21.3.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

64 %IPv6

25 Domains

37 Subdomains

37 IPs

4 Countries

1767 kBTransfer

5675 kBSize

29 Cookies

16 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

game.defflkinqdoms.com Open in urlscan Pro
104.21.3.4 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

64 %
IPv6

25
Domains

37
Subdomains

37
IPs

4
Countries

1767 kB
Transfer

5675 kB
Size

29
Cookies

122 HTTP transactions
5 data transactions