duckesgame.com Open in urlscan Pro
129.227.71.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://duckesgame.com/
Submission: On September 04 via api (September 4th 2024, 1:17:41 pm UTC) from US — Scanned from SG

Summary HTTP 101 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 19 domains to perform 101 HTTP transactions. The main IP is 129.227.71.46, located in Singapore, Singapore and belongs to ZEN-ECN, US. The main domain is duckesgame.com.
TLS certificate: Issued by E5 on September 2nd 2024. Valid for: 3 months.

This is the only time duckesgame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	129.227.71.46 129.227.71.46	21859 (ZEN-ECN) (ZEN-ECN)
3 11	142.251.175.155 142.251.175.155	15169 (GOOGLE) (GOOGLE)
2	157.240.7.26 157.240.7.26	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:4003:c05::65	15169 (GOOGLE) (GOOGLE)
1	142.251.175.156 142.251.175.156	15169 (GOOGLE) (GOOGLE)
1	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:223... 2600:9000:223b:c400:a:e047:754:6941	16509 (AMAZON-02) (AMAZON-02)
1	108.157.254.43 108.157.254.43	16509 (AMAZON-02) (AMAZON-02)
17	2404:6800:400... 2404:6800:4003:c05::84	15169 (GOOGLE) (GOOGLE)
8	172.253.118.102 172.253.118.102	15169 (GOOGLE) (GOOGLE)
1	52.77.193.71 52.77.193.71	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	2a03:2880:f10... 2a03:2880:f10c:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:400... 2404:6800:4003:c05::5f	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
3	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
2	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
1	142.250.4.157 142.250.4.157	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c01::84	15169 (GOOGLE) (GOOGLE)
1	142.251.175.147 142.251.175.147	15169 (GOOGLE) (GOOGLE)
101	27

25 129.227.71.46 (Singapore, Singapore)

ASN21859 (ZEN-ECN, US)

duckesgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.175.155 (Farmingdale, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sh-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.7.26 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::65 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223b:c400:a:e047:754:6941 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.254.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-254-43.sin2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2404:6800:4003:c05::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.118.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f102.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.193.71 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-193-71.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c05::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c03::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c03::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	duckesgame.com duckesgame.com	359 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	208 KB
15	googlesyndication.com 38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203 pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	45 KB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	283 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 www.google.com — Cisco Umbrella Rank: 10	77 KB
3	gstatic.com fonts.gstatic.com	52 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	60 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
2	adtrafficquality.google ep1.adtrafficquality.google ep2.adtrafficquality.google	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	13 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1233 id5-sync.com — Cisco Umbrella Rank: 645	28 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	70 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4335	4 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3616	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	896 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1594	7 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2913	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 992	13 KB
101	19

	Domain	Requested by
25	duckesgame.com	duckesgame.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
12	securepubads.g.doubleclick.net	3 redirects duckesgame.com securepubads.g.doubleclick.net
11	tpc.googlesyndication.com	duckesgame.com ep2.adtrafficquality.google securepubads.g.doubleclick.net
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googleadservices.com	duckesgame.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com
2	www.facebook.com	duckesgame.com
2	38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	duckesgame.com connect.facebook.net
1	www.google.com	ep2.adtrafficquality.google
1	ep2.adtrafficquality.google	securepubads.g.doubleclick.net
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
101	25

This site contains no links.

Subject Issuer	Validity	Valid
duckesgame.com E5	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-02` - `2024-11-28`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
id5-sync.com WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-08-17` - `2024-11-15`	3 months	crt.sh
cdn.prod.uidapi.com E6	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
misc-sni.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
adtrafficquality.google WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://duckesgame.com/
Frame ID: 38DE0D103C833C2796A0A458ED2D31E1
Requests: 61 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 6D13BC30B56259AFF06A7C1792073DB0
Requests: 1 HTTP requests in this frame

Frame: https://38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3910CCFADF3FDE4EA4B1EAC1FE741216
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032406252034000/amp4ads-v0.mjs
Frame ID: 005AE36D9E3A6D3E13D881E690DBB368
Requests: 13 HTTP requests in this frame

Frame: https://38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 351F31FFF7392461C9FD0A643DD217A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF215D5622946473DD1F4A9BAC97A94B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D1EC627EAFDAC02F28DD8B00A0C2D92F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs
Frame ID: 52B1B0CBE1F3B67766E8FEEFD212D07B
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032406252034000/amp4ads-v0.mjs
Frame ID: 0C3320291DB96DBAA8BC4E68E13F9021
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

In Duckesgame

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

101
Requests

96 %
HTTPS

42 %
IPv6

19
Domains

25
Subdomains

27
IPs

4
Countries

1197 kB
Transfer

3434 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://securepubads.g.doubleclick.net/pagead/adview?ai=CKgYV7V3YZuPqCYbSz7sPjKC_0AG427bfea78vtGlEquOm9yxQhABIM31335gvwWgAdOb7-YDyAEJ4AIAqAMByAMKqgSJAk_Q5wsG4zsdX20z8pCqYM-H7Ur-5RY9RG-jB2dt-6FTyvr0f7Fd4Ux74eocIKZ8uPyRmm-hknxp1bfpTjHtUh_msz7YlUFLElXA0TxnCPL0U15H6oBM9PuojaiCKR9g9GCUjiLjQIqMHKBpl3f3gqUeGXCEObLxLuz5f9A84J7cuxM-bfXJmS1FsvZ6BtMHVtH_Ebh1cT3qDM1YKja1iSCTr_bnztd-ghzcKkehi8a4H8qfKws9k4Eq9gnAX-A6eB6GcerYrkGklPtnLeE0IUk47SO1qDv_J9cDxWMJeB6eQOdjiE_oOEhhasffhaanyHYbUz6vssNJ93epwVPMMMotvVBBVrzMjg7ABInSnenKBOAEAYgF8ID6v06SBQQIBBgBkgUECAUYBKAGLoAH0pm5L6gH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEOK6B9IIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOlislM75r6mIA5oJpwNodHRwczovL3d3dy5lcXVpbml4LnNnL3Jlc291cmNlcy9hbmFseXN0LXJlcG9ydHMvaWRjLWRpZ2l0YWwtZXhwZXJpZW5jZT9scz1BZHZlcnRpc2luZyUyMC0lMjBXZWImbHNkPTI0cTFfZW50ZXJwcmlzZV9oeWJyaWQtaW5mcmFzdHJ1Y3R1cmUtLXByaXZhdGUtYWlfL3Jlc291cmNlcy9hbmFseXN0LXJlcG9ydHMvaWRjLWRpZ2l0YWwtZXhwZXJpZW5jZV9kbV9ib2xfcHJvZ3JhbW1hdGljLWRpc3BsYXlfZ2RuX3NnLWVuX0FQQUNfYWlfZGVtYW5kLWdlbiZ1dG1fY2FtcGFpZ249c2ctZW5fZ2RuX3Byb2dyYW1tYXRpYy1kaXNwbGF5X2FpX2RtJnV0bV9zb3VyY2U9Z2RuJnV0bV9tZWRpdW09cHJvZ3JhbW1hdGljLWRpc3BsYXkmdXRtX2NvbnRlbnQ9aHlicmlkLWluZnJhc3RydWN0dXJlLS1wcml2YXRlLWFpX3dpdGgtdGV4dCZnYWRfc291cmNlPTWACgPICwHaDBAKChCQlfPv2N2q2kESAgED4g0TCJXDzvmvqYgDFQbpcwEdDNAPGrgT5APYEw3QFQGAFwGyFyAKHAgAEhRwdWItMzczMzQ0MDA0MjI2NTA2Nhi-lSQYAboXAjgBshgJEgK4UBguIgEA0BgB6BgB&sigh=yQTNOPGEmtw&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwDpaXnflqxabpDVqyr-_7UzJpdux5bcttmRnA5izvb-CR-u7dDafgN0hWoM24hsAzF2EJ5-HJnzNMegWJ6C2epXDUoW6T21RrYSwGlFmUEYAQ&template_id=484 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab73fd6e09b530000000000000000%22,%224%22:%220x16d99b529d73e0250000000000000000%22,%225%22:%220xd2447448129d12ca0000000000000000%22},%22debug_key%22:%228109743093074907378%22,%22debug_reporting%22:true,%22destination%22:%22https://equinix.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221021038035%22],%2222%22:[%22true%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213133347128900799057%22}&andc=true

Request Chain 87

https://securepubads.g.doubleclick.net/pagead/adview?ai=CUWvu7l3YZqziF9zqz7sPjK2eiQW427bfea78vtGlEquOm9yxQhABIM31335gvwWgAdOb7-YDyAEJ4AIAqAMByAMKqgSGAk_QwjtwjT39eOTb814r3chr_owFmGUKMVZEoDhjYooqiCn6IyKIHDfO0RwoVW6q4qNeL2n3bWaanB8QN_PVg2k-ZSJ1VvRQ1EhSy0FBW7dymaiTKO7UwQ0GdXeMa6FxrxdpCd0-oC52n_Q41ELI8iri7Zg3u-vsi2SB1bjcOYoZNUm_X9Jb29uZgyXOxRIW25hAeGnHV0_q7fiVlepjlk7LGdVeGMOAm0WETtLPg9GI11k_QmVb-29wQE61I80ybfVAAd7Q64dN5XsS8cLe6XDbJxgY0BHx9BYiw-4dxjvsv53mx5EXWBsdbcHlUBn6jDemEY9EvfkT5oPz0QtoB6pJ85FT1jXABInSnenKBOAEAYgF8ID6v06SBQQIBBgBkgUECAUYBKAGLoAH0pm5L6gH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEELT3KtIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOljyp875r6mIA5oJpwNodHRwczovL3d3dy5lcXVpbml4LnNnL3Jlc291cmNlcy9hbmFseXN0LXJlcG9ydHMvaWRjLWRpZ2l0YWwtZXhwZXJpZW5jZT9scz1BZHZlcnRpc2luZyUyMC0lMjBXZWImbHNkPTI0cTFfZW50ZXJwcmlzZV9oeWJyaWQtaW5mcmFzdHJ1Y3R1cmUtLXByaXZhdGUtYWlfL3Jlc291cmNlcy9hbmFseXN0LXJlcG9ydHMvaWRjLWRpZ2l0YWwtZXhwZXJpZW5jZV9kbV9ib2xfcHJvZ3JhbW1hdGljLWRpc3BsYXlfZ2RuX3NnLWVuX0FQQUNfYWlfZGVtYW5kLWdlbiZ1dG1fY2FtcGFpZ249c2ctZW5fZ2RuX3Byb2dyYW1tYXRpYy1kaXNwbGF5X2FpX2RtJnV0bV9zb3VyY2U9Z2RuJnV0bV9tZWRpdW09cHJvZ3JhbW1hdGljLWRpc3BsYXkmdXRtX2NvbnRlbnQ9aHlicmlkLWluZnJhc3RydWN0dXJlLS1wcml2YXRlLWFpX3dpdGgtdGV4dCZnYWRfc291cmNlPTWACgPICwHaDBEKCxDAiNzerOWn_tIBEgIBA-INEwjN4M75r6mIAxVc9XMBHYyWJ1HYEw3QFQGAFwGyFyAKHAgAEhRwdWItMzczMzQ0MDA0MjI2NTA2Nhi-lSQYAboXAjgBshgJEgK4UBguIgEA0BgB6BgB&sigh=pL6YhTuzewg&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwDpaXnfchiPNA7Sxm3Ojp6pQaTgfcNWmAaxFuz9T3Lz64Kx82oGQrfTGXmSlhy74JhkFZ3zQm-hNQq-gseIf4IsoTGhbDBg9RsiS77hqfAYAQ&template_id=5000 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab73fd6e09b530000000000000000%22,%224%22:%220x16d99b529d73e0250000000000000000%22,%225%22:%220xd2447448129d12ca0000000000000000%22},%22debug_key%22:%228108584302181494484%22,%22debug_reporting%22:true,%22destination%22:%22https://equinix.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221021038035%22],%2222%22:[%22true%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227066748095942798593%22}&andc=true

Request Chain 100

https://securepubads.g.doubleclick.net/pagead/adview?ai=CubSo7l3YZpbNMpvl3LUPnpHekQS427bfea78vtGlEquOm9yxQhABIM31335gvwWgAdOb7-YDyAEJ4AIAqAMByAMKqgSJAk_Q72_wsuLrT9-O4Z_9Hwp7vQoaf4REcpwOekdcA8Kk5Wj4e_2ivl9P7ImWalwSbHlkLkqvP4yujh49RqSu6VrWAwQdx-2ZCL7-HZnJY7GIWBYg180v2sDJ48eRAYddgzwMJhDNHrRTgVKoZBQbyCV2qBJFrA91lZDXPnzmJN-hJ5TRgk-f_LIRLCUBvPCZLW-TAG1UVmHWD1xmbTlE2vYLWnqeXj4I0noEA7avcgvvkdH8t-wmkeDc8IwNodVEqw2RD2Nay2LDz2j5F7dPvvkfNDFhVAmwxfE0-2BnOFdRvYHk_ruRjjvl0EycMnyQcynvSnibHACMdifyNysoics5puhbz_bIuoLABInSnenKBOAEAYgF8ID6v06SBQQIBBgBkgUECAUYBKAGLoAH0pm5L6gH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEMHABtIIJgiAYRABGB0yAooCOguAQIDAgICAoKiAAki9_cE6WNXIzvmvqYgDmgmnA2h0dHBzOi8vd3d3LmVxdWluaXguc2cvcmVzb3VyY2VzL2FuYWx5c3QtcmVwb3J0cy9pZGMtZGlnaXRhbC1leHBlcmllbmNlP2xzPUFkdmVydGlzaW5nJTIwLSUyMFdlYiZsc2Q9MjRxMV9lbnRlcnByaXNlX2h5YnJpZC1pbmZyYXN0cnVjdHVyZS0tcHJpdmF0ZS1haV8vcmVzb3VyY2VzL2FuYWx5c3QtcmVwb3J0cy9pZGMtZGlnaXRhbC1leHBlcmllbmNlX2RtX2JvbF9wcm9ncmFtbWF0aWMtZGlzcGxheV9nZG5fc2ctZW5fQVBBQ19haV9kZW1hbmQtZ2VuJnV0bV9jYW1wYWlnbj1zZy1lbl9nZG5fcHJvZ3JhbW1hdGljLWRpc3BsYXlfYWlfZG0mdXRtX3NvdXJjZT1nZG4mdXRtX21lZGl1bT1wcm9ncmFtbWF0aWMtZGlzcGxheSZ1dG1fY29udGVudD1oeWJyaWQtaW5mcmFzdHJ1Y3R1cmUtLXByaXZhdGUtYWlfd2l0aC10ZXh0JmdhZF9zb3VyY2U9NYAKA8gLAdoMEQoLELCeiZj5sbPl2wESAgED4g0TCPn4zvmvqYgDFZsytwAdnog3QtgTDdAVAYAXAbIXIAocCAASFHB1Yi0zNzMzNDQwMDQyMjY1MDY2GL6VJBgBuhcCOAGyGAkSArhQGC4iAQDQGAHoGAE&sigh=asPXADKaWso&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTgDpaXnf8gD_FqjxhowxSLjXjgr_He6NUCWirW7uPvbcUGuOJ6khrxNDJUfMYkAWcqZKGaH-qJ3SEGuNQUgJZK9b2P8PTx4_fTV2D2ZfARgB&template_id=5000 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab73fd6e09b530000000000000000%22,%224%22:%220x16d99b529d73e0250000000000000000%22,%225%22:%220xd2447448129d12ca0000000000000000%22},%22debug_key%22:%229084432373909523624%22,%22debug_reporting%22:true,%22destination%22:%22https://equinix.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221021038035%22],%2222%22:[%22true%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217582830207565868785%22}&andc=true

101 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
duckesgame.com/ 6 KB
2 KB 565ms
123ms Document
text/html 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 64d7b8cc2661d003a14ff412990e13d229b670bcb832124b1850ccb518a65d2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-MD5: yWV/L0C3LzVMnMpQS/nbYA==
Content-Type: text/html
Date: Wed, 04 Sep 2024 13:17:32 GMT
Last-Modified: Thu, 15 Aug 2024 02:22:29 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Ser: BC116_HK-xianggang-xianggang-4-cache-2, BC45_SG-singapore-singapore-17-cache-4
x-oss-hash-crc64ecma: 3400307456156751332
x-oss-object-type: Normal
x-oss-request-id: 66D84B29AA0DCC313318FAFE
x-oss-server-time: 26
x-oss-storage-class: Standard

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
32 KB 40ms
15ms Script
text/javascript 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

b4ba12d135ae2873c914ce4f10c155211b75a58f0bda7f35fb336506f3a7724e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32441
x-xss-protection: 0
server: cafe
etag: 819 / 19970 / m202408290101 / config-hash: 18223371362433748229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 04 Sep 2024 13:17:32 GMT

GET
H/1.1 200
OK 312dd468f0a2b36032f3a195730a83de.js Show response
duckesgame.com/vender/ 101 KB
101 KB 417ms
414ms Script
text/javascript 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://duckesgame.com/vender/312dd468f0a2b36032f3a195730a83de.js
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 658682fecd5582b9660892a26c25d16d9ac2d1295c1a21e0fff863375d9a891d

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66C7626571229232369A0CC1
Last-Modified: Thu, 15 Aug 2024 02:22:32 GMT
Content-MD5: GzxcP/JbDkXZxsT4gSrOEQ==
ETag: "1B3C5C3FF25B0E45D9C6C4F8812ACE11"
Vary: Accept-Encoding
Content-Type: text/javascript
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 16005120401911155759
Content-Length: 103313
x-oss-server-time: 54
X-Ser: BC116_HK-xianggang-xianggang-4-cache-2, BC44_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK eb8bd36a781cdfc6c9496ee55804ebce.js Show response
duckesgame.com/index/js/ 25 KB
26 KB 131ms
125ms Script
text/javascript 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://duckesgame.com/index/js/eb8bd36a781cdfc6c9496ee55804ebce.js
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 5de69c859b7e2603521cb8fc49ea042282b1e142ecf21c6a7c52a871ad81a46d

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:32 GMT
x-oss-request-id: 66D53A379BED143539A00238
Last-Modified: Thu, 15 Aug 2024 02:22:29 GMT
Content-MD5: MEz//PYMzzi+fHcZSBWcsA==
ETag: "304CFFFCF60CCF38BE7C771948159CB0"
Vary: Accept-Encoding
Content-Type: text/javascript
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 17540206737752803286
Content-Length: 26030
x-oss-server-time: 77
X-Ser: BC120_HK-xianggang-xianggang-4-cache-2, BC38_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK 749e73bfa5d297de2518.css
duckesgame.com/index/css/ 14 KB
3 KB 85ms
69ms Stylesheet
text/css 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://duckesgame.com/index/css/749e73bfa5d297de2518.css
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 60ebe0f62d2fa767840871b2b07a2915f2b37759f333dce1f79e4fcbcad2a59b

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:32 GMT
Content-Encoding: gzip
x-oss-request-id: 66D5FB5D637FD2363447C929
Last-Modified: Thu, 15 Aug 2024 02:22:29 GMT
Content-MD5: SdsyOkyefaKr0H2dSL2OGg==
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
x-oss-storage-class: Standard
Connection: keep-alive
x-oss-hash-crc64ecma: 5932387104360268729
x-oss-server-time: 29
X-Ser: BC117_HK-xianggang-xianggang-4-cache-2, BC37_SG-singapore-singapore-17-cache-4

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 23ms
5ms Script
application/x-javascript 157.240.7.26
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin6.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Sep 2024 13:17:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 58
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=23, mss=1232, tbw=4316, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: BA23kdssiatkGXeGExu3+/QNeXB4NWF+nXXW8028zu9oTSXtJQitlBcsc7M66fFXlT0Y1rVER1vpXTuNcGJUvA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/ 479 KB
149 KB 5ms
4ms Script
text/javascript 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 13:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84471
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152988
x-xss-protection: 0
server: cafe
etag: 7232803424342751065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 03 Sep 2025 13:49:41 GMT

GET
H3 200 1496014731020287 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 409ms
408ms Script
application/x-javascript 157.240.7.26
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1496014731020287?v=2.9.166&r=stable&domain=duckesgame.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin6.fbcdn.net

Software

Resource Hash

40797e9512d32d38d886d8029479f30a490f213717671a8f53036ad84447c8e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Sep 2024 13:17:33 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=68, mss=1232, tbw=66954, tp=63, tpl=0, uplat=402, ullat=1
pragma: public
x-fb-debug: VVSc+WlZmlI0OzxIloucwnHa3xWqpYUIuUxxBy3jHgg3OLUTHHbG2DUZ5fmQG1Fp9AFs+tapgQe37KQjcFA4Sw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK search-black.f2d7520.png
duckesgame.com/images/ 3 KB
4 KB 26ms
25ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/images/search-black.f2d7520.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/index/css/749e73bfa5d297de2518.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 12cbf27ef90bcb650d42d52a148eade511950e317a917cfb2cc9f14cf76e87c2

Request headers

Referer: https://duckesgame.com/index/css/749e73bfa5d297de2518.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:32 GMT
x-oss-request-id: 66D5FB72A87B9A333318CCD7
Last-Modified: Thu, 15 Aug 2024 02:22:28 GMT
Content-MD5: GbEO5q0LcXpU6LSWtrhQMw==
ETag: "19B10EE6AD0B717A54E8B496B6B85033"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 17962719982196813963
Content-Length: 3506
x-oss-server-time: 4
X-Ser: BC10_SG-singapore-singapore-17-cache-1, BC46_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK HTOWERTI.b9437c8.ttf
duckesgame.com/fonts/ 73 KB
74 KB 200ms
192ms Font
font/ttf 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://duckesgame.com/fonts/HTOWERTI.b9437c8.ttf
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/index/css/749e73bfa5d297de2518.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 8f7699a0fd02de79d565fbd5205be070b777b790f028c1fd7e6090e34ed81bda

Request headers

Referer: https://duckesgame.com/index/css/749e73bfa5d297de2518.css
Origin: https://duckesgame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D00BADCA1C633038EFF383
Last-Modified: Thu, 15 Aug 2024 02:22:27 GMT
Content-MD5: ThI9wzX0xBZx5ZfTftyv/Q==
ETag: "4E123DC335F4C41671E597D37EDCAFFD"
Vary: Accept-Encoding
Content-Type: font/ttf
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9709986859032728419
Content-Length: 74712
x-oss-server-time: 34
X-Ser: BC116_HK-xianggang-xianggang-4-cache-2, BC38_SG-singapore-singapore-17-cache-4

GET
H2 200 233509614 Show response
fundingchoicesmessages.google.com/i/ 206 KB
68 KB 77ms
54ms Script
application/javascript 2404:6800:4003:c05::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/233509614?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::65 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f261c6d819284c896326e0589945e0baae57d70e0f01ed8c50908396d032ec9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wYscvszdAHEEB0mWaEmGXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-wYscvszdAHEEB0mWaEmGXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YFYtecSqzEQ3193ifU5EO_9eIn1KBALcXO83f1wG5vAjAM3WZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDCwNjPQMTOMLDAC-fUFS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVQRYRp7s1N98VGIytLNvThSNvV84ZrxSUQNGSb3sJoWR_GSnKbvX8n1dvh-ZThuCK5dz9rxgzzhLUSx8ZR23Vn6Ylq8N4wWlboHPsPSH4K54TrWXGf92oK87oe4PXA5lHJoyq34g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 45ms
44ms Script
application/javascript 2404:6800:4003:c05::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVQRYRp7s1N98VGIytLNvThSNvV84ZrxSUQNGSb3sJoWR_GSnKbvX8n1dvh-ZThuCK5dz9rxgzzhLUSx8ZR23Vn6Ylq8N4wWlboHPsPSH4K54TrWXGf92oK87oe4PXA5lHJoyq34g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1NDU1ODUzLDYzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2R1Y2tlc2dhbWUuY29tLyIsbnVsbCxbWzgsImZwRkJTaEp6QkZJIl0sWzksImVuLUdCIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjI1Myw5NTM0MDI1MF0sbnVsbCw5XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.fpFBShJzBFI.es5.O/am=QDA/d=1/rs=AJlcJMxWgbqyq3iZwSOJjYxcwSFQJ9xm2Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::65 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29267cb7605e79356f1a52a99b6f18dd0e3bb282fc07e5f7aad1f75b104d01be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zwTeWskMoSxIFNsSTcWSyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-zwTeWskMoSxIFNsSTcWSyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1ZBiOHnrNtNFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BWLXnEqsxEN9fd4n1ORDv_XiJ9SgQC3FzvN39cBubwIdFL4yUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDYz0DEzjCwwA9IlG2g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6D13 0
0 6ms
5ms Document
text/html 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29367
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Sep 2024 12:47:08 GMT
expires: Wed, 04 Sep 2024 13:37:08 GMT
last-modified: Mon, 26 Aug 2024 19:48:13 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 45ms
6ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jul 2024 14:14:53 GMT
server: nginx
etag: W/"668fe8dd-a6cc"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 05 Sep 2024 13:17:33 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 43ms
4ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 19:32:53 GMT
content-encoding: gzip
age: 409480
x-guploader-uploadid: AHxI1nMQz4buEu-oShPcln9WFSLeW9B4XDlY69c4BrcaSMn3sT4YgcmS7spm3J07XF-5A7TwfcMPWbqqvA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 30 Aug 2025 19:32:53 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
7 KB 230ms
136ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2024 20:25:40 GMT
server: cloudflare
age: 59656
etag: W/"66ce3644-43df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8bde42aa8c1d85f5-HKG
expires: Sat, 07 Sep 2024 13:17:33 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 95 KB
28 KB 68ms
30ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ffa3bc4d31cd7e382c68a1395bb40304a175527da547e996c9b72c703eee830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Aug 2024 13:30:01 GMT
server: cloudflare
x-amz-request-id: C8D1GHJE1TT9AMQN
age: 989
etag: W/"653728b6660da576e45e9351e8e38ce5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8bde42aa1a7e49c6-SIN
x-amz-id-2: dz8bjEJlRuizHS8OEr8QS8+OYPYTSBhy3jtU4ar9R4nrp7ay7RSSh744VXQHIUCVt+O+xNnsx+9mdkWB3BrwLg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 522ms
172ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Sep 2024 13:17:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 41730
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-maa10241-MAA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 341ms
312ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
via: 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 5b625fcb21cc628fc9d7a87b9874eabc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 39ms
4ms Script
text/javascript 2600:9000:223b:c400:a:e047:754:6941
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:c400:a:e047:754:6941 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
Date: Wed, 04 Sep 2024 00:08:47 GMT
Via: 1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 47327
x-amz-server-side-encryption: AES256
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3181
X-Amz-Cf-Id: jTQOboWehwNyb2KRlO80lPdaN6kjDADrVOnDtkw_X5FYnNkq33aKIg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 30ms
5ms Script
text/javascript 108.157.254.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-43.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 23:01:05 GMT
content-encoding: gzip
via: 1.1 18d219607cd33339d12f9759fbda52dc.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 51389
x-amz-server-side-encryption: AES256
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: XSNd4LVVXdOoNf1pjlbAt2iD7UO3QGiwFhdIVj2Pexqvw20Rnrp2Ug==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 172 KB
42 KB 933ms
932ms Fetch
text/plain 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2504624949426512&correlator=3393075440178723&eid=44809527%2C31079525%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fifs&gdpr=0&iu_parts=233509614%2Cduckesgame.com%2Cduckesgame.com_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=5&sc=1&cookie_enabled=1&cdm=duckesgame.com&abxe=1&dt=1725455853097&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=duckesgame.com&loc=https%3A%2F%2Fduckesgame.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=25148&tan=4694d94f-e940-44da-8e48-5624f9a71a4e&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYn8y76ZsySABSAghkEhsKDDMzYWNyb3NzLmNvbRifzLvpmzJIAFICCGQSGQoKcHViY2lkLm9yZxifzLvpmzJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ynsy76ZsySABSAghkEhcKCHJ0YmhvdXNlGJ_Mu-mbMkgAUgIIZBIUCgVvcGVueBifzLvpmzJIAFICCGQSGQoKdWlkYXBpLmNvbRifzLvpmzJIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJ_Mu-mbMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725455852768&idt=115&adks=3331539578&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

2862cf7a51a67a8677d65df99f892df834661999074eb0693d5c6fd43ee88e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43268
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 927 B
429 B 1273ms
1273ms Fetch
text/plain 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2504624949426512&correlator=3393075440178723&eid=44809527%2C31079525%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fifs&gdpr=0&iu_parts=233509614%2Cduckesgame.com%2Cduckesgame.com_anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=1&eri=4&sc=1&cookie_enabled=1&cdm=duckesgame.com&abxe=1&dt=1725455853105&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=duckesgame.com&loc=https%3A%2F%2Fduckesgame.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=25148&tan=4694d94f-e940-44da-8e48-5624f9a71a4f&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYn8y76ZsySABSAghkEhsKDDMzYWNyb3NzLmNvbRifzLvpmzJIAFICCGQSGQoKcHViY2lkLm9yZxifzLvpmzJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ynsy76ZsySABSAghkEhcKCHJ0YmhvdXNlGJ_Mu-mbMkgAUgIIZBIUCgVvcGVueBifzLvpmzJIAFICCGQSGQoKdWlkYXBpLmNvbRifzLvpmzJIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJ_Mu-mbMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725455852768&idt=115&prev_scp=test%3Danchor&adks=357201025&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

21ab402be881d0279ed397ccbba27c3d7205ada19f14f9268df35782c78c888d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
15 KB 1741ms
1740ms Fetch
text/plain 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2504624949426512&correlator=3393075440178723&eid=44809527%2C31079525%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fifs&gdpr=0&iu_parts=233509614%2Cduckesgame.com%2Cduckesgame.com_hometop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=duckesgame.com&abxe=1&dt=1725455853108&adxs=650&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=duckesgame.com&loc=https%3A%2F%2Fduckesgame.com%2F&vis=1&psz=1200x270&msz=1200x0&fws=0&ohw=0&td=1&egid=25148&tan=4694d94f-e940-44da-8e48-5624f9a71a50&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYn8y76ZsySABSAghkEhsKDDMzYWNyb3NzLmNvbRifzLvpmzJIAFICCGQSGQoKcHViY2lkLm9yZxifzLvpmzJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ynsy76ZsySABSAghkEhcKCHJ0YmhvdXNlGJ_Mu-mbMkgAUgIIZBIUCgVvcGVueBifzLvpmzJIAFICCGQSGQoKdWlkYXBpLmNvbRifzLvpmzJIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJ_Mu-mbMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725455852768&idt=115&adks=1352668586&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

900bc663b9999e0db72e52831a7cb28a863413135347bcd4fe95475ff3caa964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15156
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://duckesgame.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
14 KB 523ms
522ms Fetch
text/plain 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2504624949426512&correlator=3393075440178723&eid=44809527%2C31079525%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fifs&gdpr=0&iu_parts=233509614%2Cduckesgame.com%2Cduckesgame.com_homemiddle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=duckesgame.com&abxe=1&dt=1725455853111&adxs=650&adys=216&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=duckesgame.com&loc=https%3A%2F%2Fduckesgame.com%2F&vis=1&psz=1200x270&msz=1200x0&fws=0&ohw=0&td=1&egid=25148&tan=4694d94f-e940-44da-8e48-5624f9a71a51&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYn8y76ZsySABSAghkEhsKDDMzYWNyb3NzLmNvbRifzLvpmzJIAFICCGQSGQoKcHViY2lkLm9yZxifzLvpmzJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ynsy76ZsySABSAghkEhcKCHJ0YmhvdXNlGJ_Mu-mbMkgAUgIIZBIUCgVvcGVueBifzLvpmzJIAFICCGQSGQoKdWlkYXBpLmNvbRifzLvpmzJIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJ_Mu-mbMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725455852768&idt=115&adks=2563800453&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

dcd01f99e8757f1bbdd1dba34fd3f9b89006c6838f783aa7da1a127ba5e73400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14785
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://duckesgame.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
15 KB 2153ms
2152ms Fetch
text/plain 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2504624949426512&correlator=3393075440178723&eid=44809527%2C31079525%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fifs&gdpr=0&iu_parts=233509614%2Cduckesgame.com%2Cduckesgame.com_homebottom&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=duckesgame.com&abxe=1&dt=1725455853113&adxs=650&adys=342&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=duckesgame.com&loc=https%3A%2F%2Fduckesgame.com%2F&vis=1&psz=1200x58&msz=1200x0&fws=0&ohw=0&td=1&egid=25148&tan=4694d94f-e940-44da-8e48-5624f9a71a52&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYn8y76ZsySABSAghkEhsKDDMzYWNyb3NzLmNvbRifzLvpmzJIAFICCGQSGQoKcHViY2lkLm9yZxifzLvpmzJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Ynsy76ZsySABSAghkEhcKCHJ0YmhvdXNlGJ_Mu-mbMkgAUgIIZBIUCgVvcGVueBifzLvpmzJIAFICCGQSGQoKdWlkYXBpLmNvbRifzLvpmzJIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJ_Mu-mbMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725455852768&idt=115&adks=4211569355&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

b3f1e91880b0f4f814aad65c1e35b86c01d049d27ffedbb260bbc03814a5643d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15287
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://duckesgame.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3910 0
0 26ms
5ms Document
text/html 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Sep 2024 13:17:33 GMT
expires: Wed, 04 Sep 2024 13:17:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/ 48 KB
15 KB 7ms
6ms Script
text/javascript 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

cafe /

Resource Hash

1b21b97a7d36616c1fece5725dc60524b733f184a9ef069e563de8fba7088709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 15:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79873
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15404
x-xss-protection: 0
server: cafe
etag: 3927536941278341084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 03 Sep 2025 15:06:20 GMT

GET
H3 200 AGSKWxUzew0nk-2kPsoa2X_L154y5bMqeIXTzcYz0rqzIH5gkW4VvIyRIteCqz4egeps7wSpgSwTxnhOQJNubaZxkT_B0SgZGo9kl22kLrCJbwOYNpzdNFlon_IPeOtsgCE6MAY9urdsRQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 28ms
27ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUzew0nk-2kPsoa2X_L154y5bMqeIXTzcYz0rqzIH5gkW4VvIyRIteCqz4egeps7wSpgSwTxnhOQJNubaZxkT_B0SgZGo9kl22kLrCJbwOYNpzdNFlon_IPeOtsgCE6MAY9urdsRQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1NDU1ODUzLDE0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZHVja2VzZ2FtZS5jb20vIixudWxsLFtbOCwiZnBGQlNoSnpCRkkiXSxbOSwiZW4tR0IiXSxbMjAsIltudWxsLG51bGwsWzMxMDgyMjUzLDk1MzQwMjUwXSxudWxsLDldIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

7f5d4b156a77c2ccef1cbcd07dd19c28728d2f14dc5804124c642a423c9c417a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-giEMfh-QB9D2y_3dJe3fZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-giEMfh-QB9D2y_3dJe3fZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YFYtecSqzEQ3193ifU5EO_9eIn1KBALcXO83f1wG5vAhKeb_JQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDCwNjPQMTOMLDADLtEGW"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
615 B 40ms
17ms XHR
application/json 52.77.193.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.193.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-193-71.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: dd892aa6a9dee8669a35b75eb463431081236d353da3fe7852bdd5f8be4bb091

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Sep 2024 13:17:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache
x-server: 10.42.29.189
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 778ms
255ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://duckesgame.com
date: Wed, 04 Sep 2024 13:17:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H/1.1 200
OK duckesgame.png
duckesgame.com/public/images/rootLogo/ 6 KB
7 KB 27ms
26ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/rootLogo/duckesgame.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 37658a077badd9da9d8aaee56c8d96e1b05f2ef1aefe1c2fdcc9ee69eb088ba6

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB64A05E3638300D5C8C
Last-Modified: Mon, 08 Jul 2024 03:22:10 GMT
Content-MD5: Nmdw7ChJCBb6iUp7SKWgXA==
ETag: "366770EC28490816FA894A7B48A5A05C"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4213697512832744368
Content-Length: 6614
x-oss-server-time: 5
X-Ser: BC70_SG-singapore-singapore-8-cache-2, BC36_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/ccy/20230906/Snakeland/icons/ 6 KB
7 KB 164ms
161ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/ccy/20230906/Snakeland/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: aca94170df3e2b1d1cf0e3e3f80e0862b6f1745ea335963e47576399ec9282d7

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D85DEDF9AF89373273AFBE
Last-Modified: Mon, 15 Jan 2024 09:39:27 GMT
Content-MD5: ++0PISqDsvZWsds5XugT4w==
ETag: "FBED0F212A83B2F656B1DB395EE813E3"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 16845201337906983737
Content-Length: 6152
x-oss-server-time: 5
X-Ser: BC120_HK-xianggang-xianggang-4-cache-2, BC40_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/uni/DoLines/icons/ 6 KB
7 KB 167ms
164ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/uni/DoLines/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: ae1715fe7dd418abf45c738127bb838bb676147efd65c5edda2eff5cb5bb6615

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D85DED1EAB8E3235B08391
Last-Modified: Tue, 16 Jan 2024 03:20:49 GMT
Content-MD5: lEnqRR/OMnEg2JCPrA5vIg==
ETag: "9449EA451FCE327120D8908FAC0E6F22"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 5125662482592784929
Content-Length: 6192
x-oss-server-time: 9
X-Ser: BC120_HK-xianggang-xianggang-4-cache-2, BC46_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/ccy/CardAttack/icons/ 8 KB
9 KB 45ms
42ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/ccy/CardAttack/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: f39469d5a6e8defe3ce4ba4e22208b6e75933e317646da2aaeaea5390cbb5b58

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D85DEDE9CC4C333172C2BC
Last-Modified: Mon, 15 Jan 2024 09:57:25 GMT
Content-MD5: Ud8IXTQCrM5vUCyzqsugPQ==
ETag: "51DF085D3402ACCE6F502CB3AACBA03D"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 2312425725414166931
Content-Length: 8230
x-oss-server-time: 8
X-Ser: BC68_SG-singapore-singapore-8-cache-2, BC45_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/ccy/NuggetSeeker/icons/ 23 KB
24 KB 107ms
60ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/ccy/NuggetSeeker/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 0ff35fde1aeec4785d2ebf68ceef4a9c0f5228be81240130a40a49c549e77f4a

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D85DEDA87B9A3239B5F4B9
Last-Modified: Mon, 15 Jan 2024 10:26:29 GMT
Content-MD5: 8K7JXa8n6lSU6XmmDChlhQ==
ETag: "F0AEC95DAF27EA5494E979A60C286585"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 12588556644481051524
Content-Length: 23650
x-oss-server-time: 4
X-Ser: BC67_SG-singapore-singapore-8-cache-2, BC47_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/ccy/ZombieBuster/icons/ 13 KB
14 KB 1409ms
1312ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/ccy/ZombieBuster/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 2ee7196be2e783c4f7da21ee9d979e67f0ea4230a617e98b5216c8f6809add20

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:34 GMT
x-oss-request-id: 66D85DEE0A9306323882CF8D
Last-Modified: Mon, 15 Jan 2024 10:42:28 GMT
Content-MD5: Kec37AG9hvRmKNZu8gdiaQ==
ETag: "29E737EC01BD86F46628D66EF2076269"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8979679758308686877
Content-Length: 13696
x-oss-server-time: 9
X-Ser: BC116_HK-xianggang-xianggang-4-cache-2, BC45_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/ccy/TinyCrazyFighters/icons/ 11 KB
12 KB 330ms
327ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/ccy/TinyCrazyFighters/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: b4c8aebd79e7ce8e828d9817ffd7d4f19ddbc28a943f419c01839243c2c4870c

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D85DED3D643B363313BE55
Last-Modified: Mon, 15 Jan 2024 10:35:56 GMT
Content-MD5: qOiI56meYy7fchnFMT73Gw==
ETag: "A8E888E7A99E632EDF7219C5313EF71B"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 10427826159731359027
Content-Length: 11300
x-oss-server-time: 4
X-Ser: BC116_HK-xianggang-xianggang-4-cache-2, BC38_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/uni/HandDoctor/icons/ 25 KB
25 KB 89ms
86ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/uni/HandDoctor/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: e491e5c84ab3d7e8402e30118b697a6e3903c64623e749c46a2e92bf6e3d9489

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D06E6B048FEF3832EDEB6D
Last-Modified: Tue, 16 Jan 2024 03:23:07 GMT
Content-MD5: SsC66QM6P5wLEC3iY+z4jQ==
ETag: "4AC0BAE9033A3F9C0B102DE263ECF88D"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9577772448220748511
Content-Length: 25334
x-oss-server-time: 5
X-Ser: BC6_SG-singapore-singapore-17-cache-1, BC37_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK nicon.webp
duckesgame.com/public/game/20231020/Halloween2048/icons/ 11 KB
12 KB 162ms
140ms Image
image/webp 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/game/20231020/Halloween2048/icons/nicon.webp
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: b55d38db52666d550c68495b76d6543103b94b3d9c2f2c4501a266ae5d0bcbe7

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D85DED5A57B53833ADEF1F
Last-Modified: Tue, 16 Jan 2024 06:54:33 GMT
Content-MD5: adwykEJMtWuV6dinvtV3bQ==
ETag: "69DC3290424CB56B95E9D8A7BED5776D"
Vary: Accept-Encoding
Content-Type: image/webp
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 6719539296506063703
Content-Length: 11354
x-oss-server-time: 20
X-Ser: BC10_SG-singapore-singapore-17-cache-1, BC44_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Adventure.png
duckesgame.com/public/images/category/ 3 KB
3 KB 16ms
16ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Adventure.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: f88a8f4b5586331cf9016e8fa9daa790beb2a3489a6070f3bf5ccb3a22e43e74

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB64A05E36353794638C
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: icwmxQPbKsVYUNEygai7rA==
ETag: "89CC26C503DB2AC55850D13281A8BBAC"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 16868782200499241655
Content-Length: 2922
x-oss-server-time: 4
X-Ser: BC6_SG-singapore-singapore-17-cache-1, BC40_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Casual.png
duckesgame.com/public/images/category/ 2 KB
2 KB 34ms
34ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Casual.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 5a721e027bcaa5fe700c67fb28cd21f35518bb8c2613a7110858b9aaa6b88ff0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB64A87B9A3237263CD7
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: uBRSpUbG7ieWgf3rCSYTmg==
ETag: "B81452A546C6EE279681FDEB0926139A"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 16338138412159145539
Content-Length: 1705
x-oss-server-time: 5
X-Ser: BC73_SG-singapore-singapore-8-cache-2, BC44_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Strategy.png
duckesgame.com/public/images/category/ 3 KB
3 KB 17ms
16ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Strategy.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 303b11b561ce85ed8b85beb5159625af293003139b5338f4062b1a7dcbbd8bf9

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB65A05E36393762678C
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: JTrzFq46LJ9M3QKWe0Ka+g==
ETag: "253AF316AE3A2C9F4CDD02967B429AFA"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11240377800073477305
Content-Length: 2727
x-oss-server-time: 5
X-Ser: BC14_SG-singapore-singapore-17-cache-1, BC44_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Action.png
duckesgame.com/public/images/category/ 3 KB
3 KB 49ms
48ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Action.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: a21d45bdfbe11e2d567a3237136e6e36c0318b4f82d57320527cc426df09525d

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB644005843135248BC0
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: 1YskyQqijx92wqREuf7qJA==
ETag: "D58B24C90AA28F1F76C2A444B9FEEA24"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4981886700496992445
Content-Length: 2716
x-oss-server-time: 5
X-Ser: BC119_HK-xianggang-xianggang-4-cache-2, BC36_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Sports.png
duckesgame.com/public/images/category/ 3 KB
4 KB 47ms
47ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Sports.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 6aa381cf95efdc0516603466d886989ddbd2076ff186009e1b3dcd4fc5037c3b

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB65058B0F32310A0319
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: 4hs0YYE9dPOQxVLVTJU79w==
ETag: "E21B3461813D74F390C552D54C953BF7"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13818698824478780857
Content-Length: 3095
x-oss-server-time: 4
X-Ser: BC119_HK-xianggang-xianggang-4-cache-2, BC36_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Role-playing.png
duckesgame.com/public/images/category/ 2 KB
3 KB 58ms
58ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Role-playing.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: d59d33acb422b6b49ba32b214b5cd3e5ca595e6fdf62c9687f6931da3711cd72

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB65A05E3639353F6A8C
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: rIeBxWsNIbYSKiluyuQi0Q==
ETag: "AC8781C56B0D21B6122A296ECAE422D1"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 6333204044475589695
Content-Length: 2549
x-oss-server-time: 5
X-Ser: BC70_SG-singapore-singapore-8-cache-2, BC45_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Shooting.png
duckesgame.com/public/images/category/ 3 KB
3 KB 124ms
124ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Shooting.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 0c5bccfba75368b6218de019480356cd9b3121a9a3963250a3f88ccd2143cdd6

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB65AA0DCC3035B9E137
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: JnNVGP1OGbfsp37+D0PxMg==
ETag: "26735518FD4E19B7ECA77EFE0F43F132"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 538559956848993735
Content-Length: 2715
x-oss-server-time: 3
X-Ser: BC119_HK-xianggang-xianggang-4-cache-2, BC48_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Racing.png
duckesgame.com/public/images/category/ 4 KB
4 KB 28ms
28ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Racing.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 4c7c493b0accc083fbfa985b9bbc1f5b14bfab9cbfffb1e347a06afa3ddcb16c

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB65E702E23731CDEADB
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: XLZFqB6yCG+ETWpW8UKAGA==
ETag: "5CB645A81EB2086F844D6A56F1428018"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 702429406329065113
Content-Length: 3601
x-oss-server-time: 4
X-Ser: BC19_SG-singapore-singapore-17-cache-1, BC45_SG-singapore-singapore-17-cache-4

GET
H/1.1 200
OK Simulation.png
duckesgame.com/public/images/category/ 3 KB
4 KB 17ms
16ms Image
image/png 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckesgame.com/public/images/category/Simulation.png
Requested by: Host: duckesgame.com
URL: https://duckesgame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: 94683b10c04700e11f907cdf2a69dc9f7c933ca1f9fa7160dc0ea9c997e05da1

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:33 GMT
x-oss-request-id: 66D5FB6540058438359291C0
Last-Modified: Thu, 31 Aug 2023 03:14:28 GMT
Content-MD5: U25bavhOVfN1Y6XVEQ33Pg==
ETag: "536E5B6AF84E55F37563A5D5110DF73E"
Vary: Accept-Encoding
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11798089696248256310
Content-Length: 3545
x-oss-server-time: 9
X-Ser: BC67_SG-singapore-singapore-8-cache-2, BC38_SG-singapore-singapore-17-cache-4

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 24ms
7ms Image
text/plain 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1496014731020287&ev=ViewContent&dl=https%3A%2F%2Fduckesgame.com%2F&rl=&if=false&ts=1725455853342&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725455853341.259399440247947299&ler=empty&cdl=API_unavailable&it=1725455852863&coo=false&rqm=GET

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Sep 2024 13:17:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 285ms
269ms Image
image/png 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1496014731020287&ev=ViewContent&dl=https%3A%2F%2Fduckesgame.com%2F&rl=&if=false&ts=1725455853342&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1725455853341.259399440247947299&ler=empty&cdl=API_unavailable&it=1725455852863&coo=false&rqm=FGET

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6c3711ccfe9fc9f0","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:7836717946411572","7834:7836717946411572","564:7836717946411572","10196:7836717946411572","10853:7836717946411572","31:7836717946411572","8053:7836717946411572","617:7836717946411572"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 04 Sep 2024 13:17:33 GMT
x-fb-server-load: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7410776460175610206", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=3093, tp=-1, tpl=-1, uplat=262, ullat=0
pragma: no-cache
x-fb-debug: +6jEeHiKyWU8WXY6xKCSLtfaar2P+iU6n41DlKXGmE/hWuawCLMCbJk2hWgrtbH62Udqt756CwURhJau7fh6+Q==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410776460175610206"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7410776460175610206"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032406252034000/ Frame 005A 196 KB
56 KB 38ms
4ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fcd569dd4b9813aed7b6c2a4ba75d056b56778533d2e2ac37252586dd9126d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:29:36 GMT
age: 172077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56174
x-xss-protection: 0
server: sffe
etag: "b058f907dbf09d06"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:29:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 005A 15 KB
5 KB 52ms
19ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:29:10 GMT
age: 172103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5219
x-xss-protection: 0
server: sffe
etag: "de79a6048671db85"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:29:10 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 005A 95 KB
28 KB 48ms
15ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Sep 2024 03:55:27 GMT
age: 120126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29025
x-xss-protection: 0
server: sffe
etag: "16a9579aec57c4a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 03 Sep 2025 03:55:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 005A 5 KB
2 KB 51ms
18ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:39:55 GMT
age: 171458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1907
x-xss-protection: 0
server: sffe
etag: "b7204740773aee25"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:39:55 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 005A 40 KB
13 KB 45ms
12ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:21:07 GMT
age: 172586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "c65b00eac3dcf073"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:21:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 005A 4 KB
1 KB 31ms
17ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93d1697ee9f1a843a40e09ef85127252bbd95ff577a44eb06990949cb6ad365b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Sep 2024 13:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Sep 2024 11:40:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Sep 2024 13:17:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10528324589807903706/ Frame 005A 3 KB
4 KB 29ms
10ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10528324589807903706/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a927b0b3f119b4bda52d8b4bfb2608e9947466164334fc610b8917ff59546f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Wed, 04 Sep 2024 00:18:55 GMT
x-content-type-options: nosniff
age: 46718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 13:37:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Sep 2025 00:18:55 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4671489891927071081/ Frame 005A 19 KB
19 KB 27ms
9ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4671489891927071081/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800e965b582276f019a2afaa554fede3bde4b3a824bb35c7abc9a8f1c7e72ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 31 Aug 2024 01:07:02 GMT
x-content-type-options: nosniff
age: 389431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19397
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 22:58:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Aug 2025 01:07:02 GMT

GET
DATA 200
OK truncated
/ Frame 005A 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31cdcbd1f26e51ec878f8b8094dd27771be8725d6fb3ce8d039aaf23e987867

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 005A 3 KB
3 KB 21ms
12ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 14:25:46 GMT
x-content-type-options: nosniff
server: cafe
age: 82307
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Wed, 04 Sep 2024 14:25:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 005A 344 B
581 B 20ms
11ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 11:47:33 GMT
x-content-type-options: nosniff
server: cafe
age: 5400
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 05 Sep 2024 11:47:33 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 005A
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CKgYV7V3YZuPqCYbSz7sPjKC_0AG427bfea78vtGlEquOm9yxQhABIM31335gvwWgAdOb7-YDyAEJ4AIAqAMByAMKqgSJAk_Q5wsG4zsdX20z8pCqYM-H7Ur-5RY9RG-jB2dt-6FTyvr0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab7...

0
20 B

21ms
7ms

Image
text/css

142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab73fd6e09b530000000000000000%22,%224%22:%220x16d99b529d73e0250000000000000000%22,%225%22:%220xd2447448129d12ca0000000000000000%22},%22debug_key%22:%228109743093074907378%22,%22debug_reporting%22:true,%22destination%22:%22https://equinix.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221021038035%22],%2222%22:[%22true%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213133347128900799057%22}&andc=true

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5a629936a3e549960000000000000000","2":"0xf54a595c435f80ce0000000000000000","3":"0x60eab73fd6e09b530000000000000000","4":"0x16d99b529d73e0250000000000000000","5":"0xd2447448129d12ca0000000000000000"},"debug_key":"8109743093074907378","debug_reporting":true,"destination":"https://equinix.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1021038035"],"22":["true"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"13133347128900799057"}
server: cafe
content-type: text/css; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Sep 2024 13:17:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Sep 2024 13:17:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5a629936a3e549960000000000000000","2":"0xf54a595c435f80ce0000000000000000","3":"0x60eab73fd6e09b530000000000000000","4":"0x16d99b529d73e0250000000000000000","5":"0xd2447448129d12ca0000000000000000"},"debug_key":"8109743093074907378","debug_reporting":true,"destination":"https://equinix.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1021038035"],"22":["true"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"13133347128900799057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 005A 18 KB
19 KB 22ms
6ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://duckesgame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 17:00:51 GMT
x-content-type-options: nosniff
age: 505002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 17:00:51 GMT

GET
H3 200 main_ad__ad_choices._googlead. Show response
fundingchoicesmessages.google.com/f/AGSKWxXlEwl7YtTfv_XT4oQ_EhIffS_w0lagRkGdb1it2r0evFhiI8U7X7ZZViGhFlxeM6_aBebWpXi9nIoiKh-JuuY7ZBjLxACiy664_POEWWbyXmu8poz0XVXzvAZhv7h1euuPGr_jrQfyuQN1fK5cVZ82y3CJ7... 54 B
108 B 14ms
13ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXlEwl7YtTfv_XT4oQ_EhIffS_w0lagRkGdb1it2r0evFhiI8U7X7ZZViGhFlxeM6_aBebWpXi9nIoiKh-JuuY7ZBjLxACiy664_POEWWbyXmu8poz0XVXzvAZhv7h1euuPGr_jrQfyuQN1fK5cVZ82y3CJ7_FQikAsYKeziZ6-Z00iQnjJpI9pV-NC/_/admentorserve.-top-ads./main_ad__ad_choices._googlead.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.fpFBShJzBFI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzxNeTbgXRceDw2Q95_mjRhSyhpLQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

ec4344749a56601ed93f4e2031aab96769b4588b76802c8ce81b2c1dc85e279c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3spdm24X_8PS0xVsTQ0NHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3spdm24X_8PS0xVsTQ0NHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YFYtecSqzEQ3193ifU5EO_9eIn1KBAL8XC83f1wG5vAh4VfO5mVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDYz0DEzjCwwAGnNCMw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 49 KB
18 KB 16ms
4ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

cf3e408e13378dfcd0d77cd12858814dd5e5e1cdb734da8284ad4ec8cdcb1bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 12:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18568
x-xss-protection: 0
server: cafe
etag: 8241998688155232995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Sep 2024 13:51:30 GMT

POST
H3 204 AGSKWxU64lTMtpPUp9UcS7aU-XIl1gyi1X7tvt7hz962yuMrJvip-_-bX1GopBnQaa_OSW1h-EzUB0Zo3bH_tv7XQcEXQuFOm6Nnowpi--bbn2zzC3gPHscBYFbw6ZmkwxmcDombn28Zww== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 25ms
15ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU64lTMtpPUp9UcS7aU-XIl1gyi1X7tvt7hz962yuMrJvip-_-bX1GopBnQaa_OSW1h-EzUB0Zo3bH_tv7XQcEXQuFOm6Nnowpi--bbn2zzC3gPHscBYFbw6ZmkwxmcDombn28Zww==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UD74E9H8-G73J3XYdShOxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UD74E9H8-G73J3XYdShOxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDje7n64jU2gY_a2CcxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0sBIz8A8vsAAAF38LiA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU64lTMtpPUp9UcS7aU-XIl1gyi1X7tvt7hz962yuMrJvip-_-bX1GopBnQaa_OSW1h-EzUB0Zo3bH_tv7XQcEXQuFOm6Nnowpi--bbn2zzC3gPHscBYFbw6ZmkwxmcDombn28Zww==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RuOWCOSb9HkdhYaN__pvUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RuOWCOSb9HkdhYaN__pvUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDje7n64jU3gw9cjE5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpYGRnoF5fIEBAJ42Lvg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU64lTMtpPUp9UcS7aU-XIl1gyi1X7tvt7hz962yuMrJvip-_-bX1GopBnQaa_OSW1h-EzUB0Zo3bH_tv7XQcEXQuFOm6Nnowpi--bbn2zzC3gPHscBYFbw6ZmkwxmcDombn28Zww==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k4oMgLlJRB0aWDEVEp_ijg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k4oMgLlJRB0aWDEVEp_ijg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDje7n64jU3gxM-TU5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpYGRnoF5fIEBAJCTLtE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU64lTMtpPUp9UcS7aU-XIl1gyi1X7tvt7hz962yuMrJvip-_-bX1GopBnQaa_OSW1h-EzUB0Zo3bH_tv7XQcEXQuFOm6Nnowpi--bbn2zzC3gPHscBYFbw6ZmkwxmcDombn28Zww==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lir5tYxzb8nBrdLsFbaprQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-Lir5tYxzb8nBrdLsFbaprQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDje7n64jU3gwvyPU5mVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpYGRnoF5fIEBAIhXLrA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU04PB00WHqndL59EM8UoHtWHla3t-8GzOlnEuHA3gRIZwI2bNznuRXCJj3XiiNHc5dNHb2AIt2YlpIbn60pOkQNSkJ1QjcihtdcbZI86jxUQaGhK2mKspwhrLlXxtypqh3tiQEuw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 20ms
19ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU04PB00WHqndL59EM8UoHtWHla3t-8GzOlnEuHA3gRIZwI2bNznuRXCJj3XiiNHc5dNHb2AIt2YlpIbn60pOkQNSkJ1QjcihtdcbZI86jxUQaGhK2mKspwhrLlXxtypqh3tiQEuw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1NDU1ODUzLDg0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kdWNrZXNnYW1lLmNvbS8iLG51bGwsW1s4LCJmcEZCU2hKekJGSSJdLFs5LCJlbi1HQiJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTMsOTUzNDAyNTBdLG51bGwsOV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

9980790416b7080783ce6889174175bf2df3d9a8b67997572e89f54bae290500

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sE5Oo6pGS3xdPbPSfSSc4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-sE5Oo6pGS3xdPbPSfSSc4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YFYtecSqzEQ3193ifU5EO_9eIn1KBAL8XC83f1wG5tAx95nM5iVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDYz0DEzjCwwADihB6g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJ4kxNpO6YMkd6H33WlQtE2bEIwnyAFXhGMiUI7dcfVNjZRj0ATDJhVSWfUL5UQnzV07PCnVyX2_dKOLpz3VQrAr1CXppg0tRXE46Ote5KtEy3IC4DvemTX-SF6N9Ti0QsiiFJzw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 22ms
22ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJ4kxNpO6YMkd6H33WlQtE2bEIwnyAFXhGMiUI7dcfVNjZRj0ATDJhVSWfUL5UQnzV07PCnVyX2_dKOLpz3VQrAr1CXppg0tRXE46Ote5KtEy3IC4DvemTX-SF6N9Ti0QsiiFJzw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zn2BXvR6h4WTnIB22URtFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Sep 2024 13:17:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-zn2BXvR6h4WTnIB22URtFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDje7n64jU1gwqG_i5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpYGRnoF5fIEBAIP5LqY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://duckesgame.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 351F 0
0 0ms
0ms Document
text/html 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Sep 2024 13:17:33 GMT
expires: Wed, 04 Sep 2024 13:17:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 48ms
11ms XHR
application/json 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202408290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

6f8a4020113d186aefe6f8b13cbd354f7b3a813a705643dd1ba6a8d46f3a253a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0

GET
H/1.1 200
OK favicon.ico
duckesgame.com/ 4 KB
5 KB 101ms
101ms Other
image/x-icon 129.227.71.46
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://duckesgame.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.227.71.46 Singapore, Singapore, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: e9d20921428ab183fefe393ff123c468e2396ac1fe2d8f681b96e0080b2e0f29

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 04 Sep 2024 13:17:34 GMT
x-oss-request-id: 66D5FB64E9CC4C32304E98E1
Last-Modified: Mon, 08 Jul 2024 03:22:17 GMT
Content-MD5: B3JlBJSEKjBUgU/e/Vv7Xw==
ETag: "0772650494842A3054814FDEFD5BFB5F"
Vary: Accept-Encoding
Content-Type: image/x-icon
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 7950024677105819404
Content-Length: 4286
x-oss-server-time: 34
X-Ser: BC16_SG-singapore-singapore-17-cache-1, BC37_SG-singapore-singapore-17-cache-4

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 17 KB
7 KB 19ms
6ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Sep 2024 13:17:34 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF21 0
0 11ms
11ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 17860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Sep 2024 08:19:54 GMT
expires: Thu, 04 Sep 2025 08:19:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame D1EC 0
0 23ms
13ms Document
text/html 142.251.175.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f147.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EefGPjSdlE1u_SO38M5Pzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EefGPjSdlE1u_SO38M5Pzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Sep 2024 13:17:34 GMT
expires: Wed, 04 Sep 2024 13:17:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012406241625000/ Frame 52B1 196 KB
55 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:29:10 GMT
age: 172104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56144
x-xss-protection: 0
server: sffe
etag: "cc18f0752fb26ed7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:29:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 52B1 15 KB
5 KB 13ms
11ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:44:48 GMT
age: 171166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "a54ee7ef81300879"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:44:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 52B1 95 KB
28 KB 13ms
12ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:21:07 GMT
age: 172587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29004
x-xss-protection: 0
server: sffe
etag: "ed67e306da4f50af"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:21:07 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 52B1 5 KB
2 KB 13ms
12ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:42:00 GMT
age: 171334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "318c9ffc754fdb7f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:42:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012406241625000/v0/ Frame 52B1 40 KB
13 KB 16ms
16ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406241625000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:42:32 GMT
age: 171302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "6b189ee8e91db6e8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:42:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 52B1 18 KB
2 KB 14ms
12ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bf164fd8f85bbe262753bca4167f5baacb295fa1f167e0dfcc43fbf3e21a876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Sep 2024 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Sep 2024 11:37:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Sep 2024 13:17:34 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 52B1 3 KB
0 21ms
12ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 14:25:46 GMT
x-content-type-options: nosniff
server: cafe
age: 82307
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Wed, 04 Sep 2024 14:25:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 52B1 344 B
0 20ms
11ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 11:47:33 GMT
x-content-type-options: nosniff
server: cafe
age: 5400
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 05 Sep 2024 11:47:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4671489891927071081/ Frame 52B1 19 KB
0 27ms
9ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4671489891927071081/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800e965b582276f019a2afaa554fede3bde4b3a824bb35c7abc9a8f1c7e72ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 31 Aug 2024 01:07:02 GMT
x-content-type-options: nosniff
age: 389431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19397
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 22:58:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Aug 2025 01:07:02 GMT

GET
DATA 200
OK truncated
/ Frame 52B1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95ead8b60c536e354de9323abca1fcbebfeaa84f436356dbe1787780239678d8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 52B1
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CUWvu7l3YZqziF9zqz7sPjK2eiQW427bfea78vtGlEquOm9yxQhABIM31335gvwWgAdOb7-YDyAEJ4AIAqAMByAMKqgSGAk_QwjtwjT39eOTb814r3chr_owFmGUKMVZEoDhjYooqiCn6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab7...

0
20 B

6ms
5ms

Image
text/css

142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab73fd6e09b530000000000000000%22,%224%22:%220x16d99b529d73e0250000000000000000%22,%225%22:%220xd2447448129d12ca0000000000000000%22},%22debug_key%22:%228108584302181494484%22,%22debug_reporting%22:true,%22destination%22:%22https://equinix.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221021038035%22],%2222%22:[%22true%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227066748095942798593%22}&andc=true

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5a629936a3e549960000000000000000","2":"0xf54a595c435f80ce0000000000000000","3":"0x60eab73fd6e09b530000000000000000","4":"0x16d99b529d73e0250000000000000000","5":"0xd2447448129d12ca0000000000000000"},"debug_key":"8108584302181494484","debug_reporting":true,"destination":"https://equinix.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1021038035"],"22":["true"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"7066748095942798593"}
server: cafe
content-type: text/css; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Sep 2024 13:17:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Sep 2024 13:17:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5a629936a3e549960000000000000000","2":"0xf54a595c435f80ce0000000000000000","3":"0x60eab73fd6e09b530000000000000000","4":"0x16d99b529d73e0250000000000000000","5":"0xd2447448129d12ca0000000000000000"},"debug_key":"8108584302181494484","debug_reporting":true,"destination":"https://equinix.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1021038035"],"22":["true"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"7066748095942798593"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ Frame 52B1 33 KB
34 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://duckesgame.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 09:44:50 GMT
x-content-type-options: nosniff
age: 99164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 17:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Sep 2025 09:44:50 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032406252034000/ Frame 0C33 196 KB
0 38ms
4ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fcd569dd4b9813aed7b6c2a4ba75d056b56778533d2e2ac37252586dd9126d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:29:36 GMT
age: 172077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56174
x-xss-protection: 0
server: sffe
etag: "b058f907dbf09d06"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:29:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 0C33 15 KB
0 52ms
19ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:29:10 GMT
age: 172103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5219
x-xss-protection: 0
server: sffe
etag: "de79a6048671db85"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:29:10 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 0C33 95 KB
0 48ms
15ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Sep 2024 03:55:27 GMT
age: 120126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29025
x-xss-protection: 0
server: sffe
etag: "16a9579aec57c4a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 03 Sep 2025 03:55:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 0C33 5 KB
0 51ms
18ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:39:55 GMT
age: 171458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1907
x-xss-protection: 0
server: sffe
etag: "b7204740773aee25"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:39:55 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032406252034000/v0/ Frame 0C33 40 KB
0 45ms
12ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032406252034000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 13:21:07 GMT
age: 172586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "c65b00eac3dcf073"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 02 Sep 2025 13:21:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C33 18 KB
0 14ms
12ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bf164fd8f85bbe262753bca4167f5baacb295fa1f167e0dfcc43fbf3e21a876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Sep 2024 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Sep 2024 11:37:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Sep 2024 13:17:34 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0C33 3 KB
0 21ms
12ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 14:25:46 GMT
x-content-type-options: nosniff
server: cafe
age: 82307
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Wed, 04 Sep 2024 14:25:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0C33 344 B
0 20ms
11ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 11:47:33 GMT
x-content-type-options: nosniff
server: cafe
age: 5400
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 05 Sep 2024 11:47:33 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ Frame 0C33 33 KB
0 6ms
5ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Tue, 03 Sep 2024 09:44:50 GMT
x-content-type-options: nosniff
age: 99164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 17:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Sep 2025 09:44:50 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4671489891927071081/ Frame 0C33 19 KB
0 27ms
9ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4671489891927071081/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800e965b582276f019a2afaa554fede3bde4b3a824bb35c7abc9a8f1c7e72ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 31 Aug 2024 01:07:02 GMT
x-content-type-options: nosniff
age: 389431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19397
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 22:58:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Aug 2025 01:07:02 GMT

GET
DATA 200
OK truncated
/ Frame 0C33 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5dae7d4c4f4331c3626e5c6d1b77b2478306f922201a6f11330a37c64be2bf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0C33
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CubSo7l3YZpbNMpvl3LUPnpHekQS427bfea78vtGlEquOm9yxQhABIM31335gvwWgAdOb7-YDyAEJ4AIAqAMByAMKqgSJAk_Q72_wsuLrT9-O4Z_9Hwp7vQoaf4REcpwOekdcA8Kk5Wj4...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab7...

0
20 B

6ms
6ms

Image
text/css

142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5a629936a3e549960000000000000000%22,%222%22:%220xf54a595c435f80ce0000000000000000%22,%223%22:%220x60eab73fd6e09b530000000000000000%22,%224%22:%220x16d99b529d73e0250000000000000000%22,%225%22:%220xd2447448129d12ca0000000000000000%22},%22debug_key%22:%229084432373909523624%22,%22debug_reporting%22:true,%22destination%22:%22https://equinix.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221021038035%22],%2222%22:[%22true%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217582830207565868785%22}&andc=true

Requested by

Host: duckesgame.com
URL: https://duckesgame.com/

Protocol

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 13:17:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5a629936a3e549960000000000000000","2":"0xf54a595c435f80ce0000000000000000","3":"0x60eab73fd6e09b530000000000000000","4":"0x16d99b529d73e0250000000000000000","5":"0xd2447448129d12ca0000000000000000"},"debug_key":"9084432373909523624","debug_reporting":true,"destination":"https://equinix.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1021038035"],"22":["true"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"17582830207565868785"}
server: cafe
content-type: text/css; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Sep 2024 13:17:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Sep 2024 13:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5a629936a3e549960000000000000000","2":"0xf54a595c435f80ce0000000000000000","3":"0x60eab73fd6e09b530000000000000000","4":"0x16d99b529d73e0250000000000000000","5":"0xd2447448129d12ca0000000000000000"},"debug_key":"9084432373909523624","debug_reporting":true,"destination":"https://equinix.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1021038035"],"22":["true"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"17582830207565868785"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 52B1 42 B
65 B 23ms
22ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh0Jm-n0itBicumRljMb4OuXs3wDdosSnnfpeg2nWq6t1Jy3m_RsCHNio8bMxq2hGgAlbK2nZOIMC2PfTjmF4S2PyI8Rt7TC4SvAGboc0WFIIvbD-rpe44m3pW3xBFcaGL58EQ9PEVKNjBgSU3fYBYjt2mX-yAwTSrGw&sai=AMfl-YRtLw12xOozmg8_3o2QTGEOtbrMD2dO5TFjpBGL1HPbSdb4rk2sz647cv1diIEzPpnzVibk_Kk2mBdqVLAbrzNN0gE0WIFynV_4T6D-h05KFluhkB2fTTEC1owrtYspnXhYlgxVqqA17Amp1FcG6g&sig=Cg0ArKJSzHwgOJC-1tYGEAE&cid=CAQSTwDpaXnfchiPNA7Sxm3Ojp6pQaTgfcNWmAaxFuz9T3Lz64Kx82oGQrfTGXmSlhy74JhkFZ3zQm-hNQq-gseIf4IsoTGhbDBg9RsiS77hqfAYAQ&id=ampim&o=500,133&d=600,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=143&tls=1143&g=100&h=100&tt=1143&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://duckesgame.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Sep 2024 13:17:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408290101&jk=2504624949426512&bg=!XV6lXhHNAAakh3bWhIc7ADQBe5WfOEbvSy_-oaq4e0HBf1u8w5i8KWKYXMH9O9qwop9wIRdPeaKMlIjz5hB7PbmHIa42AgAAAFBSAAAAA2gBB34ANn8oAgMEJNS3M6NjiwxHcllLLHxKMZ3JtOHa7GgqQFsH6SBUa5bFqYwCsR0O6MMLjilmGlpfw5kCrGEpaoDLEoZ3ra-Ax7rzjEBoRWlwVSwZFdBbElO7yZMlGqQVw7dQObNBb27hVN1N2IZk9SqJaWz03XzpTPNwHi78yqHBjX1175Fndne0Jj5Id3nZBekIY75vBhOXM5dsArL3VrJ9FZMwXTTKEwIs6q4WHfVE5RMlHA0OwHMCpfdXz0U-qGt2o7_qexwc8jLHoYVxJbHpMaRRMHQywHQ0NE_ZOtAozZta8D80ymRE_5Lziq3J4KuUS7lxVO6R5YQ40b8LGXGfv9RLwQ41Q3QPlry9t4ExwGPZ1a70-Nz01x6WfFA6jVIfxryfcpBk-pky2kTKB2m0_8VjbiY689jKFszMFBNNnyYApcGZHFYRVp1rHfddd3yvdFmDrOWHjIYIESZuLK5_hMWJTsrTXUEDpEfAiPBBM6TEiUOvXmjBKFamcauPfI_KUr_iFKEplQTzUnPZz2BMny6kR0BmvpYBefXFo446X6yC8gKHaBRFa85aiGJX-t_zkZh3ksUvFN9zh6B21vDG-ImxlntE_sPeui_7JTB1_Q6iqy_On9-olHsPldPlsLVyDsNcauhLlX9aK1ZRzY4qYBP_xGKUD5H6vihAgKZPwrlsibmn6wrIDzmABgvHwCmug2lQRovzFziJublBSQGTqIj9ufYb6CS-yyOBV81zV3K4pYYTF5xjqUskXUz2OAYgRk6KGiclj2TH5QQYtDlTs48V42B5Dq4tpBJNuz6DCFQ4XEgyys72y60XPgz87-XYkBltPETAppW7d19M8Rr3g-zKq6oVALld90C06dR1f4lKU61DlyxGO54sle9qGXOnZ3sXIiOBdabnh2wHzQlJmVTh7gMQJSx8n7T-E46U56uFOFxhthEbQS4WAyTdgTuPCK_cvrXN62fLleEzDKpcR3AvCKhfUQ

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.crwdcntrl.net/	1970-01-21 05:46:23	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 05:46:23	Name: _cc_id Value: eb9ff5285be4a8b8643e3d613245acb7
.duckesgame.com/	1970-01-21 05:46:23	Name: _cc_id Value: eb9ff5285be4a8b8643e3d613245acb7
.duckesgame.com/	1970-01-20 23:19:02	Name: panoramaId_expiry Value: 1725542253179
.duckesgame.com/	1970-01-21 01:27:11	Name: _fbp Value: fb.1.1725455853341.259399440247947299
.doubleclick.net/	1970-01-21 08:53:35	Name: IDE Value: AHWqTUk94AerHcGJuM-2FolnYk1JvJRCoAfg85RnrS3Hcna7BeN1CdCY-Xzp9u0nb2o
.googleadservices.com/	1970-01-21 01:27:11	Name: ar_debug Value: 1
.duckesgame.com/	1970-01-21 08:03:11	Name: FCNEC Value: %5B%5B%22AKsRol-2GtRGweGsKOUlF_DDD5hUDxQXSjCZ6ZIeHXlcnFSV8KvWFAIuXeLiQ3hANaQ7uQeZUQ-PYcDx4vop7gWVwzdUvHd5MhLNk4wsOGmvaPuBcIonK9RnoV0-EznSzLbYJEHZSKl2pRXsrvZ1JpLY6gx5O8mPAA%3D%3D%22%5D%5D
.doubleclick.net/	1970-01-20 23:17:36	Name: test_cookie Value: CheckForPermission
.duckesgame.com/	1970-01-21 08:39:11	Name: __gads Value: ID=4b7385d96e1df13b:T=1725455853:RT=1725455853:S=ALNI_MZVA0rFJ4Jrw-F38Vu9OXV308l0cQ
.duckesgame.com/	1970-01-21 08:39:11	Name: __gpi Value: UID=00000eed40b824f1:T=1725455853:RT=1725455853:S=ALNI_MbdW2ITIjIqRsVzIQEz3xE4NmP1GQ
.duckesgame.com/	1970-01-21 03:36:47	Name: __eoi Value: ID=a7dfe7adbda565ce:T=1725455853:RT=1725455853:S=AA-AfjagWWeUriGICT6U1w0jBYFH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

38e9ed11891f062d4f9261ecbf157453.safeframe.googlesyndication.com
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
connect.facebook.net
duckesgame.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
id5-sync.com
invstatic101.creativecdn.com
oa.openxcdn.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googleadservices.com
pagead2.googlesyndication.com
108.157.254.43
129.227.71.46
141.95.98.64
142.250.4.156
142.250.4.157
142.251.175.147
142.251.175.155
142.251.175.156
157.240.7.26
172.253.118.102
172.64.152.89
2404:6800:4003:c01::84
2404:6800:4003:c03::5e
2404:6800:4003:c03::84
2404:6800:4003:c05::5f
2404:6800:4003:c05::65
2404:6800:4003:c05::84
2406:2600:7:100::1
2600:9000:223b:c400:a:e047:754:6941
2606:4700:10::6816:3456
2a03:2880:f10c:83:face:b00c:0:25de
2a04:4e42:200::485
34.102.146.192
34.96.70.87
52.77.193.71
74.125.24.154
05fcd569dd4b9813aed7b6c2a4ba75d056b56778533d2e2ac37252586dd9126d
0c5bccfba75368b6218de019480356cd9b3121a9a3963250a3f88ccd2143cdd6
0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0
0ff35fde1aeec4785d2ebf68ceef4a9c0f5228be81240130a40a49c549e77f4a
12cbf27ef90bcb650d42d52a148eade511950e317a917cfb2cc9f14cf76e87c2
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
1b21b97a7d36616c1fece5725dc60524b733f184a9ef069e563de8fba7088709
21ab402be881d0279ed397ccbba27c3d7205ada19f14f9268df35782c78c888d
26dca3cd2ff32a9934a9fe12f32f973e38263f497e28ef43175d81b78af04be2
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
2862cf7a51a67a8677d65df99f892df834661999074eb0693d5c6fd43ee88e1b
29267cb7605e79356f1a52a99b6f18dd0e3bb282fc07e5f7aad1f75b104d01be
2ee7196be2e783c4f7da21ee9d979e67f0ea4230a617e98b5216c8f6809add20
303b11b561ce85ed8b85beb5159625af293003139b5338f4062b1a7dcbbd8bf9
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
37658a077badd9da9d8aaee56c8d96e1b05f2ef1aefe1c2fdcc9ee69eb088ba6
3a927b0b3f119b4bda52d8b4bfb2608e9947466164334fc610b8917ff59546f1
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
40797e9512d32d38d886d8029479f30a490f213717671a8f53036ad84447c8e2
4c7c493b0accc083fbfa985b9bbc1f5b14bfab9cbfffb1e347a06afa3ddcb16c
4e5dae7d4c4f4331c3626e5c6d1b77b2478306f922201a6f11330a37c64be2bf
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5a721e027bcaa5fe700c67fb28cd21f35518bb8c2613a7110858b9aaa6b88ff0
5de69c859b7e2603521cb8fc49ea042282b1e142ecf21c6a7c52a871ad81a46d
60ebe0f62d2fa767840871b2b07a2915f2b37759f333dce1f79e4fcbcad2a59b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a8ed4d42e2e14d5eeb92b559c0942083d03c633e8aa8d82511b06057b5790c
64d7b8cc2661d003a14ff412990e13d229b670bcb832124b1850ccb518a65d2c
658682fecd5582b9660892a26c25d16d9ac2d1295c1a21e0fff863375d9a891d
6aa381cf95efdc0516603466d886989ddbd2076ff186009e1b3dcd4fc5037c3b
6f8a4020113d186aefe6f8b13cbd354f7b3a813a705643dd1ba6a8d46f3a253a
7330191facb7e2ececc564f92a6e4db89028c010eb1d46114c19615354f02bd1
7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a
7f5d4b156a77c2ccef1cbcd07dd19c28728d2f14dc5804124c642a423c9c417a
7ffa3bc4d31cd7e382c68a1395bb40304a175527da547e996c9b72c703eee830
800e965b582276f019a2afaa554fede3bde4b3a824bb35c7abc9a8f1c7e72ecf
83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001
8f7699a0fd02de79d565fbd5205be070b777b790f028c1fd7e6090e34ed81bda
900bc663b9999e0db72e52831a7cb28a863413135347bcd4fe95475ff3caa964
93d1697ee9f1a843a40e09ef85127252bbd95ff577a44eb06990949cb6ad365b
94683b10c04700e11f907cdf2a69dc9f7c933ca1f9fa7160dc0ea9c997e05da1
95ead8b60c536e354de9323abca1fcbebfeaa84f436356dbe1787780239678d8
9980790416b7080783ce6889174175bf2df3d9a8b67997572e89f54bae290500
9bf164fd8f85bbe262753bca4167f5baacb295fa1f167e0dfcc43fbf3e21a876
a1dc183a1e37c034f6528f4768d7912a229f7f25f9e4ed4ad283d0b1d7630551
a21d45bdfbe11e2d567a3237136e6e36c0318b4f82d57320527cc426df09525d
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aca94170df3e2b1d1cf0e3e3f80e0862b6f1745ea335963e47576399ec9282d7
ae1715fe7dd418abf45c738127bb838bb676147efd65c5edda2eff5cb5bb6615
b3f1e91880b0f4f814aad65c1e35b86c01d049d27ffedbb260bbc03814a5643d
b4ba12d135ae2873c914ce4f10c155211b75a58f0bda7f35fb336506f3a7724e
b4c8aebd79e7ce8e828d9817ffd7d4f19ddbc28a943f419c01839243c2c4870c
b55d38db52666d550c68495b76d6543103b94b3d9c2f2c4501a266ae5d0bcbe7
bdb5fbbf823cdc9431ac0ac26c06d3106dbb27bed5297e1ff8a3da8d72a9bba9
cf3e408e13378dfcd0d77cd12858814dd5e5e1cdb734da8284ad4ec8cdcb1bd3
d31cdcbd1f26e51ec878f8b8094dd27771be8725d6fb3ce8d039aaf23e987867
d59d33acb422b6b49ba32b214b5cd3e5ca595e6fdf62c9687f6931da3711cd72
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dcd01f99e8757f1bbdd1dba34fd3f9b89006c6838f783aa7da1a127ba5e73400
dd892aa6a9dee8669a35b75eb463431081236d353da3fe7852bdd5f8be4bb091
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e491e5c84ab3d7e8402e30118b697a6e3903c64623e749c46a2e92bf6e3d9489
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
e9d20921428ab183fefe393ff123c468e2396ac1fe2d8f681b96e0080b2e0f29
ec4344749a56601ed93f4e2031aab96769b4588b76802c8ce81b2c1dc85e279c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f261c6d819284c896326e0589945e0baae57d70e0f01ed8c50908396d032ec9d
f39469d5a6e8defe3ce4ba4e22208b6e75933e317646da2aaeaea5390cbb5b58
f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435
f88a8f4b5586331cf9016e8fa9daa790beb2a3489a6070f3bf5ccb3a22e43e74
fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be

duckesgame.com Open in urlscan Pro 129.227.71.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

96 %HTTPS

42 %IPv6

19 Domains

25 Subdomains

27 IPs

4 Countries

1197 kBTransfer

3434 kBSize

12 Cookies

0 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

duckesgame.com Open in urlscan Pro
129.227.71.46 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

96 %
HTTPS

42 %
IPv6

19
Domains

25
Subdomains

27
IPs

4
Countries

1197 kB
Transfer

3434 kB
Size

12
Cookies

101 HTTP transactions
3 data transactions