www.ducksters.com Open in urlscan Pro
2606:4700:20::681a:d86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ducksters.com/
Effective URL:
https://www.ducksters.com/
Submission: On December 02 via api (December 2nd 2023, 12:14:18 am UTC) from US — Scanned from DE

Summary HTTP 156 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 23 domains to perform 156 HTTP transactions. The main IP is 2606:4700:20::681a:d86, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ducksters.com. The Cisco Umbrella rank of the primary domain is 48259.
TLS certificate: Issued by E1 on November 21st 2023. Valid for: 3 months.

This is the only time www.ducksters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:462f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:20:... 2606:4700:20::681a:d86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2600:9000:225... 2600:9000:2250:fc00:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4b6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:a000:1a:1459:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2600:9000:211... 2600:9000:211e:3a00:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:211... 2600:9000:211e:9c00:13:7c50:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	54.216.79.244 54.216.79.244	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
156	32

1 2606:4700:20::ac43:462f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ducksters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:d86 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ducksters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2250:fc00:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b6a (United States)

ASN13335 (CLOUDFLARENET, US)

www.kidsafeseal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:a000:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

config.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:211e:3a00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:211e:9c00:13:7c50:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.79.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-79-244.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	296 KB
25	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 5443	265 KB
19	playwire.com config.playwire.com — Cisco Umbrella Rank: 5715 cdn.playwire.com — Cisco Umbrella Rank: 10296	192 KB
14	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139	251 KB
14	ducksters.com 1 redirects www.ducksters.com — Cisco Umbrella Rank: 48259	152 KB
12	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 5509	182 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	106 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614	72 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 487	492 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 653 mb.moatads.com — Cisco Umbrella Rank: 766 px.moatads.com — Cisco Umbrella Rank: 594	44 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	46 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 ssl.google-analytics.com — Cisco Umbrella Rank: 587	17 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	8 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	85 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	277 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2813	465 B
1	kidsafeseal.com www.kidsafeseal.com — Cisco Umbrella Rank: 9500	19 KB
0	gstatic.com Failed csi.gstatic.com Failed
156	23

	Domain	Requested by
25	cdn.intergient.com	www.ducksters.com cdn.intergient.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com www.ducksters.com tpc.googlesyndication.com
17	cdn.playwire.com	cdn.intergient.com cdn.playwire.com
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.ducksters.com 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com www.googletagservices.com
14	www.ducksters.com	1 redirects www.ducksters.com
12	cdn.intergi.com	cdn.intergient.com cdn.intergi.com
7	securepubads.g.doubleclick.net	2 redirects cdn.intergient.com securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
4	www.googleadservices.com
4	31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	secure.cdn.fastclick.net	www.ducksters.com secure.cdn.fastclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
3	imasdk.googleapis.com	cdn.intergi.com cdn.playwire.com imasdk.googleapis.com
3	c.amazon-adsystem.com	cdn.intergient.com c.amazon-adsystem.com
2	s0.2mdn.net	31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com imasdk.googleapis.com
2	ad.doubleclick.net	www.ducksters.com
2	config.playwire.com	cdn.intergient.com cdn.playwire.com
2	cdnjs.cloudflare.com	www.ducksters.com
2	www.googletagmanager.com	www.ducksters.com www.googletagmanager.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ssl.google-analytics.com	cdn.playwire.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	px.moatads.com	www.ducksters.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	www.ducksters.com
1	tags.crwdcntrl.net	www.ducksters.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	mb.moatads.com	z.moatads.com
1	z.moatads.com	cdn.intergient.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.kidsafeseal.com	www.ducksters.com
0	csi.gstatic.com Failed	imasdk.googleapis.com
156	34

This site contains links to these domains. Also see Links.

Domain
www.kidsafeseal.com
www.playwire.com

Subject Issuer	Validity	Valid
www.ducksters.com E1	`2023-11-21` - `2024-02-19`	3 months	crt.sh
cdn.intergient.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
kidsafeseal.com GTS CA 1P5	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.playwire.com Amazon RSA 2048 M02	`2023-02-11` - `2024-03-11`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
cdn.intergi.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.ducksters.com/
Frame ID: 8F2A7D2AED976E962C7CEE9C7D61184B
Requests: 86 HTTP requests in this frame

Frame: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7E475DCAF3CBB0415E6037D85058087A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
Frame ID: CCE8E22D4C8C784FA4A2E83DFAB2A36A
Requests: 16 HTTP requests in this frame

Frame: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A01B66B7CE591B53AD59BEE4BAF9A624
Requests: 10 HTTP requests in this frame

Frame: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06DA75690A1E5312B0AA54EB1759FC26
Requests: 9 HTTP requests in this frame

Frame: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1941E6B45C4B0C6D6450068120C68475
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 75B0ED7067B5F1712D2511844E4ACD17
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi19L7cATAB&v=APEucNVh0-2YAiiiXqsHPPz1K4iOmTcjGHud7Apj5a8pq3rXFjmbmW7MR9lY8-s-cQj_xCfX1gwYAjrJ3XcgY1dqAHD2HgxuYA
Frame ID: 36B5BF76F47F001CF2085F76F854A878
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9DF4054C8C39F8B9373DCE45917D6843
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D30D3563722A27084F64A26347851C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B20B77FE4A62F7E6990A70109A0B8FA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 738DFDFD3250DC591134AEF44F5028AB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: C83ACF3CE4FC366716DDFE73708478B9
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 47D99E066B69395589FDFDC0DAE56446
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 5C9CD3842DFA200184D4531BB6797224
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 0E64369C8604ADB3D77E7CAB5A361FA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ducksters

Page URL History Show full URLs

http://www.ducksters.com/ HTTP 301
https://www.ducksters.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

156
Requests

97 %
HTTPS

69 %
IPv6

23
Domains

34
Subdomains

32
IPs

5
Countries

2465 kB
Transfer

7511 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kidsafeseal.com/certifiedproducts/ducksters.html

Search URL Search Domain Scan URL

URL: https://www.playwire.com/kids-club/
Title: Playwire

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ducksters.com/ HTTP 301
https://www.ducksters.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cje4Q1HZqZb_PPP3n1PIPxsSWgA261LzKdOirjYHmD93s9cKAMBABIK-N0CxglfKLgpgHoAHsjZ7vA8gBAuACAKgDAcgDyQSqBMYCT9DWEbJIthyrAKG4RDHPYXw8nTo5K4bPsHSirzFvSln2JhLQdCR5pgfhHAhNL09yuVLC8FlHzKYU_j6zi5KfoDm2g4cHTSz5561-jXUqsp42dBAMB8HjUl-Z7FoX85qDNhobOSUvKTMIbZY5wxSohrAk0tUhIM9A0m9Naa_3G7qcTLfvJDta1bIBDCOPoQXdxe5w9REerTghViMzoLNMqhmrOPqiFsq-7WPgUyzHSg98ZYKtB_akJFk2xm8P7PajebfMvm8h69_l-xDS2Jds0xARG9q7hbIUd_rmEMYAyAPRQTc2c4gCBf9M65I2PmDMJ59HMkXlGtgvBzJLj-bPBiyQt0pjJHzQC8jb-pU--i-26Q6edJMkVS2eYTRfA8I1hTL_cfEKt7zbxWvZR64mPzv-NDftdPo4wIB95InFpt6JmkIZ1DnABKfKlIj7A-AEAYgF5-TftkCSBQQIBBgBkgUECAUYBKAGAoAH_PHhEKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELiHItIIIAiA4ZBwEAEYHzIC-wI6A4DAEEi9_cE6WMWp7J2874ID8ggbYWR4LXN1YnN5bi03MTkyMDgwMTEwMDM4NjcwmgmDAWh0dHBzOi8vYmlsbGluZ3BsYXRmb3JtLmNvbS96dW9yYS1hbHRlcm5hdGl2ZS1mb3Itc3Vic2NyaXB0aW9uLWJpbGxpbmc_Y3JlYXRpdmU9NTk4ODIwNTk0MDc5JmtleXdvcmQ9Jm1hdGNodHlwZT0mbmV0d29yaz1kJmRldmljZT1jgAoDyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMIwO7snbzvggMV_TNVCB1GogXQ2BMN0BUBmBYBgBcBshceChwIABIUcHViLTM1ODM5NTU1MjkxMTE1MTIYp7Ie&sigh=xDgN7F4g16U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNLgeeniinpNHQmIGQiRXg45tz7tKojcLxO_Ua0AbzyaAMuRngijr7JMgdwScgGDc4FpXYfiRH3VEy2Fl-N64MkKYWBvnYi4Ti6CMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212342480807212992525%22,%22debug_reporting%22:true,%22destination%22:%22https://billingplatform.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221038583532%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210453198381662015937%22}&andc=true

Request Chain 144

https://securepubads.g.doubleclick.net/pagead/adview?ai=CFwZt1HZqZcDPPP3n1PIPxsSWgA2i4fP-YKL63sm6Effn7eOVDhABIK-N0CxglfKLgpgHoAHT8abkA8gBA-ACAKgDAcgDyQSqBMYCT9AVdEfeCVPkT-kiVlppiW6ozLp8GILbGghgxC-UlzqCbSiebpdLpL9gjgepGbWRa9Z1PDpn6BJIao7gL1L_zvCFuhuEzUhUR9VNM0nG8GAnQWTlcZO2ku-DftsRIR3Z1gw_TY-NIJjTc2qVyD6O5jGxLGDAdxjXdEFu_vq3wQAKK64ydAK2zWFMYa8uxh6dG4aPZRJVSYQncrTUzvE_igV7Qn7bizzqMae1-8RQ3ivpEaaf5e78vXM4alB48hSMK_wY2uYG0eY-7YBq3atefn03IpSETTo00Yh-J7snl3mB5HHavvQHUSV3Rnm0to0WfI2WP22PJKBqJkoFMeZ7n1NQf0vW69n0ITZjCqdQrIEvu62adYhcD9H-bjtRR6-f94xDpTYPyd9A23eyDrEpOsIu0RVDNL6582HghNp4pbnL_aNPaEPABOOZ7re7AeAEAYgFn9SeqgOSBQQIBBgBkgUECAUYBKAGA4AHlY7ZG6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEP6lGdIIIAiA4ZBwEAEYHzIC-wI6A4DAEEi9_cE6WMWp7J2874ID8ggbYWR4LXN1YnN5bi03MTkyMDgwMTEwMDM4NjcwmgkwaHR0cHM6Ly93d3cuQWRhcHRlZE1pbmQuY29tL01hdGgtV29ya3NoZWV0cy5odG1sgAoDyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMIwe7snbzvggMV_TNVCB1GogXQ2BMM0BUBmBYBgBcBshceChwIABIUcHViLTM1ODM5NTU1MjkxMTE1MTIYp7Ie&sigh=AVK6vs8AQv8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNLgeeniinpNHQmIGQiRXg45tz7tKojcLxO_Ua0AbzyaAMuRngijr7JMgdwScgGDc4FpXYfiRH3VEy2Fl-N64MkKYWBvnYi4Ti6CMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221538230106046157122%22,%22debug_reporting%22:true,%22destination%22:%22https://adaptedmind.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221015658707%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213642149936893353409%22}&andc=true

156 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ducksters.com/
Redirect Chain

http://www.ducksters.com/
https://www.ducksters.com/

19 KB
6 KB

35ms
16ms

Document
text/html

2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdac126afd2895b5843c2caff0af6b6cc968436af94d512c0f5eab2e5c4c34df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 327411
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 82ef5e508918085d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 00:14:12 GMT
expires: Thu, 28 Dec 2023 05:17:21 GMT
last-modified: Tue, 28 Nov 2023 05:17:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2V0S6QO2VmyQns%2B3lSBapGhvWnrnqDFA5YbOWRHaSXBh43W323m48MaNGl243sdKbBRusQEH1V523r9V7qiYrjV7eEDJtNnzFagIvOlf4Y8BRGEvGyI431HUZgJbGwrQIv1tml8TGc7I5W1tFSA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 82ef5e504a3965a6-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 02 Dec 2023 00:14:12 GMT
Expires: Sat, 02 Dec 2023 01:14:12 GMT
Location: https://www.ducksters.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxfeX6xDuc7g5mavh3klnGJvjerCFsmq69wmQuLjvmsudSeIljbT3mr%2FDqJwWrZY%2FBj8v1LcN9W19cRfqZYdlTrhJfGeQa1fxL2m2V9OOcxfSv%2BQRSfKc06tErzVbpQR2Dg248D0%2Ft2qPih%2FMiAb"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 ramp_config.js Show response
cdn.intergient.com/1015702/62069/ 52 KB
4 KB 59ms
9ms Script
application/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/1015702/62069/ramp_config.js
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 370881318025c7cc42fb6841044a57614ddcb0cd0fd72f98af568c86b30b9527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:05:34 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
age: 61718
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: 733u8tvXy3MYr7AJ-xkI9BxU-1W_15ZtoYinOA4XnbcBb3ssHIdweg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 65ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K9B1TMX9Y2

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9bad53dab4e1a4b0d5708ffc6de1faa178cc8770b4a004b2a01ea725ce7b7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86175
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 00:14:12 GMT

GET
H2 200 jquery-1.10.1.min.js Show response
www.ducksters.com/ 91 KB
33 KB 18ms
17ms Script
text/javascript 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/jquery-1.10.1.min.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2017 00:44:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 76886
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0yAxav8GQoVMFVaH9CP%2BZE%2FlZTNAQEiq%2BVgH9gn6%2FHs95KBEv8whKD2m45A0GcK5K78mGdvHdS8saYfgW5EdC3vctN%2B0YGNTPZ7B175N5XuvTIPp5hd5cHc9cnqLOsTpThxkJXIeyyTA22Am54j"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 82ef5e50a924085d-FRA
expires: Sun, 31 Dec 2023 02:52:46 GMT

GET
H2 200 jquery.sticky-kit.js Show response
www.ducksters.com/ 3 KB
2 KB 16ms
15ms Script
text/javascript 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/jquery.sticky-kit.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

881a8e16a9aa3dde622ecdb17620b378a6f5bfb67609d79a63cd610d6f14a1b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2017 00:54:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65125
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmQ%2BJ2eJ9jJxF0RvYKwRN%2ByOTcTP1Bk9pD9XpFcYVo1DcOUNb4saWpuvT%2BNWqwCxNnR%2Ba7Pel6QffDgKEiXZfhvWwzdSW20s6B%2B%2BFWC%2FEC5y6JYSUFZBFm6xuV15NM4X9IfqIUxWqntVstNyKrvz"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 82ef5e50a925085d-FRA
expires: Sun, 31 Dec 2023 06:08:47 GMT

GET
H2 200 sticky4.js Show response
www.ducksters.com/ 2 KB
973 B 15ms
14ms Script
text/javascript 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/sticky4.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d1d2e6843d61701d00bc1081fdc466940c2f596885124bba67d21a6006d9e68

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 May 2017 15:21:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 317093
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpNWgbBXKMeEL1Fq8lVlgeF5BN7lbWF7jDT4pQL2Ric4SVlv4JD%2FBiN0BMBBXbmGu7fMj64bJd1FbkOM1uB%2F1%2FhCMF%2FzU%2B3Z%2BgEV8XVSPt%2FrJ%2BhlFgl0JNrkaZcNEz9Nz0Mv1Ujt7yJgFWDWhIRc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 82ef5e50a926085d-FRA
expires: Thu, 28 Dec 2023 08:09:18 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 34ms
13ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 319751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKvslQj8GKwsaBpTXd%2Bt1buEidyv5nnSUspVirK%2BAJZ9nCQtq7wEFpLdH0fVyUHkKvx4kM2CIixU7TiY9Z%2Bzh5OhpDduQAN49LDBsYOSjZ6JUwOZK7nHO%2B1F09aTNlJXp3TiRxPVQGJwy%2BQmP7akqZN6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ef5e50cdb56abb-FRA
expires: Thu, 21 Nov 2024 00:14:12 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 38ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 161303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBAaEWAzpINR6bMZv3%2BhQe1MuEN50K613oJzIk22Hd1HI4HHscZfJBziCApKIK18yEQidgyIR3Pd2JNo3xHdEvxz2VPZvMU3IYs2TXAoUkPmfrHF%2BuBNVuap%2F4dS6TYoaAE3wHlOMvDm8FJdKSNRy%2B4D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ef5e50cdb76abb-FRA
expires: Thu, 21 Nov 2024 00:14:12 GMT

GET
H2 200 header.gif
www.ducksters.com/graphics/ 35 KB
36 KB 20ms
19ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/header.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 19:51:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2070654
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FXBAKDZTtSponuPZJCPgds8YApKGLVUlWJU%2Bfjqf%2B3K7OuHH3cefLvCsLB8AoQaCo%2FYVbhrITwOPQ5l587WXeWiT66viCU3E7DPmdF2FP%2BY7%2Ftqa0N8IIs0hG7p7VIDnjLk0mNFOFY6egwoVZRN"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50a927085d-FRA
content-length: 36185
expires: Thu, 07 Nov 2024 01:03:18 GMT

GET
H2 200 mobile.gif
www.ducksters.com/graphics/ 6 KB
6 KB 17ms
16ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/mobile.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 19:51:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1711051
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRWPpgKSoW2wa7Vr5m%2F00u7RAVeiM7I45XLomUWTabiJBJS7ir%2Fz5bfLmuYpNUr%2FuovOzKxNhZzEc%2F2wcZBHydcFcSwEZQdC7UNBG9nrab%2BjS8scUsM2Lf3mXyu%2FIDsp5yhOG2z%2BEVfddDcBKudo"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50a928085d-FRA
content-length: 5904
expires: Mon, 11 Nov 2024 04:56:41 GMT

GET
H2 200 home_duck_history.gif
www.ducksters.com/graphics/ 8 KB
9 KB 18ms
16ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_history.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5533851b7d67db230189fe9c85796763ee84ac2ff6f9e60c8849a036fcda9040

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147029
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUj4y5R%2BspbmkvzT3qbzJ3HABPrnWxOAh6VwAujl%2FkXAn9wtSrp2sM84S0lWnU9wMFqB8KTV1SY%2FOrVl4rSDjoSEQKiiPsHb7MyF84CNIS0B4UKI38yHTSBJzEeoTV8iUSkXMDcUySHGgLeAz7ri"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50c935085d-FRA
content-length: 8382
expires: Fri, 29 Nov 2024 07:23:43 GMT

GET
H2 200 home_duck_bio.gif
www.ducksters.com/graphics/ 10 KB
10 KB 13ms
13ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_bio.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edac2e92c551951830e96916a9e5b3c5fe48237eb6436ae85fbefd037a766c46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 225311
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHIAvKxoMC%2BMeZheetUU9Wdyr8MnJk9D6Pw%2BC7Pv9d7heZ7NOJrGDE7HeZNpkQcRXGuMcEnlZMRiCaLmEa1t075yQeSqyDj3JHFzi87ewcoOrgIVBg79ZyGohDE8gbtAKRAxdcx2JlNfGeF%2BKEOQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50d93d085d-FRA
content-length: 10205
expires: Thu, 28 Nov 2024 09:39:01 GMT

GET
H2 200 home_duck_science.gif
www.ducksters.com/graphics/ 8 KB
8 KB 13ms
13ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_science.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96cc38cfeb78e902e483c17f9ac04f2952a82686542d146a45136421efc7576f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 225311
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncFIDdLvHbiJmPfOKPKhEIwObG95aGcLGQXA08cwpBicEP9yBWGqyEdGomtr9%2FYbmnVQvJILwNrG%2B8yirArItyDSJuw2umclZm5mMlotXGwqzUKEAHztcc1ctWLkmeE7qiS00022vN0bamOylCI2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50e944085d-FRA
content-length: 7722
expires: Thu, 28 Nov 2024 09:39:01 GMT

GET
H2 200 home_duck_games.gif
www.ducksters.com/graphics/ 11 KB
11 KB 16ms
16ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_games.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c954a339be44695196534585eaf26e52abd608f43fd6ba1a271a3a800fcc83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Feb 2017 00:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147029
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z96nanqMq4ua7vxaI9H21h1p3C1goBsEpwaOO%2FQp1BgI4eHuqnaX9kncM7gQFWVySxqYJJpNeX9p%2BZU7xlm83ZFmFqJAi2%2FM0kA9XiG9u4ill2JoVsU7vH%2BD0o0qBim7%2Btf05LMCLKoLx%2Ff6b11h"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50e948085d-FRA
content-length: 11165
expires: Fri, 29 Nov 2024 07:23:43 GMT

GET
H2 200 home_duck_geography.gif
www.ducksters.com/graphics/ 8 KB
8 KB 15ms
15ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_geography.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cc0025a2b90907913a2586cfc6832fe0da221a7ec01421b69a192a3d4aaed0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 225311
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwxAxeZM88jJHnYrBfobzeHJJXi%2FCIHdexFIcU1umOiz6dhFzzG86ovLTEDcyJh%2Bcshxlbqh9AfvNEe8XSsuOBE3NVgs4XDrTV4ejQWm73jGGXZRXa6EauEckty1EkN2u%2BEKWx2nbeSiJvtBbla7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50e949085d-FRA
content-length: 7746
expires: Thu, 28 Nov 2024 09:39:01 GMT

GET
H2 200 home_duck_fun.gif
www.ducksters.com/graphics/ 12 KB
12 KB 14ms
14ms Image
image/gif 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_fun.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c153290495ae00c5254a0ac46197a5c26f141da5ea4c974876b06bf04141284

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542827
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy7e4SUbPvTAZXIKZHQiLy9e6tRGWF8o8PZdfy8ophm2J4CzpgcRONFjXoQ%2FQf0QoIU5S9OXWEfRx3duiWHkBqRG4vlTRo6ObSUL494qReqNt17jmM3ja96OsfDgsuMlvshpHL25WtlptaUM3NZW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50e94a085d-FRA
content-length: 11928
expires: Sun, 24 Nov 2024 17:27:05 GMT

GET
H2 200 ducksters_large_darktm.png
www.kidsafeseal.com/sealimage/19800482453259065/ 19 KB
19 KB 538ms
500ms Image
image/png 2606:4700:20::ac43:4b6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidsafeseal.com/sealimage/19800482453259065/ducksters_large_darktm.png
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3202be6a3814ed585b6e36a13b88b2aa5f56c8f8939acd95d2306b9dbe1091a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Nov 2023 17:26:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdLIbXwy52vTaujAdGKE4YQTWzOBpS0wqdPYLAJ6NlnFGi%2FmP2fZRTsCXILGr7JEDswYSYNDsn4JhtlW0LZbLCEx2rictir6AynfTFv2RVH2yBTmNn8JzOSWli1iWKcdaBxujd4KTPeWZPA0mPfFNuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef5e5128b71952-FRA
content-length: 19007

GET
H2 200 kids_club1.png
www.ducksters.com/ 10 KB
10 KB 17ms
17ms Image
image/png 2606:4700:20::681a:d86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/kids_club1.png

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60388748b4d1d9dcb193c8f537c293afbd480bc278520224c49e48bd06a425f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
cf-cache-status: HIT
last-modified: Sat, 14 May 2016 15:30:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 317093
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7ulv7KhxKLXSXV01qwibgF66GMwoSVBbPElYBLevj74Ka6%2BNrLUJFRMsemug7qkf1JV%2BVG0gQU3a7vsHxCuG3f2Urld38oyajNxd7SRrQwxNPp%2FLdjKW7V1Sns0NsiEMdcRRhheVGnSLPe6QKPI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82ef5e50e94b085d-FRA
content-length: 10143
expires: Wed, 27 Nov 2024 08:09:19 GMT

GET
H2 200 ramp_core.js Show response
cdn.intergient.com/ 2 KB
1 KB 29ms
20ms Script
application/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp_core.js
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 91608054a92aff37dd57eecfd3d86bb623eb16cea563bcbd0161aa08b98d4521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-lambda-function: us-east-1.pageos_production:292
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: Azp2L-dPWKB4JtC6INWsX6BpqIg3wiMniNj3v4cqfakzDu-5pwsoSg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 102ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergient.com
URL: https://cdn.intergient.com/1015702/62069/ramp_config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d047af20022ae73efe124f18cd92f3a8303934dae9be630a40388d9b0d3e926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29997
x-xss-protection: 0
server: cafe
etag: 837 / 19693 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:14:12 GMT

GET
H2 200 pageos.js Show response
cdn.intergient.com/pageos/1.10.25/ 1 KB
863 B 7ms
7ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9d828b4b29ad6ce4b1a489ba706f397d87bf8279db5f32368caad3d1422f437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:45 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60148
etag: W/"bb3e6328388e8150716fd2ad8b72a7c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: z80AmHGAzFsUzKZv6YJyVv-W-ZpvUAk0bWTqQtoqjv0wvtT-JkMlTA==

GET
H2 200 runtime.3d510f83d5ac4f7b7a59.js Show response
cdn.intergient.com/pageos/1.10.25/ 3 KB
2 KB 10ms
7ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b213e3e30110feba6f0b6b17101364970c8f343a6de32413128e0592690660a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"4468e6b3ebfe7271d1fc68ddd182bd77"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: tpWlbd_sKef_8Zca50oA4x0Ededu7z8deH_j0r8Y4K5qYzd-Y9tKww==

GET
H2 200 npm.babel.931f47f9f962263dd357.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 12 KB
4 KB 10ms
8ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.babel.931f47f9f962263dd357.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5b7159b991308f2fd94f48ad5974b3706a59621c213dee55f87512f8ea48075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"f5c35176b6b2c3f8855694cc611d2cd1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: tll97arHYcmyVSzG36n-rUuZQ0pvkqNx5HM2BDUFZ42h6otql_3aLw==

GET
H2 200 npm.core-js.117e0ab6d8f5b9d34ba3.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 16 KB
6 KB 13ms
11ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.core-js.117e0ab6d8f5b9d34ba3.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f4b36034f6579da123046b67d4d27d0037ae9bf220aa9a1c68a853ffc62d624

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"d93d7ad9d54ce4dfac0620bf650e6439"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 1HQZ2x_U6d9vURGfaxXwrjzCybPrmXNJCeT3qnd_sIeINvD8fgOgrQ==

GET
H2 200 npm.node-forge.1da8e219198d7508b389.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 274 KB
66 KB 13ms
11ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.node-forge.1da8e219198d7508b389.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a9dac2cd4f474abcbc8cf5b09851add3cc839545bf015e718ebb3a7e74266a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"07aa458cdfef8c93152436e3cbca6b52"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: goyXI6jL2ldIp7vEXiz1hnxf3i-_ezQHD8CaNLCQMLyoZvp9RPWorg==

GET
H2 200 npm.lodash.53693ece8687496b1b3b.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 3 KB
2 KB 20ms
19ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.lodash.53693ece8687496b1b3b.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75691728a1c9acf8b840fd1fd028809b9d08cd068c43f75221dd6651e2e39090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"a906b2362946a4d0157c37c0b5ea6558"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: X23AjntTHBcSj6-BP0Ggc8kGYks2Sdyj7qIgkV-rQnGcH9uw21FVbA==

GET
H2 200 npm.tldts-core.49dcd4988d4852a55563.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 4 KB
2 KB 21ms
19ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.tldts-core.49dcd4988d4852a55563.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d4fa518c70ea18943468b4f5093e6df5cbcc2307cd4efb0dcae6dded5963ec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"0c0f667d012055f06128ec3cfa173b75"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: S3Rrfp_HRrT6Q2OnNPN5eK0FuUX2gPYrShA3SIrFL3KLZJWcPYxDxw==

GET
H2 200 npm.uuid.1ed3e6e8fd2e9ed632ca.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 1 KB
988 B 22ms
20ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.uuid.1ed3e6e8fd2e9ed632ca.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61791124e32c348e2d914fdc3d400225de1f0f9d2a741bb53ec7c065468dcfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"8a1fe01817afc854527392c0c9b2b702"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: dq2W5fbG7wdAwXT3Kd1vmc9Ae3hFULAVIMixw38p6K7NZ1PrlnLYGQ==

GET
H2 200 npm.tldts.58df92d35064febc5180.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 100 KB
38 KB 23ms
21ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.tldts.58df92d35064febc5180.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c539feb89b124bb756d1bda6c27dc28abb04130d766b5645b1ca3234f4d327f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:47 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60146
etag: W/"e05bf1768d0afb5465c7c4bd50dd38ce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: bf8-KVkKOGNtaIdQr-bKB7F3j6pzfJK4PL6dmZjtN2C8iO0WPM3uxQ==

GET
H2 200 npm.ua-parser-js.69879e68322e7080931d.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 15 KB
7 KB 27ms
26ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.ua-parser-js.69879e68322e7080931d.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 804eba2d87e0f54467ba39b62d79252b853e91fd430ca8f142834784bf8a8154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:48 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60145
etag: W/"a117a41826c48e23be2f6b3fec5d9210"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 14Fb0bkuAnYnLOlytNUDrC9EiBg3E7KVOFId5x1OB_PQdBQv2EwbKQ==

GET
H2 200 npm.intersection-observer.bf965418c2b103f16084.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 9 KB
3 KB 28ms
27ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.intersection-observer.bf965418c2b103f16084.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c64b4231b22e466a3938f937fa9ba0a0a747adafcea4f07a0814a81a4e5b1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:48 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60145
etag: W/"adb426bc30848f4dd346794392d03c80"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: D-WRH1jdWMNKVj13f2o4ZJAKqehrUK1tivSiShGMFJVGGc3YlZGZZQ==

GET
H2 200 npm.ieee754.7aca64a358fb19dfd85f.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 1 KB
997 B 29ms
28ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.ieee754.7aca64a358fb19dfd85f.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bd0d458b6232554bbf560c1faf1215de00eff3b07d32af68b40ec202464f914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:48 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60145
etag: W/"aaf9244ea6938209edd5ef07176342b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: aak0XhsVJ7-BFFPRwxZboSMgk9XPPYxvW4BSOmMVFiZA5Ce1KKaxzw==

GET
H2 200 npm.buffer.54731ebfae6a175b7898.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 20 KB
6 KB 30ms
29ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.buffer.54731ebfae6a175b7898.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d907657f7138e28542d27bd08c28d794d4d82fbbf13f34ab3ccaea61f84fe4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:48 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60145
etag: W/"8847c6637db006b5db32da6899f440ef"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Ks9ucdhWH5W9irGYTjfJIQG8bD8PZy-IFfKWBmpwzThqdvS7ZTayeQ==

GET
H2 200 npm.base64-js.e1a1780355e1cff93d81.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 1 KB
1 KB 31ms
30ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.base64-js.e1a1780355e1cff93d81.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58111e9341b58618f475848342ae62c313b3d729952a373778d940fdc97f9c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:48 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60145
etag: W/"5dd07f52d5fa24a3bdbe81d5040fa382"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: yCoiUkvWdBncGju-XT0gGDiiwYmmQHHP9g8O5UAg1gmIKlULZ982Bw==

GET
H2 200 main.279415f0efd26d6bd5ea.js Show response
cdn.intergient.com/pageos/1.10.25/ 146 KB
39 KB 32ms
31ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/main.279415f0efd26d6bd5ea.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/pageos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4715a2b6fd3a511874e63bd8b27102f2fe816b2cd7f55d183cd21947f7c0426c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:48 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60145
etag: W/"07adbe61d0a61997e864722ebd5803a2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: J-hNF-b4Zkbd6sG-D64PAcWTBmX973Z-axiOawFi0P55jnaE1owuEw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 44ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K9B1TMX9Y2&gtm=45je3bt0v893517466&_p=1701476052596&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=933760254.1701476053&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1701476052&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducksters.com%2F&dt=Ducksters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=211
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9B1TMX9Y2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:14:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducksters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 destination
www.googletagmanager.com/gtag/ 0
0 22ms
22ms Script
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/destination?id=G-T3PGLXYKK9&l=dataLayer&cx=c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9B1TMX9Y2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 videoCard.e9a12be02bf0a5088f3e.js Show response
cdn.intergient.com/pageos/1.10.25/ 554 B
934 B 7ms
7ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/videoCard.e9a12be02bf0a5088f3e.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:34:21 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 59992
etag: "ce3cc474e63b7f656de18953fb710c43"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 554
x-amz-cf-id: Zmv4KZUQJqeQ391_H4qMPHAQHgn0CbhcIEb-NZqq7DWMfYSJ18byZA==

GET
H2 200 batchHandler.2df46c486d723860096e.js Show response
cdn.intergient.com/pageos/1.10.25/ 3 KB
2 KB 8ms
8ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/batchHandler.2df46c486d723860096e.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e44bb0945f31eba7a6d9b3bfceddf8601f0f590278bf4fbb5c6b5968648c4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:52 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60141
etag: W/"3a21b9b20d44f8fbd198ec3c39cafff9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: j861cHhCbKDtxsnv2xfYJOYkNMyqSd6emkpiD6VkTwzRN0BYndPTSA==

GET
H2 200 styles.css
config.playwire.com/1015702/v2/websites/62069/ 147 B
843 B 53ms
8ms Stylesheet
text/css 2600:9000:223c:a000:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1015702/v2/websites/62069/styles.css
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/main.279415f0efd26d6bd5ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a000:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 529ba4d0899075bbfd92737613d899d808273f28774fcc7b870d52337b19833d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:54:43 GMT
via: 1.1 vegur, 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: Cowboy
x-amz-cf-pop: FRA56-P2
age: 58769
vary: Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701417283&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=lqJ4wmdJVcllcCq5tk5o%2FCQ7jlxh%2BGwTz%2BrU3LrgCWE%3D"}]}
content-type: text/css
x-cache: Hit from cloudfront
cache-control: public, max-age=86400
content-length: 147
x-amz-cf-id: KCSQRi1gNeo0vsSON-sMQj6N637ja_cDKQN2HAFLBG0hlKHpxgdHgQ==
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701417283&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=lqJ4wmdJVcllcCq5tk5o%2FCQ7jlxh%2BGwTz%2BrU3LrgCWE%3D

GET
H2 200 npm.iabtcf.641c3893e895498ca960.js Show response
cdn.intergient.com/pageos/1.10.25/vendor/ 49 KB
11 KB 7ms
7ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/vendor/npm.iabtcf.641c3893e895498ca960.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 770d5e99c42f98eb538710734b35c308f14c7a1861a5759e65b9972b04cd8006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:52 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60141
etag: W/"c597c3cbadf97372a25001799630dd87"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: q1hPxHf_BPa-JiE5LgpctLL0ob4Gm8scvTK2ZbWTi2lip74VIbMCVg==

GET
H2 200 gdpr.0eedc7ab37974c0643d9.js Show response
cdn.intergient.com/pageos/1.10.25/ 8 KB
3 KB 8ms
8ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/gdpr.0eedc7ab37974c0643d9.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2dc5a4482e04cc1d4c6167a0537eda2962541b14e404bb8e220ea90d5722e2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:52 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60141
etag: W/"cfb3ea646a5e1850b973d8fc50ab59b1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: h5L-lHeD20yP6QZZG7iXTKy2VnyATnSkvQk6AqLSbki8fkyMsi1pzA==

GET
H2 200 nielsen.d2ea0d333dd6c1f47d23.js Show response
cdn.intergient.com/pageos/1.10.25/ 2 KB
1 KB 8ms
8ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/nielsen.d2ea0d333dd6c1f47d23.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:52 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60141
etag: W/"70341af160996aa15aad5fcd74fdda2a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: qj4_E3z8JMpOHVsVNhW-1KHDp4AYJZYAGG3XDd77EdZwwxZU3Qtp0A==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 115 KB
43 KB 26ms
7ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/main.279415f0efd26d6bd5ea.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 98f79f74356f95916c125ace9cad55f007cf719bb7d7e55d0e0af4f221ed3a95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:16:29 GMT
server: AmazonS3
x-amz-request-id: 109YE8GSRGFC006P
etag: "6c4871e8ce6c48078e69af98b35cccee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43890
accept-ranges: bytes
content-length: 43699
x-amz-id-2: cm6/j/6IExdKSREoXsirNognkmMy0UU6V0j+c2NDZhJn5xHAOVdQr/LkZF4KG7NgcjgIakmxk28=

GET
H2 200 392.0dca8d686b62772b8ddf.js Show response
cdn.intergient.com/pageos/1.10.25/ 9 KB
2 KB 8ms
8ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/392.0dca8d686b62772b8ddf.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d51a0d59102580d344430382426c071607c31f319b4753d4c0730761cd28c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:55 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60138
etag: W/"fc23f3dfa21f08c491aa3ca0581db846"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: MvlwZTKJ_ilicQA_WftuDSkP-kx3ip3EuVadNWHoOhm7RIlxE0RafQ==

GET
H2 200 trendiVideo.41daec918e4597aebad5.js Show response
cdn.intergient.com/pageos/1.10.25/ 9 KB
3 KB 9ms
9ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.25/trendiVideo.41daec918e4597aebad5.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/runtime.3d510f83d5ac4f7b7a59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 880464ae5d58c4cb731e9f2dafc9a10f861c173a5735dbf29823a0792cf1cbd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:48 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:26:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60145
etag: W/"d94f270e94a373fc4593e4a9f6896680"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: Ph5g-8VJbAqqXhOgr5XOrfx9PGdAnHbiFzJNWIi_Erp7rDc3w-Bz5g==

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/releases/4.8.19/ 930 B
1 KB 64ms
8ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/main.279415f0efd26d6bd5ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e862432d222866339214f1d7f2b02c45ed4f934661834953f4a880f60e59102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:05 GMT
x-amz-version-id: 0qmWKDtll8dNXXDGFHmO_n.RpB3GdlwI
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 204488
etag: "c29b9a21b7dd8fb16e3eddfd9a0dac53"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 930
x-amz-cf-id: gaxmjHKtKmIu1PHAUrc6KUV9LJ_lV0qki9tXwliwFewBpeyMr1WUWg==

GET
H2 200 aws-sdk-kinesis.min.js.br Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
57 KB 7ms
7ms Script
text/javascript 2600:9000:2250:fc00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/batchHandler.2df46c486d723860096e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:28:30 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 19:02:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 60343
etag: "575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 57858
x-amz-cf-id: LJSWpx5lxi-ZA8Epel9TE148rmiyWvB0LogUt4CaBZkGTFXmcCc00Q==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29792
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Nov 2024 15:57:40 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 41ms
8ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/main.279415f0efd26d6bd5ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:41:37 GMT
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1956
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: fhIyFjwgi6ioF5K6uSCnO0vA6K7I2PGin_k1A3ucy30xUL--pbHtmQ==

GET
H2 200 embed.js Show response
cdn.playwire.com/bolt/js/zeus/ 14 KB
5 KB 85ms
33ms Script
application/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/trendiVideo.41daec918e4597aebad5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6a2141d2b7377ef0e41592e3233d0e3da0fb9635fabf141332fad300a07b8fee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: br
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: yBBw7xOtdA8Hq2b149AUU1gYunZaOBTc5NufHbOUu1Xh-hZ59oiRRA==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 241 B
419 B 106ms
48ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MwJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPu8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-YEPg5sLyVy50og%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.ducksters.com%2F&pcode=playwireprebidheader597261727146&rx=142824063657&callback=MoatNadoAllJsonpRequest_16941600
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 38c697355f121064eefa09b87c526097c58d6fcb6792178686293e00c6afb6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
server: istio-envoy
etag: "6da58c404e696c95d3cbdd28cf2503b6f37a2ea4"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 24
timing-allow-origin: *
content-length: 241

GET
H2 200 runtime.fbedadc651f08933662d.js Show response
cdn.intergi.com/hera/releases/4.8.19/ 3 KB
2 KB 9ms
8ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/runtime.fbedadc651f08933662d.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 913e29db5e896f547b0e3d77360fc831ac70bf67656e14e3b8e9eb7d9907dd41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: PgG1c0AwEs_X6eQ_l.z19KiMfo5Foq0U
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:53 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"0949b9dcb301fcd6c4d50009a93152c8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204487
x-amz-cf-id: VHYoNv__OZZmc95HK6nMpJu5crBi72prttrrtsqnRiWErLPZs-SrDA==

GET
H2 200 npm.core-js.0febe481e216d32cc862.js Show response
cdn.intergi.com/hera/releases/4.8.19/vendor/ 40 KB
15 KB 10ms
9ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/vendor/npm.core-js.0febe481e216d32cc862.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d150a2f5a244e0ae65f42f6d7d9f60c8ba403524b0f398fcae2984e0c606d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: icP_Ryeai2U86CA4TqNbLLyLj1FlnHk.
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:54 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"a290cc5d3b6fa9fd7d9ddcde337cad1d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204487
x-amz-cf-id: 6cwhSkN0tDjwXvSf1SJc93DVPjnr6W4jQCb1qPSOxjcq0MoMK5r-Qw==

GET
H2 200 npm.babel.710695bfdff5d3f32c7c.js Show response
cdn.intergi.com/hera/releases/4.8.19/vendor/ 9 KB
4 KB 11ms
9ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/vendor/npm.babel.710695bfdff5d3f32c7c.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8c69eade84d852ca05c160dd196bf2f8ce92082e81eb4182f6ee76fbcd12cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: TWcg1pZTwfZkgePqANsKuOYLBYp.r6mx
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:54 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"fa4730175a98f5d8dfcead93ebdeeb5b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204487
x-amz-cf-id: P5HPdwnsIeDhH3--HDoBtm8XoqNlekQDJU1mZZ6vAriuXS8L0jX7zw==

GET
H2 200 npm.lodash.4f9a9c517903a550f8ca.js Show response
cdn.intergi.com/hera/releases/4.8.19/vendor/ 3 KB
2 KB 11ms
10ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/vendor/npm.lodash.4f9a9c517903a550f8ca.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff535025543261ff945ed6ef924a7fa83ab5d8c45d5ecda5443f0e41ba376651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: TrbciTRB8_Qb22q3n8q7XabLlLBho19k
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:54 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"b06b9cf7e43cb99c4e91e088aef6e120"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204487
x-amz-cf-id: eO5rG7_0nJnPvWl-Ae2lm0p0-KTJzpL_FQIoWxKikLJYnkyEbJTLtw==

GET
H2 200 npm.intersection-observer.8a75150af1963d7509be.js Show response
cdn.intergi.com/hera/releases/4.8.19/vendor/ 9 KB
3 KB 12ms
11ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/vendor/npm.intersection-observer.8a75150af1963d7509be.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6802e8a7ef65daf42c9cbaedb523345b796d33754e13f336d5e8e26ef75069e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: Vqm5Rr1fUkkN5THDiaAXfuAPmDVb_cgI
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:54 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"ab837a362b73121a34607781a8dbb5f4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204487
x-amz-cf-id: QQj3z5hbLGXBaf0TZ3rJT5xUfdRWmBgNsRd0e3ouGTbRHf5a21SERA==

GET
H2 200 635.77549019adbd2a9c886a.js Show response
cdn.intergi.com/hera/releases/4.8.19/ 1 KB
1 KB 12ms
12ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/635.77549019adbd2a9c886a.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b24b986f8a5332274f4088dfcc3b5c309f78a0e104d908ca425e7bba73fecc38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: iX1mab0zlgOl9NKo9Cm3MCF8yf_uHzaI
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:53 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"17c5dcc859da46289077ffde25c84de4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204487
x-amz-cf-id: 3lfAIrnbItdbtOeXzlYRyRqQKPjPRyaKVfDK2EFmfWAIz3RWSmzrqQ==

GET
H2 200 main.2396b076f5a898e8838d.js Show response
cdn.intergi.com/hera/releases/4.8.19/ 168 KB
43 KB 16ms
15ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/main.2396b076f5a898e8838d.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d391164645cf881414af4151458392f5563f460bbf9eb88d731fd3010ada4219

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: iS88r.QiUR3H3TJ_mEKEhOdERgaKXDOo
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:53 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"2f49969db990ebd7e9cbc80a27956b58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204487
x-amz-cf-id: n9ql7pXLZrbCG_pl9_X1MtyVqEktbv6O2bVDiQYgSbzP2s1tVx1buQ==

GET
H2 200 lib.982ce9ee65976d7dc535.js Show response
cdn.intergi.com/hera/releases/4.8.19/lib/ 172 B
591 B 18ms
18ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/lib/lib.982ce9ee65976d7dc535.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ec766ac6273cc95e1764ae0ae6889f310849d1d31f159526dcdd7a6cad9c4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:06 GMT
x-amz-version-id: Cx8xK6a0Np0seG_hDVOG3qCuiG0LedH_
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 204487
etag: "83613d6af41ebdea6c0dd716e45457be"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 172
x-amz-cf-id: dAGYx-rWPu0iq3aLjZuyfoZ6ACBmdhZhINuBtWc-pZ2vrs0tqm3I8g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 10:01:11 GMT
x-amz-cf-pop: FRA56-P6
age: 51419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: jaOYq6qBvpP5-JHF-TdqqIt8fKnR80TKCkfYkjax65McKR936XVgBw==

GET
H2 200 bd056b42-51db-43ce-9a8e-3b11319b5d1f Show response
config.aps.amazon-adsystem.com/configs/ 537 B
802 B 40ms
8ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 66a1d59f898fcdad1477d223a4b7b887b585acc06b86ab7a922fcac7fbb7e253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:48:50 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1522
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: oCP4sQs5Wg2UIbYKeBvbDpViS7n-dUuu-RrrjJcQNswPqshcPYgtVw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 8ms
8ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ducksters.com&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:35:50 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 5902
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ducksters.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2862
x-amz-cf-id: 2mNlxz9EiFmfy9jVaXQLc5K4QBnR-VnmKd6cl5GpxFTbdZ7g_2fpAg==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 109ms
75ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/main.2396b076f5a898e8838d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Sat, 02 Dec 2023 00:14:12 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 45ms
7ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 02 Dec 2023 00:29:12 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 36ms
8ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 06:08:51 GMT
content-encoding: gzip
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 65122
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: uYwGa3BtoYpKMHW4WZ5mCZC_O529AV4fFvZutIYDyj7Fgy-xdazY2Q==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 34ms
17ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: GCDGD43JCHBXF4ZP
age: 131
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82ef5e52daa939d0-FRA
x-amz-id-2: KoAJVPFcHSqXgy3wldYmM5E7oxNZdA68jQjIEWND5wQh0eFMqEzxDR+nLctPdMa2/2K16RrcGeM2zTnbypnFJw==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 49ms
12ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Sat, 02 Dec 2023 00:29:12 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 304 KB
85 KB 371ms
371ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4321056005911557&correlator=4309262735768948&eid=31079525%2C31078660&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&npa=1&tfcd=1&iu_parts=96780239%3A87674693%2C1015702%2C62069%2C1015702-62069-desktop_leaderboard%2C1015702-62069-desktop_leaderboard-HP%2C1015702-62069-medium_rectangle%2C1015702-62069-medium_rectangle-HP%2Cpublisher%3A1015702-website%3A62069-site_skin%2C1015702-62069-bottom_rail%2C1015702-62069-bottom_rail-HP%2C1015702-62069-flex_leaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2F9%2C%2F0%2F1%2F2%2F10&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%2C1x1%2C1x6%7C320x50%7C728x90%7C970x90%7C320x100%2C1x1&ifi=1&sfv=1-0-40&ists=5&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701476052936&lmt=1701148641&adxs=265%2C818%2C0%2C800%2C0&adys=418%2C818%2C1877%2C1877%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ducksters.com%2F&vis=1&psz=1070x80%7C488x0%7C1600x1877%7C1600x1877%7C1600x0&msz=1070x-1%7C488x-1%7C1x-1%7C1600x-1%7C1x-1&fws=0%2C4%2C512%2C0%2C512&ohw=0%2C524%2C0%2C0%2C0&ga_vid=933760254.1701476053&ga_sid=1701476053&ga_hid=1284585491&ga_fc=true&dlt=1701476052576&idt=338&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26lld_id%3Db2e7f08869b148f381b8f700674b247276052921%26takeover%3Dtrue%26price_floor%3Dna%7Cpos%3Datf%26slot_id%3Dmed_rect_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26lld_id%3D80511f1adfe7469aa3dc5513a93a45e876052924%26takeover%3Dtrue%26price_floor%3Dna%7Cpos%3DFIXED%26slot_id%3Dpw-oop-site_skin%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D4ab0473b1e824225a828ed2a4d0b541876052924%26takeover%3Dtrue%26price_floor%3Dna%26in_view%3Dtrue%7Cpos%3DFIXED%26slot_id%3Dpw-oop-bottom_rail%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26lld_id%3D9ef9cad6e1dd497b82acef1396595a5876052925%26price_floor%3Dna%26in_view%3Dtrue%7Cpos%3DFIXED%26slot_id%3Dpw-oop-flex_leaderboard%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3Db660d3a79cec45c7ae648776f54e0af876052925%26price_floor%3Dna%26in_view%3Dtrue&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26amznbid%3D0%26amznp%3D0%26salad%3Dcobb%26dd%3Draspberry%26di%3Dstrawberry%26vd%3Draspberry%26vi%3Dstrawberry%26sitecont_cat%3Dkids%26tyche_code%3D4.8.19%26pageos_code%3D1.10.25%26hour%3D1%26day%3DSaturday%26OS%3DWindows%252010%26browser%3DChrome%2520119%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.8.19%26kver%3Dv1%26ab_test%3Dna_A%26page_focus%3Dtrue&adks=440268110%2C293378379%2C4265023270%2C2582691137%2C335363073&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a1094caa5517d6426e08c7d15ad6b176eb19239c577b241b8fff6f4f769200c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86754
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducksters.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7E47 6 KB
3 KB 114ms
31ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sun, 01 Dec 2024 00:14:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 7.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/ 161 KB
43 KB 9ms
9ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/7.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1855ec2ed923eb0bacc816d29217be02c00150fb069817b06c132a6abdbb298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:34 GMT
x-amz-version-id: .tCcOUVh94Fm63gmDGANX5LymVHxHrAv
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"2e3894ad42631491bc9edcdcf02be694"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204399
x-amz-cf-id: lCjskTysR1xi37DfXET3tlkH0yEmRpwbQxtvpOi_OjMFbupwyfapPA==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 102ms
29ms XHR
application/json 54.216.79.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.79.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-79-244.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 86a94ef57d3cdc75b7590e7aef5a890500745b5c78805e7e0969b49b7467e24e

Request headers

Referer: https://www.ducksters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:14:13 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.ducksters.com
cache-control: no-cache
x-server: 10.45.14.44
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 15ms
15ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:12 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Sat, 02 Dec 2023 00:29:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 17ms
9ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:14:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 02 Dec 2023 00:14:12 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
465 B 90ms
14ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.ducksters.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Sat, 02 Dec 2023 00:44:13 GMT

GET
H2 200 pre_content.json Show response
config.playwire.com/1015702/v2/ 5 KB
2 KB 25ms
9ms XHR
application/json 2600:9000:223c:a000:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1015702/v2/pre_content.json
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a000:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: cf44f417ea9cc5107328e43024b585a2df06a6a9ce49a73afbd74d1747aa670b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:40:49 GMT
via: 1.1 vegur, 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
content-encoding: br
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: FRA56-P2
age: 59604
x-cache: Hit from cloudfront
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701416449&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=qLBFwvrsM4oaHO045DI2ZYtluBvIZIbzYtM0rJkZZxk%3D
server: Cowboy
access-control-max-age: 7200
access-control-allow-methods: GET
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701416449&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=qLBFwvrsM4oaHO045DI2ZYtluBvIZIbzYtM0rJkZZxk%3D"}]}
access-control-allow-origin: *
content-type: application/json
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
vary: Accept-Encoding
x-amz-cf-id: DUdjRZYQvDgasHvhbacmJm1cAqEsPYFhwygd5CQUfcaFpvsUvwbR0Q==

GET
H2 200 1.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/ 7 KB
3 KB 8ms
8ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/1.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3aa3d8ea359408a1f5aacb4006df4047082341e8846063e9946877fd32655abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:35 GMT
x-amz-version-id: qbE2Xu6Qm63NJjJ6ZNgHLC9.8FPbx4lE
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"ebd72544766e01dfb296149e4b51b25a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204399
x-amz-cf-id: pk3D4lGYUTWuRTMxLSuuYJuL2eOQ3TF6Kt4xiEQZYbNvmgTcnDIQZQ==

GET
H2 200 frame.html Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 1 KB
994 B 8ms
8ms Document
text/html 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80eee3eb07bab720121dd4be27de16faa18b34dbc1cf74e885a38a234e520e1e

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 204399
cache-control: public, max-age=31536000
content-encoding: br
content-type: text/html
date: Wed, 29 Nov 2023 15:27:35 GMT
etag: W/"3b56c45b5d6cd40bcf532f580e07d18e"
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-id: O9OJ4Asv6Hf83zE_xjiyrTXS372g9xN0-vL9vQ_IqO1DkC5HmRa6hA==
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: DNXewkcQlWNX2qZHDuVoK.8w699ts1qV
x-cache: Hit from cloudfront

GET
H2 200 zeus_boot.aba9871bd7c287298e50.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 134 KB
33 KB 8ms
8ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3bf9d4e2fa8304c8b1fdb39e5d866c50c383a2238197e595af943734689b7802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:35 GMT
x-amz-version-id: LPOBrYMxIEGRXESw1KZRMmW.ygfw.f7I
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"d5d4a6ed17522fc649b02301c6a6bd17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204399
x-amz-cf-id: ERFqDH5TX3gjVQFvz9vlif4yG-a2LD6nqsbEEaQPUYJT0Yo5QWaNyQ==

GET
H2 200 frame.431f5e0b683f3fa994df.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 145 KB
27 KB 8ms
8ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.431f5e0b683f3fa994df.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 261c5eaf9ca129a04c11f75ab38e80b00ec06ccd2df54f7b7824db0cde266fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:36 GMT
x-amz-version-id: k_acpKAAvZ.hzLT.je5HsL5bPXAjPstq
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"ad19ef50474659ec6f8472d229efb835"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204398
x-amz-cf-id: SGq0aKEg1gfxqMyDveZpsU17FUpA2UeBT67hYI2JWgaKWKUmx0NGKA==

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 7ms
7ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Sat, 02 Dec 2023 00:29:13 GMT

GET
H2 200 pegasus_theme.3f49652ebdc70b060cdb.css
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 29 KB
5 KB 8ms
8ms Stylesheet
text/css 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/pegasus_theme.3f49652ebdc70b060cdb.css
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd6046fc1f4a0429f959a468afc2ab3ff4e3578721543ca80ac243acc2320d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:37 GMT
x-amz-version-id: X5E0LyOD_qkdMxfv9IilrnCyzjQndbZd
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"3e8ad784bd322a1441848466c06bc7d5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
age: 204397
x-amz-cf-id: H3LaMSWqtH-VdXQYzkgdKc-ZSbFp8g7hIPema0ilvw53AdnlImdV7g==

GET
H2 200 pegasus_theme.3f49652ebdc70b060cdb.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 9 KB
2 KB 9ms
9ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/pegasus_theme.3f49652ebdc70b060cdb.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e554726cf1b447ed389f6823a77e95c17c286b5519fa891821f068a15f2dab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:37 GMT
x-amz-version-id: atLf.RBjRT5g4i3yUUj8WEJKEPZaV1hT
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"f71e87dfeea5d886599e86bebad440f6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204397
x-amz-cf-id: p1W6fSyxsoT3sL3edg2tHAFgrJawz97UNa0pi0WnKP4_aUmUObBRFA==

GET
H2 200 admgr.0315258d00b2d086d287.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 165 KB
36 KB 8ms
8ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/admgr.0315258d00b2d086d287.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fa45c65ea128251a217a7c7d1318a094e2c0ad9a9daba229701f3b81d8f5acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:37 GMT
x-amz-version-id: H164FqKxhtOrpme2nhYtL_7eQ8h7zzjk
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"60bfa66f70c0d8d74f7ba0b85310cbb3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204397
x-amz-cf-id: WwhYW09z8WJ6gWPB8ga2EWUh-RQfmg-bEk1mXSDtoINWzcwQveUosQ==

GET
H2 200 pegasus_appearance_manager.562e4e9dac7b8d401d4a.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 7 KB
3 KB 10ms
8ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/pegasus_appearance_manager.562e4e9dac7b8d401d4a.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6db660f336ee107cd2ea01dad1cbdbd3469ae416d29672dfa4b227c78f483e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: wUBECqawyPVv2qKfPMnoLxOu14Xqmgss
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"2e053702a39223de286582297c6c8326"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: L_8ZWM8yXNOjfxGvqTF-UlGgFqI_TVOZSEU0EgkpakOX1ogZ54iJ2g==

GET
H2 200 pegasus_controlbar~scrubber.7f19c4520a1d5cd69811.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 16 KB
5 KB 11ms
9ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/pegasus_controlbar~scrubber.7f19c4520a1d5cd69811.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fe69397bc44d006000026aee2f44c02116c605e0e900b04898e97b917df5428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: NnyFaftMonee2yaMj.Re273zG3RBaznL
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"c6b75ba7953fa0563c3639271a0d3a54"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: MpWgScjPaxnEb5GkmPz9XB0f7YBLft5eaWwdK3TEtj9pR3OOpzdmlQ==

GET
H2 200 pegasus_controlbar.d3b2a00b5f82cce6df7a.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 16 KB
4 KB 12ms
11ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/pegasus_controlbar.d3b2a00b5f82cce6df7a.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b73634eeb10dc913e59544b809ab43d1e1f883e1365e79b22785b8e170887a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: KowqrUa.WtcVxjFuwUaGo5jns65LAIqo
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"fad235c42c5c6586840170464d9dcf40"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: 04Nk2MVukIXkkMf_4mHLyxuVdco60XBjcNZ1XQyLzVBzqCoR7bnHFw==

GET
H2 200 zeus_mouseinput.df9e50e6a3fa896eaf54.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 5 KB
2 KB 13ms
12ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_mouseinput.df9e50e6a3fa896eaf54.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f01986a348f7bb82274f40eb7c306130e7a86b3acd4a7480378245c8b4e9e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: Z1cYelCGr5JPLt5DNf1Gcyjl0cTiZ97N
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"7eae557767cf38590f43e908f3e2127f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: JSL2oEBZhtRXWJANBzobH9LSRjbiXYIlXTyCOtIHCeIqPRoxfqZtMw==

GET
H2 200 pegasus_content.565d8b811950def1c867.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 11 KB
3 KB 14ms
13ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/pegasus_content.565d8b811950def1c867.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a01674994a404f5754c4c005605e302134da1c6861a47a16d3ec84168a4109d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: PGFpPmQWaDlkud94jYCcSlDrewZf_FbT
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"371c1863bbe0ae4f9e998fff7c6b8ce1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: r_UqI6s6T1RGDw6q4M_z7xwzg9qk5eRGawkrtSgehAAjy8LEgC0qwg==

GET
H2 200 scrubber.af365e5218f4d681e77c.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 9 KB
3 KB 15ms
14ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/scrubber.af365e5218f4d681e77c.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64457ff90836970a5a75ec156f454fcfe37e3a13e1acf0133ad49519f34bdbc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: c90cQrvtTVcggLt2ZgLysIxG8ZJw9Vea
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"127034998839a8930d0931bc75d13b89"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: WBwKqTjvwJvLw_3vaI_etEpw4UXz3IvleHFLdfsREcwF6AS-HqI7iA==

GET
H2 200 pegasus_watermark.81ae14ddb546cd2359e5.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 7 KB
2 KB 16ms
15ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/pegasus_watermark.81ae14ddb546cd2359e5.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c15612d544758c18520cfca3afe3a9f7e5441b4c1b76b71e808ac1cd9eb6b42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: QO0xdvey6XZQgZsymMnF9TY.nZsRTRMw
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"cb098a945195b754c476c8b941b04cbe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: 1LlLM1SenqUbdD80g3bnyllJ_rlE-IN_5Pp0_Nqk3DAnXl0jeEQSzQ==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 79ms
13ms Script
text/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 23:39:57 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2056
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 02 Dec 2023 01:39:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
28ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3484dd7fe4647f07a0cc5421fd8643c815c910cde56e530c9661004ddfad34f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12347
x-xss-protection: 0

GET
H2 200 prebid.js.br Show response
cdn.intergi.com/prebid/ 403 KB
109 KB 8ms
8ms Script
text/javascript 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.25/main.279415f0efd26d6bd5ea.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea740c838ff05fa3d8eaf4eca2e5ae98bcbd6be032f70e89187477ef5f450b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: OGZPIL3bUz8OnByS24W4A7FvJF3uR27u
content-encoding: br
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 06:57:00 GMT
last-modified: Wed, 25 Oct 2023 14:13:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 63098
x-amz-server-side-encryption: AES256
etag: "d176745ee3641997222744794d154e87"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 111436
x-amz-cf-id: 3X_eOvpR8XtD7tpqvcE2BHdDesyzBCk09LxUBdNrHV2mKXsWj2oYQA==

GET
H2 200 googleAdsPlayer.16c71a623a0a07fadea0.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/ Frame CCE8 42 KB
12 KB 8ms
8ms Script
text/javascript 2600:9000:211e:9c00:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/googleAdsPlayer.16c71a623a0a07fadea0.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/zeus_boot.aba9871bd7c287298e50.js?aba9871bd7c287298e50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9c00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1327eb778113c280b5e91671dadbff70d864e2dbe3c8e4089d74828a1f2a3786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:27:38 GMT
x-amz-version-id: EAeeeKaMy3cf2pHwqGhk.vPzTSAD1MSO
content-encoding: br
last-modified: Wed, 29 Nov 2023 15:16:07 GMT
server: AmazonS3
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"5ea2858b1d2155d40fc38ef220ea08d2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
age: 204396
x-amz-cf-id: taLzq2u-i5PmecmM5O_OigCMSNy0ZdGV3h3f5dYDWiMme-3P5d3iZg==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CCE8 365 KB
125 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/frame/googleAdsPlayer.16c71a623a0a07fadea0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H2 200 container.html Show response
31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A01B 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sun, 01 Dec 2024 00:14:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 form.css
cdn.intergi.com/hera/releases/4.8.19/adReport/ 1 KB
917 B 8ms
8ms Stylesheet
text/css 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/adReport/form.css
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.8.19/main.2396b076f5a898e8838d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15c8b4dccc442d208986b71f497804c58a7144ae774182497bf4f67bcdfb7061

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:08 GMT
x-amz-version-id: 5cZO7Gbo.PMUOX_J6qtCDOBn3zl43RL4
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:25:53 GMT
server: AmazonS3
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"caacb1828dfa1fb52ddb6bf1921f36d8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
age: 204486
x-amz-cf-id: G2DdtMnk1ZClqB_BB3Yguo2bp23GD_E36eHXb5TajS4J_A5kxCb8zw==

GET
H2 200 close-button.svg
cdn.intergi.com/hera/releases/4.8.19/adReport/ 619 B
1 KB 8ms
8ms Image
image/svg+xml 2600:9000:211e:3a00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.intergi.com/hera/releases/4.8.19/adReport/close-button.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3a00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:26:57 GMT
x-amz-version-id: 8jYWtpOzvqO2JoI2ykiAsq5MEFVg5EgH
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 14:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 204437
etag: "3500c4be67d6d8f0469a8d37dd63a832"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 619
x-amz-cf-id: _cjqsMH4DEp_-sXcKR8QAZNL905aq70aqeeVLDpHv4VcWmi1OUTK1A==

GET
H2 200 container.html Show response
31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 06DA 6 KB
3 KB 25ms
25ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sun, 01 Dec 2024 00:14:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1941 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sun, 01 Dec 2024 00:14:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame A01B 24 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75B0 143 B
383 B 78ms
25ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A01B 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A01B 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 12251155339172983569
tpc.googlesyndication.com/simgad/ Frame A01B 19 KB
19 KB 24ms
23ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12251155339172983569?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnCJ29g1UeY1RoTCQM3J1hLeHl6Cg

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1c624df78314acfec2eb2baf5251f6f76f42c93664290ba061d73ed41eb281c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 14:03:04 GMT
x-content-type-options: nosniff
age: 555069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19059
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 22:10:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 14:03:04 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A01B 202 KB
64 KB 124ms
71ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A01B 36 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 11:56:04 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 36B5 0
435 B 92ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi19L7cATAB&v=APEucNVh0-2YAiiiXqsHPPz1K4iOmTcjGHud7Apj5a8pq3rXFjmbmW7MR9lY8-s-cQj_xCfX1gwYAjrJ3XcgY1dqAHD2HgxuYA

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sat, 02 Dec 2023 00:14:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 1941 24 KB
9 KB 67ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:42:54 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 1941 7 KB
3 KB 65ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:42:54 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1941 0
0 116ms
59ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssoJWsTG3tDAF70PAjq5BSVEagbgI9e4bvSRabKsAi6sBmE_PImhtozx1bThUy1scSweqQE-6Pqhg-MFksL8MPJlXvurdNuSJ7LdcpyVaDRnSNzV0jXeKlnSZG-alyNiG58U0kQJ_KzIjtMVhQwi98D8OoN5Bp_IPQgc4sSvvdkFSQpERovzby5S5tJRiRXocA4L3TXEch6sWmH8ZHxNV3M3S0cGLIodgc64URBbBwG1TX6eh11lss2YFvkMYXYDlr2PycPJ8e9b3uJGJTemxPxUy1nj4868IOaKX5VKLLRrABn32Jg0lLJIyGmBZ5CmItfx0CJ9gjITHOsqmcWwIJMUa66hiDii1XRdT7mLPB9Mc8uYSwvDaUm6620dszvDfc5SHrSSdCXt15fbx4My2WzFQEh-Y9VRi9_ZxiTXtGJJP3Yz5LFV8IDfVdWJ5aWvFYgqAd5xcv0x90cBYKXfe2QOQ7qOPpRzKqHeNYtbGzinsTVSJnG-bqo1EGQsrPF1ZctE9ZgKAzKuQ5BbbrJxyL-LUdLFiZVovmIjgLh1Acd46pyNXpTxH3vGUL7TgGsCIN40HYMlctAhy6HPDRjJzoJVvDSfvrjaOR_w0O_jwDldAqWCZ1v8S4mD-JaJ8dH0b_tP0LvehW8nPrwRGcMO0F0fQ8t-NDQhzkHOX38XDbdV-HCTmtXvn0apKlL_QIgC-rz2YLv1_wnumkC66chAf2buFaoZy_e2cwri6ZLHNgRi0oNzUpEnW52jfmuqLmyEofVDkkba8sjkrmdqdsbiZbGugZ9uofhuePmQPS6AXHdXoiRHzogzcuEq9EgJUCAhspYGQHau-lH7rmO5-fgpsx-it1DnfpCxtcn8Mq7Pu7OYFJuiaN_fC-Nu15DbiWtU6cqntVAiJLERutRtlpVeb2ugEyLzY1IaqG2QE09e99N_IaiqJ3rgQg2dHB9x2UXDjZE2YnwGqCnw1JKgu6AhaPWg4pfPYZaYfZ-Og_12kpUoB7JdFdWYApT8QI4NY9heI3VrT3QPvz9IMjOn-U99eIlyIjMXynVRHZ0PloE573fqfmQSF1JiiHQmO1zYICRzW74sI_IFg7-v48LRZZ4BNqmB2yoIf8mfGF8F6iA5quiMvwTqO-9sIUgw4pRmEymvKwuJoOC6W8OWN_xT6dB4E7N0Tr_EYcl7I7hFXukt7qtj762sb9-aermZOLDoAppjcw9stBzuub6MuSzFoSpNzPcxsf9RHVBl97DX54CUANTdnP0yvReSaSNutF3je5BA2PpSYX6SIk0DegSb_3LtK4PcU6e_6ruNz_zGklOlNOBJllILUn1CAbGRNr1T4Y7XaizfrfFvwv6xD6pFNSBSGROo2aVIwLdkb6nt9eFHNCI8HThFJcZJ948KdbHogZBfagS2HnCdihHCj1yefT0EVlXdeoqenVmrLsv2k3m325-QTWoIu8-gGFWndIDEE9XLXd0ltS_DmjMjCKxTw&sai=AMfl-YQ3qiVZK6Ck4Ie2yduQjl4MW1U-iKzt70dKBZVbnzdhFhTDF20rMVgDXJ3QiLtlYjoo6Z4z93x3mYKoR0m4FOQpwtldVaFEimVT0MvRhbevi1nFXRUjzzPTGHoYebIJ-dk4ZWXZxAmUQxd-BUtY0amhe4S1npqdYziTkI1IhBwIlPey0jtTwdPmSl3fSyvQR2g4W3u-b-pcoZEIpiY5WILORGecmBV-bU4iD_m94PVac-rJzzzUh3sGqttuU7E1-uNF4ZHoHVLaRa7PaAhhPHWfkAaw2yZCPUApLtr7TvxJdLV5hlrM_bPYn2rByWCzxvC0PQN5FMBiJ0Sjy4qnnSuD4rmVGZkwQ56EsxpSQwIAMOQHUTcP6Rlp5h0H7iBNdxGGQYSam6YqSYa95yQaFDT3yzzvCRjPX6lgvM26BTb59rJE7Gz1Eh5K6E0CzizSJZBr-4fwftQZlZ91C0l0zscLTOFKFLoOAVwUultNWOm9jp0pLHu3jIpxhikmDDhGlC5wYMKjc1en&sig=Cg0ArKJSzOISIEQ0dwXAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.64015&arae=0&ftch=1&adurl=

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 00:14:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1941 41 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1941 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1941 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1941 42 B
63 B 97ms
60ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cmy9Y_KCrhV_bZBVyf8nP29OOKF_JMEGnEYywEFEGAOKldyqSzeNCb3RKtcSK8GlgvJLbuBCUYfwt52XYxBHrNkI4BCThKLEP5UVbhXLAbnTBFpzI

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1941 202 KB
64 KB 171ms
125ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H2 200 528163114405441396
s0.2mdn.net/simgad/ Frame 1941 29 KB
30 KB 60ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/528163114405441396

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9a2e348b1f22bcfa74c40a60ef3a5df4dad3cb2d66da248c70490e45c414604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:28:19 GMT
x-content-type-options: nosniff
age: 153954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29883
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 07:06:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 05:28:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 06DA 24 KB
9 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9DF4 143 B
200 B 63ms
26ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 06DA 3 KB
1 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 06DA 20 KB
8 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 14862242542753605718
tpc.googlesyndication.com/simgad/ Frame 06DA 44 KB
44 KB 31ms
27ms Image
image/gif 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14862242542753605718

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c46d7f90e578b0f4d9343fb9d8b88410bc516e42ad8680e18d965c7f57de248c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:05:33 GMT
x-content-type-options: nosniff
age: 576520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44606
x-xss-protection: 0
last-modified: Mon, 06 Mar 2017 19:20:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 08:05:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06DA 202 KB
64 KB 161ms
123ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 06DA 36 KB
14 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 11:56:04 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D30 13 KB
5 KB 30ms
29ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 22:17:38 GMT
expires: Sat, 30 Nov 2024 22:17:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B20 829 B
1 KB 71ms
24ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d6e0450e21037f3f843a4f589beca3226992f8adf5534ff0ee87716a0d03a6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lkwgjzkPVvP5G91D-_3w1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lkwgjzkPVvP5G91D-_3w1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sat, 02 Dec 2023 00:14:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame A01B 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e03341c075c54b9d5a0382c1331108ffb58837df9094c50ef74af9257d0f879

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 738D 38 KB
13 KB 21ms
12ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 507333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1941 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1408a2e70b5a93f99d9d6940ea75873c2a71795b7ea5d698347094eb30fd577d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D30 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
DATA 200
OK truncated
/ Frame 06DA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8956f247f426cd1b760ee47285ba14625c67150712d42cc1a8691368b7ae25de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 738D 39 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

33ms
32ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sat, 02 Dec 2023 00:14:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1941 0
0 52ms
52ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssoJWsTG3tDAF70PAjq5BSVEagbgI9e4bvSRabKsAi6sBmE_PImhtozx1bThUy1scSweqQE-6Pqhg-MFksL8MPJlXvurdNuSJ7LdcpyVaDRnSNzV0jXeKlnSZG-alyNiG58U0kQJ_KzIjtMVhQwi98D8OoN5Bp_IPQgc4sSvvdkFSQpERovzby5S5tJRiRXocA4L3TXEch6sWmH8ZHxNV3M3S0cGLIodgc64URBbBwG1TX6eh11lss2YFvkMYXYDlr2PycPJ8e9b3uJGJTemxPxUy1nj4868IOaKX5VKLLRrABn32Jg0lLJIyGmBZ5CmItfx0CJ9gjITHOsqmcWwIJMUa66hiDii1XRdT7mLPB9Mc8uYSwvDaUm6620dszvDfc5SHrSSdCXt15fbx4My2WzFQEh-Y9VRi9_ZxiTXtGJJP3Yz5LFV8IDfVdWJ5aWvFYgqAd5xcv0x90cBYKXfe2QOQ7qOPpRzKqHeNYtbGzinsTVSJnG-bqo1EGQsrPF1ZctE9ZgKAzKuQ5BbbrJxyL-LUdLFiZVovmIjgLh1Acd46pyNXpTxH3vGUL7TgGsCIN40HYMlctAhy6HPDRjJzoJVvDSfvrjaOR_w0O_jwDldAqWCZ1v8S4mD-JaJ8dH0b_tP0LvehW8nPrwRGcMO0F0fQ8t-NDQhzkHOX38XDbdV-HCTmtXvn0apKlL_QIgC-rz2YLv1_wnumkC66chAf2buFaoZy_e2cwri6ZLHNgRi0oNzUpEnW52jfmuqLmyEofVDkkba8sjkrmdqdsbiZbGugZ9uofhuePmQPS6AXHdXoiRHzogzcuEq9EgJUCAhspYGQHau-lH7rmO5-fgpsx-it1DnfpCxtcn8Mq7Pu7OYFJuiaN_fC-Nu15DbiWtU6cqntVAiJLERutRtlpVeb2ugEyLzY1IaqG2QE09e99N_IaiqJ3rgQg2dHB9x2UXDjZE2YnwGqCnw1JKgu6AhaPWg4pfPYZaYfZ-Og_12kpUoB7JdFdWYApT8QI4NY9heI3VrT3QPvz9IMjOn-U99eIlyIjMXynVRHZ0PloE573fqfmQSF1JiiHQmO1zYICRzW74sI_IFg7-v48LRZZ4BNqmB2yoIf8mfGF8F6iA5quiMvwTqO-9sIUgw4pRmEymvKwuJoOC6W8OWN_xT6dB4E7N0Tr_EYcl7I7hFXukt7qtj762sb9-aermZOLDoAppjcw9stBzuub6MuSzFoSpNzPcxsf9RHVBl97DX54CUANTdnP0yvReSaSNutF3je5BA2PpSYX6SIk0DegSb_3LtK4PcU6e_6ruNz_zGklOlNOBJllILUn1CAbGRNr1T4Y7XaizfrfFvwv6xD6pFNSBSGROo2aVIwLdkb6nt9eFHNCI8HThFJcZJ948KdbHogZBfagS2HnCdihHCj1yefT0EVlXdeoqenVmrLsv2k3m325-QTWoIu8-gGFWndIDEE9XLXd0ltS_DmjMjCKxTw&sai=AMfl-YQ3qiVZK6Ck4Ie2yduQjl4MW1U-iKzt70dKBZVbnzdhFhTDF20rMVgDXJ3QiLtlYjoo6Z4z93x3mYKoR0m4FOQpwtldVaFEimVT0MvRhbevi1nFXRUjzzPTGHoYebIJ-dk4ZWXZxAmUQxd-BUtY0amhe4S1npqdYziTkI1IhBwIlPey0jtTwdPmSl3fSyvQR2g4W3u-b-pcoZEIpiY5WILORGecmBV-bU4iD_m94PVac-rJzzzUh3sGqttuU7E1-uNF4ZHoHVLaRa7PaAhhPHWfkAaw2yZCPUApLtr7TvxJdLV5hlrM_bPYn2rByWCzxvC0PQN5FMBiJ0Sjy4qnnSuD4rmVGZkwQ56EsxpSQwIAMOQHUTcP6Rlp5h0H7iBNdxGGQYSam6YqSYa95yQaFDT3yzzvCRjPX6lgvM26BTb59rJE7Gz1Eh5K6E0CzizSJZBr-4fwftQZlZ91C0l0zscLTOFKFLoOAVwUultNWOm9jp0pLHu3jIpxhikmDDhGlC5wYMKjc1en&sig=Cg0ArKJSzOISIEQ0dwXAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=79&vt=11&dtpt=78&dett=2&cstd=0&cisv=r20231129.64015&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H3 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C83A 752 KB
241 KB 15ms
15ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.playwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 11:48:28 GMT
expires: Sat, 30 Nov 2024 11:48:28 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame CCE8 44 KB
16 KB 89ms
86ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 00:14:13 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 47D9 40 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:55:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9DF4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
expires: Sat, 02 Dec 2023 00:14:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:14:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B20 0
0 58ms
58ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=4321056005911557&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 77ms
48ms Preflight
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cje4Q1HZqZb_PPP3n1PIPxsSWgA261LzKdOirjYHmD93s9cKAMBABIK-N0CxglfKLgpgHoAHsjZ7vA8gBAuACAKgDAcgDyQSqBMYCT9DWEbJIthyrAKG4RDHPYXw8nTo5K4bPsHSirzFvSln2JhLQdCR5pgfhHAhNL09yuVLC8FlHzKYU_j6zi5KfoDm2g4cHTSz5561-jXUqsp42dBAMB8HjUl-Z7FoX85qDNhobOSUvKTMIbZY5wxSohrAk0tUhIM9A0m9Naa_3G7qcTLfvJDta1bIBDCOPoQXdxe5w9REerTghViMzoLNMqhmrOPqiFsq-7WPgUyzHSg98ZYKtB_akJFk2xm8P7PajebfMvm8h69_l-xDS2Jds0xARG9q7hbIUd_rmEMYAyAPRQTc2c4gCBf9M65I2PmDMJ59HMkXlGtgvBzJLj-bPBiyQt0pjJHzQC8jb-pU--i-26Q6edJMkVS2eYTRfA8I1hTL_cfEKt7zbxWvZR64mPzv-NDftdPo4wIB95InFpt6JmkIZ1DnABKfKlIj7A-AEAYgF5-TftkCSBQQIBBgBkgUECAUYBKAGAoAH_PHhEKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELiHItIIIAiA4ZBwEAEYHzIC-wI6A4DAEEi9_cE6WMWp7J2874ID8ggbYWR4LXN1YnN5bi03MTkyMDgwMTEwMDM4NjcwmgmDAWh0dHBzOi8vYmlsbGluZ3BsYXRmb3JtLmNvbS96dW9yYS1hbHRlcm5hdGl2ZS1mb3Itc3Vic2NyaXB0aW9uLWJpbGxpbmc_Y3JlYXRpdmU9NTk4ODIwNTk0MDc5JmtleXdvcmQ9Jm1hdGNodHlwZT0mbmV0d29yaz1kJmRldmljZT1jgAoDyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMIwO7snbzvggMV_TNVCB1GogXQ2BMN0BUBmBYBgBcBshceChwIABIUcHViLTM1ODM5NTU1MjkxMTE1MTIYp7Ie&sigh=xDgN7F4g16U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNLgeeniinpNHQmIGQiRXg45tz7tKojcLxO_Ua0AbzyaAMuRngijr7JMgdwScgGDc4FpXYfiRH3VEy2Fl-N64MkKYWBvnYi4Ti6CMYAQ&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 00:14:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A01B
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cje4Q1HZqZb_PPP3n1PIPxsSWgA261LzKdOirjYHmD93s9cKAMBABIK-N0CxglfKLgpgHoAHsjZ7vA8gBAuACAKgDAcgDyQSqBMYCT9DWEbJIthyrAKG4RDHPYXw8nTo5K4bPsHSirzFv...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212342480807212992525%22,%22debug_reporting%22:true,%22destination%22:%22https://billingplatform.com%22,%22event_report_win...

0
0

99ms
50ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212342480807212992525%22,%22debug_reporting%22:true,%22destination%22:%22https://billingplatform.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221038583532%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210453198381662015937%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12342480807212992525","debug_reporting":true,"destination":"https://billingplatform.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1038583532"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"10453198381662015937"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 00:14:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 00:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12342480807212992525","debug_reporting":true,"destination":"https://billingplatform.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1038583532"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"10453198381662015937"}&andc=true
access-control-allow-origin: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C9C 51 KB
19 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 48ms
48ms Preflight
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CFwZt1HZqZcDPPP3n1PIPxsSWgA2i4fP-YKL63sm6Effn7eOVDhABIK-N0CxglfKLgpgHoAHT8abkA8gBA-ACAKgDAcgDyQSqBMYCT9AVdEfeCVPkT-kiVlppiW6ozLp8GILbGghgxC-UlzqCbSiebpdLpL9gjgepGbWRa9Z1PDpn6BJIao7gL1L_zvCFuhuEzUhUR9VNM0nG8GAnQWTlcZO2ku-DftsRIR3Z1gw_TY-NIJjTc2qVyD6O5jGxLGDAdxjXdEFu_vq3wQAKK64ydAK2zWFMYa8uxh6dG4aPZRJVSYQncrTUzvE_igV7Qn7bizzqMae1-8RQ3ivpEaaf5e78vXM4alB48hSMK_wY2uYG0eY-7YBq3atefn03IpSETTo00Yh-J7snl3mB5HHavvQHUSV3Rnm0to0WfI2WP22PJKBqJkoFMeZ7n1NQf0vW69n0ITZjCqdQrIEvu62adYhcD9H-bjtRR6-f94xDpTYPyd9A23eyDrEpOsIu0RVDNL6582HghNp4pbnL_aNPaEPABOOZ7re7AeAEAYgFn9SeqgOSBQQIBBgBkgUECAUYBKAGA4AHlY7ZG6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEP6lGdIIIAiA4ZBwEAEYHzIC-wI6A4DAEEi9_cE6WMWp7J2874ID8ggbYWR4LXN1YnN5bi03MTkyMDgwMTEwMDM4NjcwmgkwaHR0cHM6Ly93d3cuQWRhcHRlZE1pbmQuY29tL01hdGgtV29ya3NoZWV0cy5odG1sgAoDyAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLiDRMIwe7snbzvggMV_TNVCB1GogXQ2BMM0BUBmBYBgBcBshceChwIABIUcHViLTM1ODM5NTU1MjkxMTE1MTIYp7Ie&sigh=AVK6vs8AQv8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNLgeeniinpNHQmIGQiRXg45tz7tKojcLxO_Ua0AbzyaAMuRngijr7JMgdwScgGDc4FpXYfiRH3VEy2Fl-N64MkKYWBvnYi4Ti6CMYAQ&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 00:14:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 06DA
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CFwZt1HZqZcDPPP3n1PIPxsSWgA2i4fP-YKL63sm6Effn7eOVDhABIK-N0CxglfKLgpgHoAHT8abkA8gBA-ACAKgDAcgDyQSqBMYCT9AVdEfeCVPkT-kiVlppiW6ozLp8GILbGghgxC-U...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221538230106046157122%22,%22debug_reporting%22:true,%22destination%22:%22https://adaptedmind.com%22,%22event_report_window%2...

0
0

100ms
51ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221538230106046157122%22,%22debug_reporting%22:true,%22destination%22:%22https://adaptedmind.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221015658707%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213642149936893353409%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1538230106046157122","debug_reporting":true,"destination":"https://adaptedmind.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1015658707"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"13642149936893353409"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 00:14:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 00:14:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1538230106046157122","debug_reporting":true,"destination":"https://adaptedmind.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1015658707"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"13642149936893353409"}&andc=true
access-control-allow-origin: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C83A 124 B
328 B 27ms
26ms XHR
text/xml 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?sz=640x480&iu=%2F96780239%2C87674693%2F1015702%2F62069%2Fpublisher%3A1015702-website%3A62069-video&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.ducksters.com%2F&description_url=https%3A%2F%2Fwww.ducksters.com%2F&correlator=4001632263398577&tfcd=1&gdpr=1&gdpr_consent=0&npa=1&vad_type=linear&cust_params=lld_id%3D6f1cfeeabf2b438fa14ab90c45ade75576053558%26price_floor%3Dna%26adunit%3Dtrendi_video%26owning_pub_id%3D1015702%26pub_id%3D1015702%26instream%3Dfalse%26player_height%3D480%26player_width%3D640%26synd%3Dfalse%26vid_long_form%3Dfalse%26window_width%3D1600%26window_height%3D1200%26sitecont_cat%3Dkids%26dmp_ids%3D%26custom_path%3DHP%26salad%3Dcobb%26dd%3Draspberry%26di%3Dstrawberry%26vd%3Draspberry%26vi%3Dstrawberry%26ab_test%3Dna_A%26pagecount%3D1%26vid_location%3Dcorner%26product%3Dads_only%26sticky%3Dtrue%26trendi%3Dfalse%26refresh_count%3D0%26abs_dist_top%3D1100%26abs_dist_left%3D1450%26rel_dist_bottom%3D0%26rel_dist_left%3D90%26browser%3DChrome%20119%26hour%3D1%26day%3DSaturday&vpa=auto&vpmute=1&sdkv=h.3.605.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=928570498&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=BFD49CAB-691D-4124-B194-A09E28AF40FF&nel=0&eid=44772139%2C44773379%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804614%2C44807947&ref=https%3A%2F%2Fwww.ducksters.com%2F&top=https%3A%2F%2Fwww.ducksters.com%2F&loc=https%3A%2F%2Fcdn.playwire.com%2Fbolt4%2Fjs%2Fzeus%2Freleases%2F4.6.39%2Fframe%2Fframe.html%23id%3Dtyche_trendi_video___pv%3D1___eu%3Dtrue___eis%3D1701476052969&dlt=1701476053042&idt=603&dt=1701476053777&scor=3216464980910550&ged=ve4_td1_tt0_pd1_la1000_er0.0.154.300_vi0.0.169.300_vp100_eb24427

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E64 51 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: 31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
URL: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 185189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1D30 0
10 B 27ms
27ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WxZEHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:14:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST csi
csi.gstatic.com/ Frame C83A 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 738D 0
20 B 191ms
190ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCEdE1HZqZcHPPP3n1PIPxsSWgA0AAAAAOAHgBAI&bg=!JySlJGvNAAY3kmNgF5I7ADQBe5WfOPAUzfo9HzAhf9LImQEkc6H4Hui_SkwoZmjKQ8ert-A8d-P93hAcsbdWwAmHitWyAgAAAO5SAAAAAWgBB5kDCPQwU5RtHo8ig-glqR7SxT7FJf3Twih8NsRvJYRe0hh3Mk3NySDvr2Hsqu2Sww2m0oDDlbNR_luytGYf9GvEjkdLSbMlTTLd28B2PgwPRfkEHRKesc-bfkTiypDGMXdSHzqT4kXXI-Qqp9VtZXeaS2rwle6dMxwM89DcNQOXf_GD544UYpnUDHTi1lazg-IOkAwh7JRmVUh8YrNrfgnoXllyFtKIJYbkbcpDVroX1KLfq9AZTVlq8uUo_GX4G4mJCvJkPu-b17LkLyDetg2zAdvp3RCKGkFbbqNu6PGgtS3sTh9aR5ZcSggo4Fx20bCSmWe194HdjjwM1-LxteUMNu6u26_l55z-us3xnJ0OMZhgtTHF4Im9Sxm3ytHiX2Vt-rc5CYmzjXp1-s37TWIg1iCSJu0WTbOjnU17Pfw8gJYabTnCH32QArzc5m_vp4WThSna1WgJHkxpWOQ4T7DO-xRwBAZjpxbu4YTAD4I3E5ZBuLOjAFW9dbyQbTYrsNCbWiqAJoj0ACMS_zWutWos6ce72miSIOo0hBDi3GweoKgERbVN4ydGB9GTr9rOD0pCDbg3vpMixJuyjsdlVhoVUoD40XfEvNwqGQ_nHK5PJ7G4Vf_ChLTtAbB3KTno2-ZAKgXjKB8UeQYFbSVeZBZkBVYvqUDRKBIdtDV61QMFUArJFsMn1WxhHXQi6421yyXxECIa_VkKV-ZD3DuqfkXjaM22C8rIShytPA0XkoPbjl9jcn8y_KCL7Zj99OI4F9vs-9iJNZSMvs0bRWuukD8UbWm8C6pEYJc0raJOaZ3BQpUFNsE-W0dtbjvtiX_pqvAUxvhG6IUfx6Zz7rv2QjZxruVTaW38TGoZQROElKnJbvKesGrpr9vF2XaFqmXpDRm4lWLgMwEK8X0KFSqRJhZNxPIJxBZQ0tOoVBQpnv3VJQgkrpcHi5JJuttCpQ9L0g61vD7iK2XzVGpSEWSwDPPgPjqX6b_uxbP8dubDFVQjzWod9W7QbqH9XkRx4pD0Bcwj4-hU0ZDRZuUD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:14:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
277 B 120ms
15ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.ducksters.com
date: Sat, 02 Dec 2023 00:14:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 112ms
47ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 00:14:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 112ms
48ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 00:14:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
602 B 60ms
15ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

1a2414257515bd6f261150986fd456ccf762b890be5cec521f161806c67c6d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ducksters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducksters.com
date: Sat, 02 Dec 2023 00:14:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=4321056005911557&bg=!FxSlFFvNAAY3kmNgF5I7ADQBe5WfOGR18J8K_Jhh3IP2zgN8gYVz4H5OF9i_s-2gGj-z7K6KP6j2SRliswqHc9u5-QLBAgAAARlSAAAAAWgBBwoApgC9F487oDSjjLjNU-Av9hvcKeYqub_Vhx97gHY8pyDPLZz-FXPdX5Su1rbubBwtK28_yfWirs9BmWT48vlMTd8uty6D2muHQBsGYcFUu1zhbNPmd9u6Zk6WZkyWmc3aqbp2nIOL8RUUaVK2dMeuLQ-EbNY6kEFf-BG_djUZsAUz0Uv8mi6dyY9QKMzunRPUcq7JTFZ4txNnAHtZxWIC6ZjfWADuV12ZArLjl9nAa9cVZ5lZbPRvT2Y4ihjELGstmIzZD1XXyn5cjgPJILq1qXZYMIigtPOYaMUzA7ChPKqGwUMcAC-kdKXLz88CFEkBmioEUwCOHg46nHWStWla0A9TTsIxjKQwf__DuKJSzMuNQN9laAPnQ9QWSOElp2ErQ5k2ivVxwbjH19xhQh9084AHy0kYw93SdE-pD2klVT9S2LI-qBntad77CbHMSydYVy-zX6BcKi-1tqS0P24X-z674ANgFRfX3Z8sTR9cT5O7t_zaiqu8XjfmnSfLf36vSvpsvShxBi4jToxRwE5uY8FjLdw1aW8HwfmzXSyJvpj_u9EVKE8TikeK85887cPUe8o8yNwk4Ffc8u-Dhz7BmyjnYLs6p38gw7F6NqDam0O4geHCbmwLpVDxybzChIbNdraJB9z-pNurIwRccFeRGv-hkTMieAkc0h2bDsh4tvjnRzoSoZ5IzjarDC9UfpJpew-WjZchqB5mcEHg6_F_sJi3LZvOpaorPH4T-5YydPFfESwOFsgeV0xtD4h2hrtVkMk3ifOnvkT8-ONktmKVsN8pjBeRxpyB-dZoH8zgr3QQM1psVuXCx54C6_7cvAKd0ST2UZ6AX6tWI_iASfbTEeUbkhneoepLLz9k1mlufcdBpiw148GMfX6S6Lsgeu4oVpIIO0tfdkZUG0qVKJcdmyS5K1lyw__2PFY7ZxT69kXs902W3c46vaHd9UPCUHdpvQLNBrIi5bk1N0e3c8CdzrQCL8CCUJTcsiCPG4jcc1fqB9sjot0-dUjsNG_-TqLyCCywwK2ONZTMF22Qn4uPWM3YztHg6SLGet_BbIDRrAm3Yc1foOh91I3-Thl2TXYsgVjkQ2gorRelgsBDGx2fPr6-QZNkzJ2p8ZH_vV-LlaZ2fEisMt6tJvD8ALo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A01B 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_T_JczwUC7x4ycMFQNnJGLSxEyj0jYvCNEr8NvUXVzqzoD26rf4SEup4J6A-IvmBb5929ntA4ACuqxWyG2M82nICJ2NTNUijuh9KRDWJ0iGJuuUR9PgQ4G5qwidl82Z3OgHowTLzQarR3fjylm8ZSZPsFPKJCzhD42XT-sEs-tw&sai=AMfl-YSuVSpclThnJ_PL47IUBePEpg2yaNoNJdaY4xL2qMKPQikdHukb1xAbKoHagObnhcDsJY9WCs9RRnsSCPcBuHKGGzY8ibFkmmU_zPfEzf7AYZD4YRvRIKgU3NCZthe0ITvAoR5EUkLwCk4kHkxLvVg7wW1qzVNGTVp1&sig=Cg0ArKJSzIAazGbAzZ3jEAE&cid=CAQSTwDICaaNLgeeniinpNHQmIGQiRXg45tz7tKojcLxO_Ua0AbzyaAMuRngijr7JMgdwScgGDc4FpXYfiRH3VEy2Fl-N64MkKYWBvnYi4Ti6CMYAQ&id=lidar2&mcvt=1005&p=418,315,668,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=440268110&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701476053334&rpt=296&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:14:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1941 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6ZYNw3LhfJWUz5PoixTZflYQtIqM4s2pXhv_IIiLkIzuL_oOLdDhGFHYcYK3lEJKL7sTtUnCJ-1ppxdmYFel5zGPutzC8A02e1NSMAfjptVNYbUFlL_cffbc2G48cxWiYoI4TVpKvO_bN2Q&sai=AMfl-YSuuO8HZlDJl4EKAv_wpj0HcZ_ES_LwX_hnDr3H4Y2Uk28wULcCy0Kl7N3uXCWPTtDrL2ny_M8Bk42Dwh1t2h-KL6BuRx4WbWnPVW2Bi1vxBbNQcWZFLEOUZwccnSi_dRzPzICKRHc2IlR9vfWWWMwkmZ4GbgfyQSa6&sig=Cg0ArKJSzAVVJxBuyDRvEAE&cid=CAQSTwDICaaNLgeeniinpNHQmIGQiRXg45tz7tKojcLxO_Ua0AbzyaAMuRngijr7JMgdwScgGDc4FpXYfiRH3VEy2Fl-N64MkKYWBvnYi4Ti6CMYAQ&id=lidar2&mcvt=1000&p=1121,436,1211,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&vu=1&app=0&itpl=20&adk=2582691137&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701476053366&rpt=344&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:14:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpnawtbb&c=241979531797&slotId=120989765898.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpnawthh&c=241979531797&slotId=120989765898.5&uet=2&ghmsh_eids=44772139%2C44773379%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804614%2C44807947

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ducksters.com/	1970-01-21 02:13:56	Name: _ga_K9B1TMX9Y2 Value: GS1.1.1701476052.1.0.1701476052.0.0.0
.ducksters.com/	1970-01-21 02:13:56	Name: _ga Value: GA1.1.933760254.1701476053
www.ducksters.com/	1970-01-21 01:59:32	Name: usprivacy Value: 1---
.ducksters.com/	1970-01-20 16:37:56	Name: lotame_domain_check Value: ducksters.com
www.ducksters.com/	1970-01-20 16:39:22	Name: playwirePageViews Value: 1
.ducksters.com/	1970-01-21 01:59:32	Name: __gads Value: ID=bc3ef489b41033cf:T=1701476052:RT=1701476052:S=ALNI_MapXSiQYo-oD7MbPcZjuzogqJ-X2Q
.ducksters.com/	1970-01-21 01:59:32	Name: __gpi Value: UID=00000d016c79b9aa:T=1701476052:RT=1701476052:S=ALNI_Mb4Q-RLxOX1150OZETPhmeZdtYmlw
.doubleclick.net/	1970-01-21 01:59:32	Name: IDE Value: AHWqTUm8B3MFWaJuqH5vDvyj2xsLD7G0U348q-22zjW7gVbajUJEAfc3k12neiWQz3g
.doubleclick.net/	1970-01-20 16:37:59	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:47:32	Name: ar_debug Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-T3PGLXYKK9&l=dataLayer&cx=c Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.39/7.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31ba48aa31493b0b6750600d37f19247.safeframe.googlesyndication.com
ad.doubleclick.net
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.id5-sync.com
cdn.intergi.com
cdn.intergient.com
cdn.playwire.com
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
config.playwire.com
csi.gstatic.com
googleads.g.doubleclick.net
id5-sync.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
mb.moatads.com
pagead2.googlesyndication.com
proc.ad.cpe.dotomi.com
px.moatads.com
region1.google-analytics.com
s0.2mdn.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.ducksters.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kidsafeseal.com
z.moatads.com
csi.gstatic.com
108.138.1.25
130.162.160.243
162.19.138.119
172.217.16.198
184.30.17.133
184.30.211.26
2001:4860:4802:34::36
216.58.206.34
2600:9000:211e:3a00:14:2602:6e80:93a1
2600:9000:211e:9c00:13:7c50:cec0:93a1
2600:9000:223c:a000:1a:1459:5cc0:93a1
2600:9000:2250:fc00:12:4abd:d340:93a1
2606:4700:10::ac43:266a
2606:4700:20::681a:d86
2606:4700:20::ac43:462f
2606:4700:20::ac43:4b6a
2606:4700::6811:190e
2a00:1450:4001:801::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a02:fa8:8806:12::1460
54.216.79.244
65.9.66.97
99.86.4.39
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69
0bd0d458b6232554bbf560c1faf1215de00eff3b07d32af68b40ec202464f914
0c153290495ae00c5254a0ac46197a5c26f141da5ea4c974876b06bf04141284
0c64b4231b22e466a3938f937fa9ba0a0a747adafcea4f07a0814a81a4e5b1d8
0d047af20022ae73efe124f18cd92f3a8303934dae9be630a40388d9b0d3e926
0d4fa518c70ea18943468b4f5093e6df5cbcc2307cd4efb0dcae6dded5963ec8
0d907657f7138e28542d27bd08c28d794d4d82fbbf13f34ab3ccaea61f84fe4f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fa45c65ea128251a217a7c7d1318a094e2c0ad9a9daba229701f3b81d8f5acb
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1327eb778113c280b5e91671dadbff70d864e2dbe3c8e4089d74828a1f2a3786
13cc0025a2b90907913a2586cfc6832fe0da221a7ec01421b69a192a3d4aaed0
1408a2e70b5a93f99d9d6940ea75873c2a71795b7ea5d698347094eb30fd577d
15c8b4dccc442d208986b71f497804c58a7144ae774182497bf4f67bcdfb7061
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a2414257515bd6f261150986fd456ccf762b890be5cec521f161806c67c6d2b
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1d1d2e6843d61701d00bc1081fdc466940c2f596885124bba67d21a6006d9e68
1e44bb0945f31eba7a6d9b3bfceddf8601f0f590278bf4fbb5c6b5968648c4b5
21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c
261c5eaf9ca129a04c11f75ab38e80b00ec06ccd2df54f7b7824db0cde266fde
2d51a0d59102580d344430382426c071607c31f319b4753d4c0730761cd28c8e
2dc5a4482e04cc1d4c6167a0537eda2962541b14e404bb8e220ea90d5722e2a4
2e554726cf1b447ed389f6823a77e95c17c286b5519fa891821f068a15f2dab4
2ec766ac6273cc95e1764ae0ae6889f310849d1d31f159526dcdd7a6cad9c4db
2fe69397bc44d006000026aee2f44c02116c605e0e900b04898e97b917df5428
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3202be6a3814ed585b6e36a13b88b2aa5f56c8f8939acd95d2306b9dbe1091a2
3484dd7fe4647f07a0cc5421fd8643c815c910cde56e530c9661004ddfad34f3
370881318025c7cc42fb6841044a57614ddcb0cd0fd72f98af568c86b30b9527
38c697355f121064eefa09b87c526097c58d6fcb6792178686293e00c6afb6fe
3aa3d8ea359408a1f5aacb4006df4047082341e8846063e9946877fd32655abd
3bf9d4e2fa8304c8b1fdb39e5d866c50c383a2238197e595af943734689b7802
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d150a2f5a244e0ae65f42f6d7d9f60c8ba403524b0f398fcae2984e0c606d8
4715a2b6fd3a511874e63bd8b27102f2fe816b2cd7f55d183cd21947f7c0426c
4a01674994a404f5754c4c005605e302134da1c6861a47a16d3ec84168a4109d
4a1094caa5517d6426e08c7d15ad6b176eb19239c577b241b8fff6f4f769200c
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b73634eeb10dc913e59544b809ab43d1e1f883e1365e79b22785b8e170887a1
4c539feb89b124bb756d1bda6c27dc28abb04130d766b5645b1ca3234f4d327f
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
529ba4d0899075bbfd92737613d899d808273f28774fcc7b870d52337b19833d
54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e
5533851b7d67db230189fe9c85796763ee84ac2ff6f9e60c8849a036fcda9040
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58111e9341b58618f475848342ae62c313b3d729952a373778d940fdc97f9c0e
5b213e3e30110feba6f0b6b17101364970c8f343a6de32413128e0592690660a
61791124e32c348e2d914fdc3d400225de1f0f9d2a741bb53ec7c065468dcfe8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c954a339be44695196534585eaf26e52abd608f43fd6ba1a271a3a800fcc83
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64457ff90836970a5a75ec156f454fcfe37e3a13e1acf0133ad49519f34bdbc8
66a1d59f898fcdad1477d223a4b7b887b585acc06b86ab7a922fcac7fbb7e253
6802e8a7ef65daf42c9cbaedb523345b796d33754e13f336d5e8e26ef75069e8
6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2
6a2141d2b7377ef0e41592e3233d0e3da0fb9635fabf141332fad300a07b8fee
6d6e0450e21037f3f843a4f589beca3226992f8adf5534ff0ee87716a0d03a6d
6db660f336ee107cd2ea01dad1cbdbd3469ae416d29672dfa4b227c78f483e6f
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
75691728a1c9acf8b840fd1fd028809b9d08cd068c43f75221dd6651e2e39090
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
76a9dac2cd4f474abcbc8cf5b09851add3cc839545bf015e718ebb3a7e74266a
770d5e99c42f98eb538710734b35c308f14c7a1861a5759e65b9972b04cd8006
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7e862432d222866339214f1d7f2b02c45ed4f934661834953f4a880f60e59102
7f4b36034f6579da123046b67d4d27d0037ae9bf220aa9a1c68a853ffc62d624
804eba2d87e0f54467ba39b62d79252b853e91fd430ca8f142834784bf8a8154
80eee3eb07bab720121dd4be27de16faa18b34dbc1cf74e885a38a234e520e1e
86a94ef57d3cdc75b7590e7aef5a890500745b5c78805e7e0969b49b7467e24e
880464ae5d58c4cb731e9f2dafc9a10f861c173a5735dbf29823a0792cf1cbd5
881a8e16a9aa3dde622ecdb17620b378a6f5bfb67609d79a63cd610d6f14a1b7
8956f247f426cd1b760ee47285ba14625c67150712d42cc1a8691368b7ae25de
913e29db5e896f547b0e3d77360fc831ac70bf67656e14e3b8e9eb7d9907dd41
91608054a92aff37dd57eecfd3d86bb623eb16cea563bcbd0161aa08b98d4521
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
96cc38cfeb78e902e483c17f9ac04f2952a82686542d146a45136421efc7576f
98f79f74356f95916c125ace9cad55f007cf719bb7d7e55d0e0af4f221ed3a95
9e03341c075c54b9d5a0382c1331108ffb58837df9094c50ef74af9257d0f879
9f01986a348f7bb82274f40eb7c306130e7a86b3acd4a7480378245c8b4e9e31
a1855ec2ed923eb0bacc816d29217be02c00150fb069817b06c132a6abdbb298
a1c624df78314acfec2eb2baf5251f6f76f42c93664290ba061d73ed41eb281c
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b24b986f8a5332274f4088dfcc3b5c309f78a0e104d908ca425e7bba73fecc38
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b60388748b4d1d9dcb193c8f537c293afbd480bc278520224c49e48bd06a425f
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b8c69eade84d852ca05c160dd196bf2f8ce92082e81eb4182f6ee76fbcd12cae
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
c15612d544758c18520cfca3afe3a9f7e5441b4c1b76b71e808ac1cd9eb6b42f
c46d7f90e578b0f4d9343fb9d8b88410bc516e42ad8680e18d965c7f57de248c
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cdac126afd2895b5843c2caff0af6b6cc968436af94d512c0f5eab2e5c4c34df
cf44f417ea9cc5107328e43024b585a2df06a6a9ce49a73afbd74d1747aa670b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d391164645cf881414af4151458392f5563f460bbf9eb88d731fd3010ada4219
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b7159b991308f2fd94f48ad5974b3706a59621c213dee55f87512f8ea48075
e9a2e348b1f22bcfa74c40a60ef3a5df4dad3cb2d66da248c70490e45c414604
ea740c838ff05fa3d8eaf4eca2e5ae98bcbd6be032f70e89187477ef5f450b24
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
edac2e92c551951830e96916a9e5b3c5fe48237eb6436ae85fbefd037a766c46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524
f9bad53dab4e1a4b0d5708ffc6de1faa178cc8770b4a004b2a01ea725ce7b7bc
f9d828b4b29ad6ce4b1a489ba706f397d87bf8279db5f32368caad3d1422f437
fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d
fd6046fc1f4a0429f959a468afc2ab3ff4e3578721543ca80ac243acc2320d83
ff535025543261ff945ed6ef924a7fa83ab5d8c45d5ecda5443f0e41ba376651

www.ducksters.com Open in urlscan Pro 2606:4700:20::681a:d86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

97 %HTTPS

69 %IPv6

23 Domains

34 Subdomains

32 IPs

5 Countries

2465 kBTransfer

7511 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ducksters.com Open in urlscan Pro
2606:4700:20::681a:d86 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

97 %
HTTPS

69 %
IPv6

23
Domains

34
Subdomains

32
IPs

5
Countries

2465 kB
Transfer

7511 kB
Size

10
Cookies

156 HTTP transactions
3 data transactions