duelingnexus.com Open in urlscan Pro
2606:4700:3034::6815:612  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://duelingnexus.com/ HTTP 307
   https://duelingnexus.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

• https://btloader.com/tag?o=6278260873756672&upapi=true HTTP 302
• https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true

Request Chain 98

• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-adMediaV1_snb_n-MediaNet_n-Beeswax_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_3lift_n-Outbrain HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-adMediaV1_snb_n-MediaNet_n-Beeswax_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t

Request Chain 165

• https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&adnxs_id=$UID&gdpr=0 HTTP 302
• https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&adnxs_id=699858439086164783&gdpr=0

Request Chain 166

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001724780710-9LLMAXUG-QZBZ&gdpr=0 HTTP 302
• https://ids.ad.gt/api/v1/t_match?tdid=25074f55-c861-4298-b00d-d0e249bb6510&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ

Request Chain 167

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ HTTP 302
• https://ids.ad.gt/api/v1/pbm_match?pbm=4B05D89C-78A8-4743-BBC8-EC8EB1062C29&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ

Request Chain 168

• https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001724780710-9LLMAXUG-QZBZ&gdpr=0 HTTP 302
• https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&rub=M0CPWFKX-1R-HLY2&gdpr=0

Request Chain 169

• https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e11719bf-cbb7-48c4-83ad-b22c6ab9748e%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001724780710-9LLMAXUG-QZBZ%252526tapad_id%25253De11719bf-cbb7-48c4-83ad-b22c6ab9748e%252C&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=25074f55-c861-4298-b00d-d0e249bb6510&ttd_puid=e11719bf-cbb7-48c4-83ad-b22c6ab9748e%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001724780710-9LLMAXUG-QZBZ%2526tapad_id%253De11719bf-cbb7-48c4-83ad-b22c6ab9748e%2C HTTP 302
• https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&tapad_id=e11719bf-cbb7-48c4-83ad-b22c6ab9748e

Request Chain 170

• https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ HTTP 302
• https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&google_gid=CAESEKwKI7oGCeU1JRxojwChHY8&google_cver=1&google_ula=450542624,0

Request Chain 171

• https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNDc4MDcxMC05TExNQVhVRy1RWkJa

Request Chain 172

• https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ%26auid%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ HTTP 302
• https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ%26auid%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ HTTP 302
• https://ids.ad.gt/api/v1/openx?openx_id=a242fc9d-2dfb-401d-b35e-3316cc12b092&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&auid=AU1D-0100-001724780710-9LLMAXUG-QZBZ

220 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response duelingnexus.com/ Redirect Chain http://duelingnexus.com/ https://duelingnexus.com/	2 KB 2 KB	214ms 101ms	Document text/html	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76469ea3f74853cd8a7eed4b944bb1d7a48eb003882fa0e838c30921721abb6b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b9ddf91dc0dac7e-YYZ content-encoding br content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 17:45:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0XeMifdhfOjoG8svAz%2BHgTEIaxikrD2sG7M%2Bsqm8CVROjP25jyE89n1QAFRr%2BBpxzdo41MeioNAZeUaabI0InRgqiHOGY%2BrBbs5R3OBZeK4EB5SO28lQY9qRUYCgHBCdt31G2JIlkxDiaX1939y"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Location https://duelingnexus.com/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	298ms 86ms	Stylesheet text/css	2607:f8b0:4006:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Inconsolata|Roboto Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b56e7677a90a0ae3956f1f87e05d1f054e55a4651f9a86bd967f908d7a3c8bd3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 27 Aug 2024 17:45:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 27 Aug 2024 17:45:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Aug 2024 17:45:05 GMT
GET H3	200	ads-1899.js Show response s.nitropay.com/	553 KB 175 KB	214ms 48ms	Script text/javascript	2606:4700::6812:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.nitropay.com/ads-1899.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 361495694ae7fa64d44691f124311f2eafb8fd1be192a50f55d6cad036f25b6d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:05 GMT strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip cf-cache-status HIT x-goog-meta-goog-reserved-file-mtime 1724163768 age 6871 x-guploader-uploadid AHxI1nMjPVYg9GkXqtPvKtpp8OIG0w4555ibvlVZ0g2cI03-HU1QmqgQjFeVTlTSKmC1MBtc6A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Tue, 27 Aug 2024 15:50:00 GMT server cloudflare etag W/"3c3a3ff633ce5ca46af732176e14db0d:1724773800000" vary Accept-Encoding x-goog-generation 1724164052906580 content-type text/javascript access-control-allow-origin * x-goog-hash crc32c=Coep9g==, md5=PDo/9jPOXKRq9zIXbhTbDQ== access-control-expose-headers Content-Type cache-control private, max-age=600 x-goog-stored-content-length 561180 cf-ray 8b9ddf93ce3eac87-YYZ expires Wed, 27 Aug 2025 15:50:04 GMT
GET H3	200	app.bbd5c27318bb958132cd8d34c5acdf4d.css duelingnexus.com/static/css/	74 KB 13 KB	45ms 44ms	Stylesheet text/css	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/static/css/app.bbd5c27318bb958132cd8d34c5acdf4d.css Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89731615fdf30f7c80265b14c4da1435697fdfa432ea52af5a18b82a2ec88b29 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:05 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 27 Aug 2024 17:04:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2415 etag W/"66ce0710-127b3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rLZBxi0p1cVcMMTfXJ4eUdPFYJrM5xYCghfzxsSjl6fseiMpuv7HQLr5ZkRjwcWnONYJ8EgeMh%2Bjcw%2B22l6%2BAnVj4K9jnhA0xlMzXPfuCemsxJ9MHZ3Txj1dFNjPCg9Xq4vudsx275n8UjIs%2FTA"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 8b9ddf92cd3fac7e-YYZ alt-svc h3=":443"; ma=86400 expires Tue, 03 Sep 2024 17:04:50 GMT
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	158 KB 52 KB	291ms 76ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 81f1eeb761cb2c935833a5eb28ae036fe15eef941c920c1f03ed2183a1205231 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52962 x-xss-protection 0 server cafe etag 2401771190185023376 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Tue, 27 Aug 2024 17:45:05 GMT
GET H2	200	pub-5258574472184148 Show response fundingchoicesmessages.google.com/i/	206 KB 68 KB	269ms 119ms	Script application/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/pub-5258574472184148?ers=1 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8627a73b54ca4001c7f8c7148de5d445a1f27a31a528f40f540375d89059623c Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vM6fWQjv3klTLOCcTpJe9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:06 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vM6fWQjv3klTLOCcTpJe9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIm2PRwh3b2AROPF1YpKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFkpmdgEl9gAADOTT5B" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	flower.js Show response duelingnexus.com/flower/	64 KB 21 KB	48ms 47ms	Script application/javascript	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/flower/flower.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:06 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 18 Apr 2023 09:33:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 55011 etag W/"643e63d1-10132" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7m7Rm0ba9H6lLz0abg08i2MBo6FkTkwymYHFgZDgNUcCwgA52%2FHBnizdEc7sXdqObhiPLZHRIZBiNsX934ZCCvMMzaE0P%2FWpcLxPKrHFDBMNtrJnE1uIw6h1Z60O0mXq6Z7bRWMPaYVQsZrpZLg"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 8b9ddf949ecfac7e-YYZ alt-svc h3=":443"; ma=86400 expires Tue, 03 Sep 2024 02:28:15 GMT
GET H3	200	manifest.2ae2e69a05c33dfc65f8.js Show response duelingnexus.com/static/js/	799 B 921 B	72ms 71ms	Script application/javascript	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/static/js/manifest.2ae2e69a05c33dfc65f8.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:05 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 26 Aug 2024 23:00:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 55011 etag W/"66cd091d-31f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsWQHEIy9ypcAJh9DsO%2BwJ1oqq9xv3tkQbltgzo%2BXM5jTIW%2BpTNhB59s2WDZz34MS7URz7acllqhBKqDmwoYk%2B2ascycVpy3e3e2lfIfP6mjNYEQRGxr7K05EKGT2p1mBJChU%2FssoVgfhG555D3E"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 8b9ddf92cd41ac7e-YYZ alt-svc h3=":443"; ma=86400 expires Tue, 03 Sep 2024 02:28:14 GMT
GET H3	200	vendor.2a0ad868756d74d2abbe.js Show response duelingnexus.com/static/js/	522 KB 163 KB	72ms 71ms	Script application/javascript	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/static/js/vendor.2a0ad868756d74d2abbe.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d572937aedd1edfe18d7225b8a9c9904616f9fa93f52c45045b3b3f4016bf8f Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:05 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 26 Aug 2024 23:00:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 55011 etag W/"66cd091f-826d9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A6Cgwd6vY8VrhLGYqKPg6Yccw6qZ9eOg12AZ4Nvcb%2FqZ0sNnpcAm%2FNrzPTrv6%2FCmGJZkWhB4pxOqmyi1YsNJi7cQz6CZVGCDvVpBC6E5Fh5nd7r3%2BeVj55o2z9Kfz7eCe9vsGi1k6i%2BFkSqwyFOJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 8b9ddf92cd42ac7e-YYZ alt-svc h3=":443"; ma=86400 expires Tue, 03 Sep 2024 02:28:14 GMT
GET H3	200	app.83a55e3101ab8624ec1f.js Show response duelingnexus.com/static/js/	336 KB 72 KB	179ms 178ms	Script application/javascript	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/static/js/app.83a55e3101ab8624ec1f.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f50c803329b1f8b0aa1ccfb9f464f4df6a4b7c71fc9c2bbb41c9346a78bbbc96 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:05 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 27 Aug 2024 17:04:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2415 etag W/"66ce0727-540eb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmAZcJWmMXB4dWFNqzf6VEuJs2xGXdTGCswBfCiW8u%2BJk2eI22YNkwzYh%2FQO6PpyZ6%2Bm36HWoG%2BTUDDEuxhr1EEOoFWQtqhyamxjj9Dvw3ha%2BbEQOSd7ncFH%2FyuNsnN7fYejGJha4vVkYmpPLNoS"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 8b9ddf92cd43ac7e-YYZ alt-svc h3=":443"; ma=86400 expires Tue, 03 Sep 2024 17:04:50 GMT
GET H3	200	bg.11c92e0.jpg duelingnexus.com/static/img/	269 KB 270 KB	42ms 42ms	Image image/jpeg	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/bg.11c92e0.jpg Requested by Host: duelingnexus.com URL: https://duelingnexus.com/static/css/app.bbd5c27318bb958132cd8d34c5acdf4d.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 343df9db661b3215219600fb7e44943d84e8e5d4bb615e1d34ac86b207b4b1e0 Request headers Referer https://duelingnexus.com/static/css/app.bbd5c27318bb958132cd8d34c5acdf4d.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55011 alt-svc h3=":443"; ma=86400 content-length 275811 last-modified Mon, 26 Aug 2024 23:00:35 GMT server cloudflare etag "66cd0913-43563" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDMPYbvulfcbGEEOUO%2BtNwreTTQX%2BsHMWuBCLe4O2HiNU%2Fez45B%2Fmj7y6b1yZpAMDQNGK2%2Bs7%2FSFNqrWwPduePv9D6PiYvAFkeQKYSoMNuMy1g2lObEtW4B7xpzAVHY%2FvZFDgExIBzetJ3W6rpVt"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddf94aed4ac7e-YYZ expires Tue, 03 Sep 2024 02:28:15 GMT
GET H2	200	wrapper.html Show response wrappers.geoedge.be/	3 KB 4 KB	668ms 54ms	Fetch text/html	2600:9000:247b:4400:2:d490:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wrappers.geoedge.be/wrapper.html Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:4400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers x-amz-version-id SIv.6LiuODikErkt8hGkZr.zJWI3NFp8 date Tue, 27 Aug 2024 10:32:31 GMT via 1.1 3e2f727ea310e2e3b32b1270aac06aea.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 25957 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 3527 last-modified Tue, 19 Dec 2023 13:15:23 GMT server AmazonS3 etag "6a6d57dbabaa297544a761a67d32156f" access-control-allow-methods GET content-type text/html access-control-allow-origin * accept-ranges bytes x-amz-cf-id vQrPylZBdWugm3tSHA9D3ve-4nFEoKS9PXraBiK0wT2FYwNNS6a9PA==
GET H2	200	grumi.js Show response rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 5966	466 KB 156 KB	662ms 58ms	Script text/javascript	2600:9000:2511:5600:4:b37b:9440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a24dbd628c78237acad74febf5f7d3cce56ca897889a902dac38d91617f3e81 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:28:12 GMT content-encoding br via 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront) x-amz-version-id dAcstZTw5tfVcP9eS_gcAIM7c4mZIIwt x-amz-cf-pop JFK50-P6 age 1016 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 27 Aug 2024 17:06:32 GMT server AmazonS3 etag W/"4386023239f94cbe515559c922e2c384" vary accept-encoding content-type text/javascript cache-control public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate timing-allow-origin * x-amz-cf-id UpTbetuNIdqnWxcwpILBZDJJhjd52hd2610sTJ9WU5hwKmpc3HV8AQ==
GET H2	200	tag Show response btloader.com/ Redirect Chain https://btloader.com/tag?o=6278260873756672&upapi=true https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true	102 KB 29 KB	62ms 42ms	Script application/javascript	2606:4700:10::6816:4bd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H2 Server 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac37eb86328329795af06f8a10fb054c9782ba168ab4302ec402ab9183a7c5f2 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google cf-cache-status HIT last-modified Tue, 27 Aug 2024 17:14:51 GMT server cloudflare age 1808 etag "0e27a40befff4a7c8de2c8144515b0f6" vary Origin, Accept-Encoding content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 accept-ranges bytes cf-ray 8b9ddf9d9aa3ab54-YYZ content-length 29630 Redirect headers date Tue, 27 Aug 2024 17:45:07 GMT server cloudflare vary Accept-Encoding content-type text/html location https://btloader.com/tag?o=6278260873756672&v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&upapi=true cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8b9ddf9cda09ab54-YYZ content-length 143 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	grumi-ip.js Show response rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/	15 KB 6 KB	702ms 100ms	Script application/javascript	2600:9000:2511:5600:4:b37b:9440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 469b20e8c4563baef08f32e079c54fc4ec031b9340bc6908b07c13ed416990dd Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:28:13 GMT content-encoding br via 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront) x-amz-version-id 96eJMrLrZnZ_GcLaXVgVsKnsvXKKMe4C last-modified Mon, 05 Aug 2024 08:54:35 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 1015 x-amz-server-side-encryption AES256 etag W/"c1f96a4d4cd34960b4804f32f6d3f6bc" vary accept-encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=14400, stale-while-revalidate=14400, immutable x-amz-cf-id 99_4xh5cGOXdPlCSrmhSF6pMaAHIHnwsm3_BjESz5k83btTdpI6s7g==
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	102 KB 32 KB	69ms 67ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e2d4cf285c4962753c0f248bedece0a15bde1043224782eb89b89f5d85488e35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:06 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32331 x-xss-protection 0 server cafe etag 890 / 19962 / m202408220101 / config-hash: 2041615770137740535 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 27 Aug 2024 17:45:06 GMT
GET H3	200	gpp-8bc1491.min.js Show response s.nitropay.com/	261 KB 49 KB	44ms 43ms	Script application/javascript	2606:4700::6812:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.nitropay.com/gpp-8bc1491.min.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08717869cc163e331b27ce72479a3fc253deb49f6be1ae39830dc91618785b3c Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:06 GMT strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip cf-cache-status HIT age 11707 x-guploader-uploadid AHxI1nMYfqPWRhOmeFUMN5_sa5MvrAFF0EuKBBkXOMs1xsmvmIcailVQB13ppYrvQlhRNNrifBo x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Fri, 02 Aug 2024 15:33:15 GMT server cloudflare etag W/"41e6bd84315f05f9fc6724a1a9870719" vary Accept-Encoding x-goog-generation 1722612795908107 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=89bdww==, md5=Qea9hDFfBfn8ZyShqYcHGQ== access-control-expose-headers Content-Type cache-control public, max-age=604800 x-goog-stored-content-length 267609 cf-ray 8b9ddf993bc8ac87-YYZ expires Tue, 03 Sep 2024 14:29:58 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	321 KB 79 KB	648ms 59ms	Script application/javascript	108.138.115.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.115.149 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-115-149.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash a0026687363fb80fc0b0e04738be2bbf161515460c7da36ecdaa8348c5de0d7f Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:25:07 GMT content-encoding gzip via 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront), 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront) last-modified Tue, 20 Aug 2024 19:39:47 GMT server AmazonS3 x-amz-cf-pop IAD89-C3, JFK50-P3 age 1201 x-amz-server-side-encryption AES256 etag W/"697d5d5cb9eee26a08aec8b885d0213b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id rXu56OQWx3p7PNf-QoJJ2wvCiWzSI5trRf0v5c3oqQB9NFt7zx1_iA==
GET H2	204	1899 tracker.nitropay.com/a/	0 0	690ms 120ms	Fetch	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/a/1899?d=eyJocmVmIjoiaHR0cHM6Ly9kdWVsaW5nbmV4dXMuY29tLyIsInYiOjk4LCJhIjpmYWxzZSwicyI6dHJ1ZSwiYyI6IkNBIiwiciI6IlFDIn0%3D Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	1.gif s.nitropay.com/	42 B 617 B	34ms 33ms	Image image/gif	2606:4700::6812:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.nitropay.com/1.gif?x=1&adslot= Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:06 GMT strict-transport-security max-age=2592000; includeSubDomains cf-cache-status HIT age 11707 x-guploader-uploadid AHxI1nNG3_Qgg8s8_8J1apYFIqelpCl3U0AIz9JsdplljE6zjDKv1U2X8Xz8Ni1VN8wJoMRvB7w x-goog-storage-class MULTI_REGIONAL x-goog-custom-time 1970-01-01T00:00:00Z x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 42 x-goog-meta- last-modified Fri, 22 Jan 2021 08:58:45 GMT server cloudflare etag "d89746888da2d9510b64a9f031eaecd5" vary Accept-Encoding x-goog-generation 1611305925409947 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q== access-control-expose-headers Content-Type cache-control public, max-age=604800 x-goog-stored-content-length 42 accept-ranges bytes cf-ray 8b9ddf995bddac87-YYZ expires Wed, 28 Aug 2024 12:59:35 GMT
GET H3	200	me.php Show response duelingnexus.com/api/	17 B 624 B	44ms 44ms	XHR text/html	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/api/me.php Requested by Host: duelingnexus.com URL: https://duelingnexus.com/static/js/vendor.2a0ad868756d74d2abbe.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03 Request headers Accept application/json, text/plain, */* Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:06 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyalSsMdTcynSQGoaVNvcQ4a9MJnuotM8kpPsxa%2FXvn0mCafyWFH9tvWjPIFdaLlDG7jsRDBPDMSdcHBth7oMhCuXipkpHAqdJvEDbCQVGYPb%2FCzf5V7TEBQAI088Wxb8cIcJsXlHeVGQOPtUd%2B7"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate cf-ray 8b9ddf9a7b1cac7e-YYZ access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	AGSKWxV3Rx2QzIwUoI_HzxBaXVZaU2sB41npk3l9yAl_0SHIz6VIsWYugVem4-OuiWQ_EVn7hJEYmzhH8goVdX4HBLrUQFX4QsNuZG5MqgcKGGOYIAKvapFC0UeQU-u9X_XjTbMvNWrhzg== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	104ms 103ms	Script application/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxV3Rx2QzIwUoI_HzxBaXVZaU2sB41npk3l9yAl_0SHIz6VIsWYugVem4-OuiWQ_EVn7hJEYmzhH8goVdX4HBLrUQFX4QsNuZG5MqgcKGGOYIAKvapFC0UeQU-u9X_XjTbMvNWrhzg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NzgwNzA3LDQ1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2R1ZWxpbmduZXh1cy5jb20vIixudWxsLFtbOCwiS3loNVZkb2hUSjQiXSxbOSwiZW4tVVMiXSxbMjAsIltudWxsLG51bGwsWzMxMDg2MTMxXSxudWxsLDE0XSJdLFsxOSwiMiJdXV0 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0582dd25c1fe8047217b8e2ea5e21c2703687a4dc1278c4791f2f8af5ff4eaaa Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hivWV3x4CvH3nRc7S6qTog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hivWV3x4CvH3nRc7S6qTog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIm2Pxwh3b2AR-nGsxV9JIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxsDAy0zMwiS8wAADDnj4C" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	me.php Show response duelingnexus.com/api/	17 B 591 B	51ms 48ms	XHR text/html	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/api/me.php Requested by Host: duelingnexus.com URL: https://duelingnexus.com/static/js/vendor.2a0ad868756d74d2abbe.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03 Request headers Accept application/json, text/plain, */* Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D0J8EYw3Jc7eoUNMmJY5n%2Fy8cYhUuQ5DV%2FjEAbz%2F%2FoZPuwW5UC6FJLiDFefQRSYEnxz7dLWpAq3FeRmeYrHIAsbRXXBeLGqCFbEmNEqaOM9CAW6mSDPacdmXzMUzvD5SV2UXBLKxxxLeVtpsvJKF"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate cf-ray 8b9ddf9ced20ac7e-YYZ access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/	478 KB 149 KB	46ms 45ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 406684c7ca1393eea9101b9ef119c78b0f7801c267abcb2921c03f132703168f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:23:57 GMT content-encoding br x-content-type-options nosniff age 1270 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 152291 x-xss-protection 0 server cafe etag 9741817496811777231 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 27 Aug 2025 17:23:57 GMT
GET H3	200	additional-consent-providers.csv Show response consent.nitrocnct.com/	116 KB 36 KB	170ms 37ms	XHR text/plain	2606:4700:3035::ac43:c19c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://consent.nitrocnct.com/additional-consent-providers.csv Requested by Host: s.nitropay.com URL: https://s.nitropay.com/gpp-8bc1491.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:c19c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 109311 x-guploader-uploadid ACJd0NpRNgVcV_aoLkWRZEZA4mSkrTuiYRHxJigXi_ODXaqc762XANzw9repDpk_3DBkYbex5TKMcwMQBg x-goog-storage-class STANDARD x-goog-metageneration 4 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Wed, 12 Jul 2023 07:31:30 GMT server cloudflare etag W/"81f96867523b7ea4a2f05a62b9fdf1c7" vary Accept-Encoding x-goog-hash crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw== x-goog-generation 1689147090287559 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqaSj25FofBZOUJkoHeHmpf7Vtu%2FFwoEwl4MSZ6hEiCxLeSz0UeW%2FDCmiY8fLs24RNDUoccZveon%2FSWtdFisuyJEdGESoQDp56gICz%2FnuzDntfcHwf4dKt13h0NViXLV7ldrS%2BQjilNZAZRy4fxPYa2KePA%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain cache-control public, max-age=604800 x-goog-stored-content-length 119221 access-control-expose-headers Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cf-ray 8b9ddf9e4b11aaad-YYZ expires Mon, 02 Sep 2024 10:51:26 GMT
GET H2	204	1899 tracker.nitropay.com/a/	0 0	63ms 60ms	Fetch	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/a/1899?d=eyJocmVmIjoiaHR0cHM6Ly9kdWVsaW5nbmV4dXMuY29tL2xvZ2luIiwidiI6OTgsImEiOmZhbHNlLCJzIjpmYWxzZSwiYyI6IkNBIiwiciI6IlFDIn0%3D Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	200	prebidjs Show response rtb.openx.net/openrtbb/	53 B 222 B	479ms 253ms	Fetch text/plain	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb.openx.net/openrtbb/prebidjs Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software / Resource Hash 62c08c41186649468da1df0cf10e245f848c8d101d48d5b0588b32ef96eee09b Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google observe-browsing-topics ?1 vary Origin x-forwarded-for 166.0.205.70 content-type text/plain access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77
POST H2	200	prebidjs Show response rtb.openx.net/openrtbb/	53 B 222 B	477ms 252ms	Fetch text/plain	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb.openx.net/openrtbb/prebidjs Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software / Resource Hash 3188a091f9e41458c4cf4bf87fbfdb8a8fd728b17e0c49306e5416e7bf4ffa82 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google observe-browsing-topics ?1 vary Origin x-forwarded-for 166.0.205.70 content-type text/plain access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77
GET		trinity.json apex.go.sonobi.com/	0 0
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	186 B 362 B	682ms 204ms	Fetch application/json	69.173.151.96 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 18174a48bc067b50c1c052ba52c0b020e5ac27157f33689f92924ec4c276196e Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-encoding gzip x-prebid pbs-java/3.10.0 observe-browsing-topics ?1 vary origin content-type application/json access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 176 expires 0
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	12 KB 6 KB	428ms 181ms	Fetch application/json	2602:803:c002:200::32 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=546266&zone_id=3402582&size_id=15&alt_size_ids=2%2C55%2C57&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,1469,1,,,&eid_pubcid.org=ac12e589-e16d-4b22-a795-679dbdc8a930%5E1&rf=https%3A%2F%2Fduelingnexus.com%2Flogin&kw=duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards&tg_i.domain=duelingnexus.com&tg_i.page=https%3A%2F%2Fduelingnexus.com%2Flogin&tg_i.name=Dueling%20Nexus&tg_i.cattax=7&tg_i.cat=269%2C271&tg_i.privacypolicy=1&tg_i.pbadslot=%2Flogin%23Login%20-%20Header&tk_flint=pbjs_lite_v8.52.0&x_source.tid=9213a89d-00a2-492a-911b-eadd1ce71385&l_pb_bid_id=9e9198b0b5308a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e8a84b63-6457-40c4-a5be-b41ba5c7883c&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2Flogin%23Login%20-%20Header&m_ch_mobile=%3F0&slots=1&rand=0.6282935786505381 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 54cea5d958b660c0c29d73ba38b6f6881c3ac4ec303e1eda5a9dcb03d5b097b4 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 223 B	403ms 126ms	Fetch	74.119.117.6 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=34209911233&lsavail=1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.6 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT strict-transport-security max-age=31536000; preload; server Kestrel observe-browsing-topics ?1 vary Origin access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true cross-origin-resource-policy cross-origin
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 876 B	453ms 179ms	Fetch application/json	34.120.63.153 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU87559X Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 153.63.120.34.bc.googleusercontent.com Software envoy / Resource Hash 7e1a2e24b6ba7c65818c73b47c3f766ed6bfd974842477ba53be5829319e8363 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model server envoy observe-browsing-topics ?1 content-type application/json;charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 104 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Aug 2024 17:45:07 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	262 B 1 KB	595ms 330ms	Fetch application/json	68.67.160.24 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash c8b51304cf41d285ca6d1e51b37dfadbe62f45645b1fa2d084369237f70c63fe Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:08 GMT an-x-request-uuid 65b269b2-4f36-4fe8-a9f0-17c8f7fd811a server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 166.0.205.70; 166.0.205.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 262 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 58 B	439ms 184ms	Fetch	207.65.37.179 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com date Tue, 27 Aug 2024 17:45:07 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 1 KB	465ms 211ms	Fetch application/json	3.222.148.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.0&referrer=https%3A%2F%2Fduelingnexus.com%2Flogin&tmax=1200&gdpr=false&us_privacy=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-148-106.compute-1.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-encoding gzip accept-ch sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink x-auction-status 15 observe-browsing-topics ?1 vary Accept-Encoding content-type application/json; charset=utf-8 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	465 B 665 B	401ms 150ms	Fetch application/json	34.207.148.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.207.148.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-207-148-119.compute-1.amazonaws.com Software / Resource Hash d307ffd06a309968279cedd1cbd2fe992a11f192dc6e2e6cfe06728e63857294 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip x-openrtb-version 2.5 access-control-allow-credentials true content-length 303 content-type application/json; charset=utf-8
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	838 B 813 B	379ms 128ms	Fetch application/json	34.207.148.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.207.148.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-207-148-119.compute-1.amazonaws.com Software / Resource Hash 2013c70931944483861039393d0346cf01b2c995f55cc1c69705b79ee7f77917 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip x-openrtb-version 2.5 access-control-allow-credentials true content-length 450 content-type application/json; charset=utf-8
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 58 B	368ms 185ms	Fetch	207.65.37.179 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com date Tue, 27 Aug 2024 17:45:07 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	prebidjs Show response rtb.openx.net/openrtbb/	53 B 385 B	272ms 177ms	Fetch text/plain	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb.openx.net/openrtbb/prebidjs Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software / Resource Hash e3aed165e0d7cd1552552419582a536b06a7c24deb83da96bf87e981233d8b93 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google observe-browsing-topics ?1 vary Origin x-forwarded-for 166.0.205.70 content-type text/plain access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	12 KB 6 KB	299ms 168ms	Fetch application/json	2602:803:c002:200::32 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=546266&zone_id=3402582&size_id=15&alt_size_ids=9%2C10&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,1469,1,,,&eid_pubcid.org=ac12e589-e16d-4b22-a795-679dbdc8a930%5E1&rf=https%3A%2F%2Fduelingnexus.com%2Flogin&kw=duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards&tg_i.domain=duelingnexus.com&tg_i.page=https%3A%2F%2Fduelingnexus.com%2Flogin&tg_i.name=Dueling%20Nexus&tg_i.cattax=7&tg_i.cat=269%2C271&tg_i.privacypolicy=1&tg_i.pbadslot=%2Flogin%23Login%20-%20Sidebar&tk_flint=pbjs_lite_v8.52.0&x_source.tid=1eaa565f-8f63-402f-8901-1f4a0079aab8&l_pb_bid_id=3440b219dc276bc&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a5a1c201-2b34-4b49-8e7e-be2121e25047&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2Flogin%23Login%20-%20Sidebar&m_ch_mobile=%3F0&slots=1&rand=0.5436070976508278 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 980715d2f1b23cc4c9ebba12b3c8595d7a12c00d8fd1811feb315176e46539a5 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
GET		trinity.json apex.go.sonobi.com/	0 0
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 1 KB	362ms 187ms	Fetch application/json	3.222.148.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.0&referrer=https%3A%2F%2Fduelingnexus.com%2Flogin&tmax=1200&gdpr=false&us_privacy=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-148-106.compute-1.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-encoding gzip accept-ch sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt observe-browsing-topics ?1 vary Accept-Encoding content-type application/json; charset=utf-8 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	36 KB 14 KB	323ms 150ms	Fetch application/json	34.207.148.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.207.148.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-207-148-119.compute-1.amazonaws.com Software / Resource Hash 92409eb9cc41a2db61760c5558ae06935504c04bd192d9761488627b08c696b7 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip x-openrtb-version 2.5 access-control-allow-credentials true content-length 14351 content-type application/json; charset=utf-8
POST H2	204	cdb Show response bidder.criteo.com/	0 222 B	294ms 121ms	Fetch	74.119.117.6 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=49927298317&lsavail=1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.6 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT strict-transport-security max-age=31536000; preload; server Kestrel observe-browsing-topics ?1 vary Origin access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true cross-origin-resource-policy cross-origin
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	139 B 829 B	300ms 139ms	Fetch application/json	68.67.160.24 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash e6820bad272da38af0d435a02bfea190898be925b270a6c2fdf73036fc3f7ea7 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT an-x-request-uuid 60bf3c12-8ebd-418c-a13a-75e05cb53f05 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 166.0.205.70; 166.0.205.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 139 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 877 B	331ms 178ms	Fetch application/json	34.120.63.153 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU87559X Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 153.63.120.34.bc.googleusercontent.com Software envoy / Resource Hash 6a39fbaa3476a3781f2b6df4eabbdc473f8a8cc87cac5a2a7654d91314224d80 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model server envoy observe-browsing-topics ?1 content-type application/json;charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 100 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Aug 2024 17:45:07 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 222 B	188ms 121ms	Fetch	74.119.117.6 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=17493076322&lsavail=1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.6 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT strict-transport-security max-age=31536000; preload; server Kestrel observe-browsing-topics ?1 vary Origin access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true cross-origin-resource-policy cross-origin
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	322ms 266ms	Fetch application/json	68.67.160.24 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 9ae166d44a3641563bd5566f66ba4adafa774be08c4a32f6c42e88dd1809aff5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:08 GMT an-x-request-uuid 5f843c73-c578-4d4f-80f3-2f6a8fa5e3d7 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 166.0.205.70; 166.0.205.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 145 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebidjs Show response rtb.openx.net/openrtbb/	53 B 222 B	248ms 231ms	Fetch text/plain	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb.openx.net/openrtbb/prebidjs Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software / Resource Hash 6789aa3131924f1404078a9520fa0df31b939991b8ab284d90b3ff459a547ad8 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google observe-browsing-topics ?1 vary Origin x-forwarded-for 166.0.205.70 content-type text/plain access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	12 KB 6 KB	208ms 192ms	Fetch application/json	2602:803:c002:200::32 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=546266&zone_id=3402582&size_id=2&alt_size_ids=43%2C55%2C117&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,1469,1,,,&eid_pubcid.org=ac12e589-e16d-4b22-a795-679dbdc8a930%5E1&rf=https%3A%2F%2Fduelingnexus.com%2Flogin&kw=duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards&tg_i.domain=duelingnexus.com&tg_i.page=https%3A%2F%2Fduelingnexus.com%2Flogin&tg_i.name=Dueling%20Nexus&tg_i.cattax=7&tg_i.cat=269%2C271&tg_i.privacypolicy=1&tg_i.pbadslot=%2Flogin%23Login%20-%20Anchor&tk_flint=pbjs_lite_v8.52.0&x_source.tid=241f81ca-5a95-49b8-aa15-e38b1445cc1d&l_pb_bid_id=54e147dbe145ff3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=70a8140c-41f4-418f-9d01-caf25c72d475&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2Flogin%23Login%20-%20Anchor&m_ch_mobile=%3F0&slots=1&rand=0.25910091148421643 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash dcbd47212b2295393e6f99100424ab8a9c4497af30581290098e2c7b11ae917d Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 1 KB	231ms 170ms	Fetch application/json	3.222.148.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.0&referrer=https%3A%2F%2Fduelingnexus.com%2Flogin&tmax=1200&gdpr=false&us_privacy=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-148-106.compute-1.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-encoding gzip accept-ch sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list observe-browsing-topics ?1 vary Accept-Encoding content-type application/json; charset=utf-8 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	583 B 734 B	233ms 173ms	Fetch application/json	34.207.148.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.207.148.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-207-148-119.compute-1.amazonaws.com Software / Resource Hash dd0b34f6fd20f279b9ecf1e6733cdee1ee3e093177f30037556625d009aaaf14 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip x-openrtb-version 2.5 access-control-allow-credentials true content-length 372 content-type application/json; charset=utf-8
GET		trinity.json apex.go.sonobi.com/	0 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 114 B	231ms 171ms	Fetch	207.65.37.179 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com date Tue, 27 Aug 2024 17:45:07 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 1 KB	191ms 151ms	Fetch application/json	34.120.63.153 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU87559X Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 153.63.120.34.bc.googleusercontent.com Software envoy / Resource Hash cf5c19fe9486bb295023b0c37d6eec8989aa3b57c8c095fe48812fa4a25dadea Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model server envoy observe-browsing-topics ?1 content-type application/json;charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 80 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Aug 2024 17:45:07 GMT
GET H3	200	dn-logo.0468c98.png duelingnexus.com/static/img/	75 KB 76 KB	38ms 37ms	Image image/png	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/dn-logo.0468c98.png Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08d7b2eb512786f4d87b4461a143947ec1172a3996c597dbbe29f9025c8c60f8 Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55011 alt-svc h3=":443"; ma=86400 content-length 77222 last-modified Mon, 26 Aug 2024 23:00:37 GMT server cloudflare etag "66cd0915-12da6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHTPS121izFkMFf3AIIvBPmDF8jKbR0kYZ0sjjM1Q%2FmV3UMRfdsqMyo5dMxrZCxUdnqq3XOEiHRRVuzXK7c2EkiCxxo87zFP8NGmx6qFDLCj3J44h0ri0RYySmUjBpzP7cd9BoRjP1TAYjUDYFil"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddfa0780bac7e-YYZ expires Tue, 03 Sep 2024 02:28:16 GMT
GET DATA	200 OK	truncated /	242 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0f657f7149930b80a2e9dfa01ebb36455284c10c3a41c38105e532c7e44cf7cc Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	513 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e0ed79269501d0d7c7957fecd92e3b6e5abcc95fc03961ff4ff1e4b715be278 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	431 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 83721c8dd66da8b714296b28c8191f39709908ac8622128cf3094bd4dc60030e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	452 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0be7c149d15b33a697dea9323540e822ecc26671eac31bd4e1c62e4f001823e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	achievements.b4c20a5.png duelingnexus.com/static/img/	19 KB 20 KB	45ms 41ms	Image image/png	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/achievements.b4c20a5.png Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 035fcb914af6901ad56c5c5b0c0329aa8a477fe0b0e2f00dd1b6895ee43a266a Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55010 alt-svc h3=":443"; ma=86400 content-length 19647 last-modified Mon, 26 Aug 2024 23:00:33 GMT server cloudflare etag "66cd0911-4cbf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6U5LYcSstJDMoOMcl75iXa21fq%2FFzBBVYJXyEcNRSbAStPV09M7B88H1b3t9oIHzhIkTU%2FoFfzajam1NzDT00rOEJAiQ%2FK50743Jy0n%2BIbXb%2BXZC82x%2By5i9kcwt%2B2%2Fu8ftT61S1oMq2aPe80TsO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddfa0780eac7e-YYZ expires Tue, 03 Sep 2024 02:28:17 GMT
GET H3	200	boutique.1f6cc60.png duelingnexus.com/static/img/	32 KB 32 KB	48ms 45ms	Image image/png	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/boutique.1f6cc60.png Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a920593f52d3dd2c016a6ef35868e05b160dcf828055c7c27236cfbe589db865 Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55010 alt-svc h3=":443"; ma=86400 content-length 32642 last-modified Mon, 26 Aug 2024 23:00:34 GMT server cloudflare etag "66cd0912-7f82" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nc4HG%2Ba9%2F0gNqaRvRIX2WIZW1vUQlxg%2FpCAUZsNPxFjI2JN4OM2A2UZTErA4hM9VsVnMcVzrDt1Oza7Zy2lg5P5yYs9aodNzDcPyU8wXYa6sVPooYltt3hFWMse%2BIG74Y1ATN%2Bay9O91VviFRd7H"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddfa07810ac7e-YYZ expires Tue, 03 Sep 2024 02:28:17 GMT
GET DATA	200 OK	truncated /	749 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4bf953d9ce4d4a2187a7ca21868d72bcba0da3b9ef3bb7a5e1c4568fec59ca6 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2549030c0e4fd5576ce3977e132ce100fac911074c969e2156355b51701a9cec Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	cut-diamond.d357113.png duelingnexus.com/static/img/	23 KB 23 KB	39ms 36ms	Image image/png	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/cut-diamond.d357113.png Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4fcc2438f84a1d95c9714547ab62c8b3369ec31d8a2f6c2b5855ecb4b864a07 Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55010 alt-svc h3=":443"; ma=86400 content-length 23234 last-modified Mon, 26 Aug 2024 23:00:35 GMT server cloudflare etag "66cd0913-5ac2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3ym1WU%2F96CRTnzd4pKRZ2y2L%2BplBECetazW%2F4HbM9oDxUpJraTxQ4U0dIa13%2B7kPhZdQDAcZUvDdOcYFk%2FI0CGfcRbc954seUyYBLTK0yF6qJzlTC4nBLiEoYpFlX%2BD6LFZc6RfWFP5mtOXi%2ByS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddfa07811ac7e-YYZ expires Tue, 03 Sep 2024 02:28:17 GMT
GET DATA	200 OK	truncated /	449 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8f6bc7fdd66052eaa0bbef52dea11e55d1810889527c951de02034039f1994b8 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	discord.1efdcda.png duelingnexus.com/static/img/	14 KB 14 KB	45ms 42ms	Image image/png	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/discord.1efdcda.png Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02f9efc4493765225c062679f7a85d19a662098933f90342b47abe16cf630b15 Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55011 alt-svc h3=":443"; ma=86400 content-length 14040 last-modified Mon, 26 Aug 2024 23:00:37 GMT server cloudflare etag "66cd0915-36d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZV%2FUuPCJt%2F18UIB9Q58nT%2BHXIGnlOyCUJWIw%2BmwaNi95Pz8CU%2F0ixw9FuS3dpOXHX%2FmRnslwoU%2BDVZcaKERHkHVzpe%2FcvN1%2Bj%2FNBRfJFKo%2BOso%2BgwzJE%2BuIfp%2BKHnmon%2FMNKNNxSQlvMYLhtbBl"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddfa07812ac7e-YYZ expires Tue, 03 Sep 2024 02:28:16 GMT
GET DATA	200 OK	truncated /	428 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5477d9115116f380527386a03ab9502acb3714ee75d1cb0ea8ea455a73809693 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	621 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 20835c46dd6b292b1c849464400093081e2428ecf6ac0e5bf864d53dda6e00c3 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 96e0c0acffc783d70814d1b130e78e08dfc59a294184680d13f11f0ab37594d0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	wordpress.5a5e085.png duelingnexus.com/static/img/	32 KB 33 KB	45ms 42ms	Image image/png	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/wordpress.5a5e085.png Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 952ea74b84ac209a68d6ff73696ab8ad9c0f01e8097190d75982d1298be1ee04 Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55009 alt-svc h3=":443"; ma=86400 content-length 33232 last-modified Mon, 26 Aug 2024 23:00:43 GMT server cloudflare etag "66cd091b-81d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Si9ZO2dAszEkiXa3lcj52SjIeUtiwWluxOT9Ev6LP%2FIENxIy4pyh4r0CTwTgjOD%2BAF%2BNbK54uC80U0GkPF4EK4IWXNeDxezX1oup2NioR70iCED9DxuT8SrdX4mkkrqTVGZ2nwGU1cyhgESSMEK%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddfa07814ac7e-YYZ expires Tue, 03 Sep 2024 02:28:17 GMT
GET H3	200	bc.987d4a1.png duelingnexus.com/static/img/	11 KB 11 KB	46ms 44ms	Image image/png	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duelingnexus.com/static/img/bc.987d4a1.png Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 311e201a276b4325631068d72b45e9d9fb9381213aa54ccabfbe0de262afb920 Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55010 alt-svc h3=":443"; ma=86400 content-length 10788 last-modified Mon, 26 Aug 2024 23:00:34 GMT server cloudflare etag "66cd0912-2a24" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBkVzWRmdUK94qkNeOdkZOEIZDKJbr9zRL4jjNHn2JZjPuEVJ6KG0Sf0D5tCciAk%2Fm8E%2FxfvYz0cbLGrOVzKYHINuVInQGffTSEBwZzi1%2FIhUc7m8Klcpl1uNT%2BFqJQy%2Bdjm8ImGMoWvjSsTTMk0"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 8b9ddfa07815ac7e-YYZ expires Tue, 03 Sep 2024 02:28:17 GMT
GET H3	200	close2.svg s.nitropay.com/assets/	305 B 796 B	36ms 35ms	Image image/svg+xml	2606:4700::6812:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.nitropay.com/assets/close2.svg Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip cf-cache-status HIT age 616509 x-guploader-uploadid AHxI1nMc1C-PhZcifrxGGL9yXPp4cSUNv5ZKmoWqWFnz0jxwhaot2xT4dx2ljVNB-xuJ0sEXVs8 x-goog-storage-class MULTI_REGIONAL x-goog-custom-time 1970-01-01T00:00:00Z x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 x-goog-meta- last-modified Wed, 08 Dec 2021 23:38:47 GMT server cloudflare etag W/"ca26e4a931ab434f475491bcab06132b" vary Accept-Encoding x-goog-generation 1639006727668923 content-type image/svg+xml access-control-allow-origin * x-goog-hash crc32c=tLOOxQ==, md5=yibkqTGrQ09HVJG8qwYTKw== access-control-expose-headers Content-Type cache-control public, max-age=31536000 x-goog-stored-content-length 305 cf-ray 8b9ddfa07a68ac87-YYZ expires Wed, 27 Aug 2025 17:45:07 GMT
POST H3	204	flower.nexus duelingnexus.com/flower/	0 521 B	63ms 61ms	Ping text/html	2606:4700:3034::6815:612 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duelingnexus.com/flower/flower.nexus?action_name=Dueling%20Nexus%20-%20Free%20Online%20Game&idsite=1&rec=1&r=496592&h=10&m=45&s=7&url=https%3A%2F%2Fduelingnexus.com%2Flogin&_id=d77784eff7c92eb4&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=KbgDGk&pf_net=135&pf_srv=101&pf_tfr=2&pf_dm1=1354&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: duelingnexus.com URL: https://duelingnexus.com/flower/flower.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:612 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Tue, 27 Aug 2024 17:45:08 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57LmE6W5ztYalGVjxfWOgJMhhH51jmyJB5zsE0X%2F8Rp9e2hkTSaazQCodze%2FaXa%2FdFr3pHf9skmJPqW9aAMW%2B0BxosQACp6CbMvPXndlP%2BxfcuBTP6Pk878JlINLncYvkUl3ipdhZ9hhg%2F7QuUE6"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://duelingnexus.com, * content-type text/html; charset=UTF-8 access-control-allow-credentials true cf-ray 8b9ddfa148cdac7e-YYZ access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range alt-svc h3=":443"; ma=86400
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 58 B	70ms 69ms	Fetch	207.65.37.179 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com date Tue, 27 Aug 2024 17:45:08 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 1 KB	153ms 150ms	Fetch application/json	3.222.148.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.0&referrer=https%3A%2F%2Fduelingnexus.com%2Flogin&tmax=1200&gdpr=false&us_privacy=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-148-106.compute-1.amazonaws.com Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-encoding gzip accept-ch sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink observe-browsing-topics ?1 vary Accept-Encoding content-type application/json; charset=utf-8 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 901 B	306ms 302ms	Fetch application/json	34.120.63.153 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU87559X Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 153.63.120.34.bc.googleusercontent.com Software envoy / Resource Hash 6307368744c6be733daccb63f6b18b081ab5c23a1a069c2337ddba05f0b1e21f Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip via 1.1 google accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model server envoy observe-browsing-topics ?1 content-type application/json;charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 235 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Aug 2024 17:45:08 GMT
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	186 B 210 B	333ms 332ms	Fetch application/json	69.173.151.96 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash de0a3504ff55b4e3424540ca8dc93274c530683606b8b1b1f438023e179e7b3a Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache content-encoding gzip x-prebid pbs-java/3.10.0 observe-browsing-topics ?1 vary origin content-type application/json access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 175 expires 0
POST H2	200	v1 Show response btlr.sharethrough.com/universal/	324 B 586 B	155ms 153ms	Fetch application/json	34.207.148.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.207.148.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-207-148-119.compute-1.amazonaws.com Software / Resource Hash 700463d0da7d1561b5f27a6f9876d5e64a4c8a3b0e87c88ec31f6122be1f1833 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip x-openrtb-version 2.5 access-control-allow-credentials true content-length 224 content-type application/json; charset=utf-8
GET		trinity.json apex.go.sonobi.com/	0 0
POST H2	204	cdb Show response bidder.criteo.com/	0 222 B	143ms 137ms	Fetch	74.119.117.6 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=35542390412&lsavail=1 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.6 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT strict-transport-security max-age=31536000; preload; server Kestrel observe-browsing-topics ?1 vary Origin access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true cross-origin-resource-policy cross-origin
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	199ms 196ms	Fetch application/json	68.67.160.24 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash f2e1ec5c9a9b8d8dd282ee2ea930300815e9a1a7899d74029e601884ec71561f Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:08 GMT an-x-request-uuid 1b27dcb1-2466-4cb3-a22c-01c1b55c1719 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 166.0.205.70; 166.0.205.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 145 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebidjs Show response rtb.openx.net/openrtbb/	53 B 222 B	145ms 140ms	Fetch text/plain	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb.openx.net/openrtbb/prebidjs Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software / Resource Hash 9a74859f524f4c1e54c2d22d3eaf0614259a5ae35020b54b08a9d50cea2c96df Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 google observe-browsing-topics ?1 vary Origin x-forwarded-for 166.0.205.70 content-type text/plain access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77
GET H2	200	grumi.js Show response rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 26E9	466 KB 0	0ms 0ms	Script text/javascript	2600:9000:2511:5600:4:b37b:9440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a24dbd628c78237acad74febf5f7d3cce56ca897889a902dac38d91617f3e81 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:28:12 GMT content-encoding br via 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront) x-amz-version-id dAcstZTw5tfVcP9eS_gcAIM7c4mZIIwt x-amz-cf-pop JFK50-P6 age 1016 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 27 Aug 2024 17:06:32 GMT server AmazonS3 etag W/"4386023239f94cbe515559c922e2c384" vary accept-encoding content-type text/javascript cache-control public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate timing-allow-origin * x-amz-cf-id UpTbetuNIdqnWxcwpILBZDJJhjd52hd2610sTJ9WU5hwKmpc3HV8AQ==
GET H2	200	da657530-03e5-4306-95bc-d4eb370426c9 Show response config.aps.amazon-adsystem.com/configs/	563 B 837 B	315ms 115ms	Script application/javascript	108.138.106.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.106.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-106-108.jfk50.r.cloudfront.net Software CloudFront / Resource Hash 1c73721ff306c814b31f7382bebb10fa78fffe7cb09260f79e1c865148ec61fd Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:43:41 GMT via 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop JFK50-P3 age 87 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 563 x-amz-cf-id HbZ1AmuB0LKFvty-32IZcii_TU9J3SbGqcfGnkbP1yTWRtI1uIlhAA==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	2 KB 3 KB	85ms 82ms	XHR application/json	108.138.115.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fduelingnexus.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.115.149 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-115-149.jfk50.r.cloudfront.net Software Server / Resource Hash 920b790d251ec18c573d8966f2699475b3ecf848fde4bb331d95d5be255b72f6 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 11:48:06 GMT via 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P3 age 21421 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://duelingnexus.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 2349 x-amz-cf-id VOf5ihRr34keWW2m7uezxmZDdNY0nrByfh7EHRhS6wC6KoTMaHB0Cw==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	230 B 553 B	406ms 193ms	XHR text/javascript	18.164.99.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduelingnexus.com%2Flogin&pid=thQ6r39eM1eDp&cb=0&ws=1600x1200&v=24.814.1731&t=1200&slots=%5B%7B%22sd%22%3A%22Login+-+Header%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21nitropay.com%2C1469%2C1%2C%2C%2C&sm=b52910ef-820b-47f5-a118-f67935bfd6bb&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.99.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-99-9.jfk50.r.cloudfront.net Software Server / Resource Hash d6ebd0b608b468b0dab1d2462d8b675f5eef22bb51f41df39f8defff943b7e29 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip via 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true timing-allow-origin * content-length 200 x-amz-cf-id CsM5-SsNBDQOf8EFe4YEF8mkJL2YbG1g9rinvmXH7bi6Sr0Kpxx6XQ==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	230 B 551 B	468ms 272ms	XHR text/javascript	18.164.99.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduelingnexus.com%2Flogin&pid=thQ6r39eM1eDp&cb=1&ws=1600x1200&v=24.814.1731&t=1200&slots=%5B%7B%22sd%22%3A%22Login+-+Sidebar%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21nitropay.com%2C1469%2C1%2C%2C%2C&sm=b52910ef-820b-47f5-a118-f67935bfd6bb&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.99.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-99-9.jfk50.r.cloudfront.net Software Server / Resource Hash ccab2d8d59b302a65dcc0d30c5af0fe2961483ed910ca2a532495cb6c2ced4a0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip via 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true timing-allow-origin * content-length 200 x-amz-cf-id Q3lNbQTedBivLqNQoV_rtPp3NGwo_9iC189o6puENIR4XcvgocENFg==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	230 B 552 B	439ms 271ms	XHR text/javascript	18.164.99.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduelingnexus.com%2Flogin&pid=thQ6r39eM1eDp&cb=2&ws=1600x1200&v=24.814.1731&t=1200&slots=%5B%7B%22sd%22%3A%22Login+-+Anchor%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%2C%22320x100%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21nitropay.com%2C1469%2C1%2C%2C%2C&sm=b52910ef-820b-47f5-a118-f67935bfd6bb&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.99.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-99-9.jfk50.r.cloudfront.net Software Server / Resource Hash 782f799fb21a5f96e364f8a2db08a8219014e8409927ce4f6fe537629dff0755 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:07 GMT content-encoding gzip via 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true timing-allow-origin * content-length 200 x-amz-cf-id 0wZ11lCmfjTMI93Q4WSww_Rv_QkKBxoT7gpRlxaEAwe5Vn1ZFwstZQ==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	230 B 553 B	463ms 313ms	XHR text/javascript	18.164.99.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fduelingnexus.com%2Flogin&pid=thQ6r39eM1eDp&cb=3&ws=1600x1200&v=24.814.1731&t=1200&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22Outstream_Floating%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21nitropay.com%2C1469%2C1%2C%2C%2C&sm=b52910ef-820b-47f5-a118-f67935bfd6bb&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.99.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-99-9.jfk50.r.cloudfront.net Software Server / Resource Hash b713b6b3519d7ce9018ba6e7cd31e170181bd89197b55c6ed2318002d0c1dbf8 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip via 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://duelingnexus.com access-control-allow-credentials true timing-allow-origin * content-length 200 x-amz-cf-id biL8LYEVYIAELr8Dr98VOoiHvBCqwCy3b4OZK8Whs7RW2zJ6z9OGeQ==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	278ms 80ms	XHR application/javascript	108.138.115.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.115.149 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-115-149.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE content-encoding gzip via 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront) date Tue, 27 Aug 2024 17:44:01 GMT x-amz-cf-pop JFK50-P3 age 68 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 29 Feb 2024 02:13:08 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Origin,accept-encoding x-amz-cf-id 1iWSBQ8wv8EuyfDw7_252W1GGC4gn8z4qzv7U3TQOI47NHcrRHm9zQ==
GET H2	200	px.gif ad-delivery.net/	43 B 921 B	138ms 40ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 98223 x-guploader-uploadid ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XLd4XMvXSrzyqt3CIXimcJZkaxEj1%2BnJ6HAzpzCDRIkPbDdoxnCoPAp63nckAgoksZv%2FDEQ6mdeJRN1R%2BDcamBiPTsIQXbeoyO%2FDWxnVqElUaniagF1dax39iQn%2FWpB0huTH%2BZlCLlpfkUTGQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 8b9ddfa50a99aafd-YYZ expires Wed, 28 Aug 2024 17:45:08 GMT
GET H3	200	favicon.ico ad.doubleclick.net/	1 KB 130 B	235ms 54ms	Image image/x-icon	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 20:28:48 GMT content-encoding gzip x-content-type-options nosniff age 76580 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 27 Aug 2024 20:28:48 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 346 B	135ms 40ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.48625452561309035 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 98223 x-guploader-uploadid ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5il%2FA%2BWE%2ByTJikOVAE9dCWLfcrUJfU5C%2F%2FiIB5au4C81R%2F2X0mj73JJ%2FOmVTb15cFZjv3%2BPUeZWIu%2FSGzJHjJdDSgjM18KEd9r0UuQEyCbvgq28eal4DnlYcDQSxfgKP6gwfhQlsyDxYsrcf1w%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 8b9ddfa50a9baafd-YYZ expires Wed, 28 Aug 2024 17:45:08 GMT
GET H2	200	pubcid.min.js Show response secure.cdn.fastclick.net/js/pubcid/latest/	54 KB 17 KB	337ms 79ms	Script application/javascript	23.203.179.38 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-203-179-38.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip last-modified Mon, 23 Jan 2023 19:40:17 GMT server Apache etag "d734-5f2f3919e751f-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=900 accept-ranges bytes content-length 17407 expires Tue, 27 Aug 2024 18:00:08 GMT
GET H2	200	ima.js Show response cdn-ima.33across.com/	16 KB 6 KB	252ms 75ms	Script application/javascript	104.18.35.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ima.33across.com/ima.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b45bdbf750c305208e17ba6044c938c0d147a9c41b5a1082fffa748ff11a5d3 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 06 Aug 2024 14:55:11 GMT server cloudflare age 9426 etag W/"66b2394f-405e" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 8b9ddfa5d9c8aaad-YYZ expires Fri, 30 Aug 2024 17:45:08 GMT
GET H2	200	hadron.js Show response cdn.hadronid.net/	56 KB 12 KB	159ms 38ms	Script application/javascript	2606:4700:10::6816:35ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fduelingnexus.com%2Flogin&ref=&_it=amazon&partner_id=720 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 04 Jun 2024 15:30:02 GMT server cloudflare x-amz-request-id 4GNTEWM5RE8S976C age 84 etag W/"1e77f38a1df1490d4175e3c4878bd150" vary Accept-Encoding content-type application/javascript cache-control public, max-age=432000 cf-ray 8b9ddfa58e4337d0-YYZ x-amz-id-2 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE= expires Sun, 01 Sep 2024 17:45:08 GMT
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	94 KB 28 KB	158ms 43ms	Script text/javascript	2606:4700:10::6816:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d01f00d44818b64b781b4eb83c7be0f9c8c1f8a2b3bc0ae185db7dc9035b678e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status HIT x-amz-request-id HEWKKHZV9PKZK5WZ age 6 x-amz-server-side-encryption AES256 x-amz-id-2 rnw3yHzguGZrJKJezkQHHoMNbdXkefqxfjOnO1QCDjGrc3vYnq/TyA3c7fhJmpmdYONWJK6no9P3lGr1lvfNQQ== last-modified Tue, 27 Aug 2024 11:30:41 GMT server cloudflare etag W/"722e67e376c1708aa99f9a8c7fc3c215" vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 8b9ddfa58b89abae-YYZ expires Tue, 27 Aug 2024 18:45:08 GMT
GET H/1.1	200 OK	iu3 s.amazon-adsystem.com/ Frame 3A35 Redirect Chain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-adMediaV1_snb_n-MediaNet_n-Beeswax_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_3lift_n-Outbrain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-adMediaV1_snb_n-MediaNet_n-Beeswax_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_3lift_n-Outbrai...	0 0	71ms 71ms	Document text/html	52.46.128.147 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-adMediaV1_snb_n-MediaNet_n-Beeswax_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 400 Content-Type text/html;charset=ISO-8859-1 Date Tue, 27 Aug 2024 17:45:09 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid E2WQN6192M036MY3P2GC Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Tue, 27 Aug 2024 17:45:09 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-LoopMe_n-adMediaV1_snb_n-MediaNet_n-Beeswax_cnv_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-baidu_an-db5_3lift_n-Outbrain&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid HATC7ZMSBX16FSYREPGG
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame 8773	0 0	230ms 35ms	Document text/html	2607:f8b0:4006:816::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1878 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 29367 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:13:50 GMT expires Tue, 27 Aug 2024 18:03:50 GMT last-modified Mon, 26 Aug 2024 19:48:13 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	274ms 114ms	Script text/javascript	2620:100:a00b::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 11 Jul 2024 14:14:53 GMT server nginx etag W/"668fe8dd-a6cc" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 28 Aug 2024 17:45:08 GMT
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	43 KB 13 KB	317ms 56ms	Script text/javascript	108.138.128.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-46.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 13:54:11 GMT content-encoding gzip via 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront) last-modified Tue, 20 Aug 2024 18:47:40 GMT server AmazonS3 x-amz-cf-pop JFK50-P4 age 13858 x-amz-server-side-encryption AES256 etag W/"7db46e1255a018ecf02f47b2c19c26c4" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id iE1pd14C_AzXb8KNG_bgFNHegeel1_lY3Un76yV-F2jLwwKJIJUVLQ==
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	262ms 72ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 04:14:45 GMT content-encoding gzip age 653423 x-guploader-uploadid AHxI1nPCiF0l9ab22-46TCb-bofIoxfN8Jj8fvzCPKPVWwoOxM6ZnQH9SGwh9bqFirZ3qEipWoLCsV0eOQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Wed, 20 Aug 2025 04:14:45 GMT
GET H2	200	ob.js Show response cdn-ima.33across.com/	17 KB 7 KB	68ms 60ms	Script application/javascript	104.18.35.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ima.33across.com/ob.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c028be06e7b67ab8124b1e546683f243b82dafb79a4dd026c818c00b4cf86590 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 06 Aug 2024 14:55:17 GMT server cloudflare age 9426 etag W/"66b23955-43fe" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 8b9ddfa609f8aaad-YYZ expires Fri, 30 Aug 2024 17:45:08 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	846 B 434 B	128ms 91ms	Fetch text/plain	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1162538261499504&correlator=2016239407925618&eid=44809527%2C31086135&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A21650353801%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1724780708774&lmt=1724780708&adxs=436&adys=9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduelingnexus.com%2Flogin&vis=1&psz=1120x674&msz=1120x250&fws=4&ohw=1120&td=1&egid=15747&tan=ce9a5508-f64d-423f-b738-2cd560dbfb41&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYnIfEp5kySABSAghkEhsKDDMzYWNyb3NzLmNvbRich8SnmTJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YnIfEp5kySABSAghkEhQKBW9wZW54GJyHxKeZMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724780705697&idt=2759&prev_scp=ncpm%3D0.45%26refresh%3D30%26domain%3Dduelingnexus.com%26hostname%3Dduelingnexus.com%26contax%3D269%2C271&adks=3742366777&frm=20&eoidce=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0b67281153c308954042ea3a376a0045d512218ccc8783509eabf8a3cc710c2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 404 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 95be49c7b1aab4c69e8e902517502010.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37CE	0 0	278ms 53ms	Document text/html	2607:f8b0:4006:80d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://95be49c7b1aab4c69e8e902517502010.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:45:09 GMT expires Tue, 27 Aug 2024 17:45:09 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	publishertag.prebid.144.js Show response static.criteo.net/js/ld/	96 KB 31 KB	218ms 114ms	Script text/javascript	2620:100:a00b::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.144.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-1811e" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 28 Aug 2024 17:45:08 GMT
GET H2	200	country Show response api.btloader.com/	37 B 153 B	293ms 69ms	Fetch application/json	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country?o=6278260873756672 Requested by Host: btloader.com URL: https://btloader.com/tag?o=6278260873756672&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37
GET H2	200	hadron.json Show response id.hadron.ad.gt/v1/	126 B 284 B	53ms 48ms	XHR application/json	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=duelingnexus.com&url=https://duelingnexus.com/login Requested by Host: cdn.hadronid.net URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fduelingnexus.com%2Flogin&ref=&_it=amazon&partner_id=720 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ca5114485aa372b63f9f391fd575609c46447317f17ea5151db79a0a28840c1 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/json Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * access-control-allow-credentials true debug NON-OPTIONS access-control-allow-headers authorization,content-type cf-ray 8b9ddfa7ca18a22e-YYZ
GET H2	204	pv Show response api.btloader.com/	0 128 B	289ms 66ms	XHR text/plain	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=0qWlBqC68&w=5076372666187776&o=6278260873756672&cv=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fduelingnexus.com%2Flogin&sid=dqAaq3kh&pm=true&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=6278260873756672&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-origin * date Tue, 27 Aug 2024 17:45:09 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
OPTIONS H2	200	hadron.json id.hadron.ad.gt/v1/ Frame	0 0	230ms 87ms	Preflight application/json	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=720&sync=0&domain=duelingnexus.com&url=https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://duelingnexus.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-origin * allow POST, OPTIONS, GET cache-control max-age=31536000 public, no-transform cf-cache-status DYNAMIC cf-ray 8b9ddfa73991a22e-YYZ content-length 0 content-type application/json date Tue, 27 Aug 2024 17:45:09 GMT debug OPTIONS block expires Wed, 27 Aug 2025 17:45:09 GMT server cloudflare
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	759 B 361 B	90ms 90ms	Fetch text/plain	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1162538261499504&correlator=2853476446117060&eid=44809527%2C31086135&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A21650353801%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C160x600&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1724780708870&lmt=1724780708&adxs=1256&adys=269&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduelingnexus.com%2Flogin&vis=1&psz=300x462&msz=300x250&fws=4&ohw=1120&td=1&egid=15747&tan=ce9a5508-f64d-423f-b738-2cd560dbfb42&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYnIfEp5kySABSAghkEhsKDDMzYWNyb3NzLmNvbRich8SnmTJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YnIfEp5kySABSAghkEhQKBW9wZW54GJyHxKeZMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724780705697&idt=2759&prev_scp=ncpm%3D0.40%26refresh%3D30%26domain%3Dduelingnexus.com%26hostname%3Dduelingnexus.com%26contax%3D269%2C271&adks=2649942398&frm=20&eoidce=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 55af484579059b928b141d03403dcc986dae15962ef5bdfab0028848b7b63c80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:08 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 331 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	grumi.js Show response rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame C4CF	466 KB 0	0ms 0ms	Script text/javascript	2600:9000:2511:5600:4:b37b:9440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a24dbd628c78237acad74febf5f7d3cce56ca897889a902dac38d91617f3e81 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:28:12 GMT content-encoding br via 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront) x-amz-version-id dAcstZTw5tfVcP9eS_gcAIM7c4mZIIwt x-amz-cf-pop JFK50-P6 age 1016 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 27 Aug 2024 17:06:32 GMT server AmazonS3 etag W/"4386023239f94cbe515559c922e2c384" vary accept-encoding content-type text/javascript cache-control public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate timing-allow-origin * x-amz-cf-id UpTbetuNIdqnWxcwpILBZDJJhjd52hd2610sTJ9WU5hwKmpc3HV8AQ==
GET H3	200	pixel googleads.g.doubleclick.net/xbbe/ Frame E3B3	0 0	376ms 78ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkYguHuhQIwAQ&v=APEucNWMwUHOG4_ENFlA3J0IDmCt4amzNHBroasZ-rN2Exb2JaLuK8gU5z8Tu0OLB6IIAW0jMS8HacUQEE08OkNXMx68rumqsjZR7Entt2YECARBlJhTG88 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:45:09 GMT expires Tue, 27 Aug 2024 17:45:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame C4CF	99 KB 34 KB	64ms 64ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35122 x-xss-protection 0 server cafe etag 2418474175030562626 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 27 Aug 2024 17:45:09 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame C4CF	42 B 63 B	99ms 99ms	Image image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlTvyfzPJ_rn01MQJKJ7fjsdNKzKwjTI4BQdT8lUz3kUSKPZpzOU4D3b2kq6RT-kMmosLdMSyhLXEl6kIv-CZXVKStFEGEz6brBrPYJUJvfn9xEGc Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	251470b8-e372-41ea-ad70-0b685672cbc3 beacon-iad2.rubiconproject.com/beacon/d/ Frame C4CF	43 B 227 B	366ms 74ms	Image image/avif	2602:803:c002:200::64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-iad2.rubiconproject.com/beacon/d/251470b8-e372-41ea-ad70-0b685672cbc3?oo=0&accountId=17374&siteId=546266&zoneId=3402582&sizeId=57&e=6A1E40E384DA563BC582C2BCF5EFB489895112FC1FD2A7BC0FD49F9C8D1D504E0355F930759BA7735979B65487CE258AE9F89206FC79094A7568406C8DC20D5CDAC8A588CB5AA90B77C8C1E8CC906615CA5B2628DA359DF6BE739A6A476A3F9ABFB48ED734521DF69622DDC5AED11DD9318F80A29F7CDB17D5F0FF75FB727F276D2EDA147CFD43AA15A3790E8AD2175F2964724BB00CF28C708E16E5A1950A82C169CD9CE0BC87AA181A98281FFE7376716947FC0DF916B75D802233BD3B12B3 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c002:200::64 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff x-frame-options DENY content-type image/avif cache-control private, max-age=0, no-cache content-length 43 x-xss-protection 1; mode=block expires 01 Jan 1970 10:00:00 GMT
GET H3	204	1899 tracker.nitropay.com/i/	0 0	63ms 63ms	Fetch	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/i/1899?d=eyJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6IkxvZ2luIC0gSGVhZGVyIiwiY3JlYXRpdmVJZCI6IjIyNDk6NTQ5MTcxMzMwIiwiYmlkZGVyIjoicnViaWNvbiIsInRpbWVUb1Jlc3BvbmQiOjEwNDAsImhlaWdodCI6MjUwLCJ3aWR0aCI6OTcwLCJjcG0iOjAuNDUsImhyZWYiOiJodHRwczovL2R1ZWxpbmduZXh1cy5jb20vbG9naW4iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJJZFwiOjM0NTYyMixcIm5ldHdvcmtJZFwiOjIyNDksXCJtZWRpYVR5cGVcIjpcImJhbm5lclwiLFwiYWR2ZXJ0aXNlckRvbWFpbnNcIjpbXCJ3YWxtYXJ0LmNhXCJdfSIsInJlcXVlc3RJZCI6IjAxOTE5NGYwLWZlOGItNzAwMC04ODdhLTkyMGMxNmYxOWEzMyIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzI0NzgwNzA5MTE1LCJmIjoiMWV3ZzdjeSIsInYiOiIzMjIyOTM2In0%3D Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	399 B 163 B	95ms 94ms	Fetch text/plain	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1162538261499504&correlator=1076479850438740&eid=44809527%2C31086135&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=308365556%3A21650353801%2Cnadx&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C320x50%7C320x100&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D6e6def8c0f880c42%3AT%3D1724780708%3ART%3D1724780708%3AS%3DALNI_MZ1HdoZVr4Tocc1FNOVoq4U0vOIJA&gpic=UID%3D00000ed603d41059%3AT%3D1724780708%3ART%3D1724780708%3AS%3DALNI_MYVhz-FCsYvYhtAoOga0g_7y4A1qA&abxe=1&dt=1724780709165&lmt=1724780709&adxs=315&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fduelingnexus.com%2Flogin&vis=1&psz=1600x0&msz=1600x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=15747&tan=ce9a5508-f64d-423f-b738-2cd560dbfb43&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYnIfEp5kySABSAghkEhsKDDMzYWNyb3NzLmNvbRich8SnmTJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YnIfEp5kySABSAghkEhQKBW9wZW54GJyHxKeZMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724780705697&idt=2759&prev_scp=ncpm%3D0.40%26sticky%3Dhorizontal-bottom%26refresh%3D30%26domain%3Dduelingnexus.com%26hostname%3Dduelingnexus.com%26contax%3D269%2C271&adks=1056712999&frm=20&eo_id_str=ID%3Dc1993e618a948436%3AT%3D1724780708%3ART%3D1724780708%3AS%3DAA-AfjajBT6ST2vwl6W4F0pI5QNP Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a334257b326c72d60b10b7d43f06a1d3986864f90a3acb35f121a90754b68a79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	showadcode. Show response fundingchoicesmessages.google.com/f/AGSKWxUCTCJKODEyXF93HpQDHozJ9gcm7AIZBjeZI0cPCK1BTPHzdTV7LjFPLkQ3xX0hxEuj_PD9rv1ssb29gWVwoblzASaJV4f46TNz2IzBXCCop7_ZEkn4bD7XJ7L8h7vhCuwqOtsc1UC0C33RG9ZrG5xwvHafp...	54 B 109 B	73ms 72ms	Script application/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUCTCJKODEyXF93HpQDHozJ9gcm7AIZBjeZI0cPCK1BTPHzdTV7LjFPLkQ3xX0hxEuj_PD9rv1ssb29gWVwoblzASaJV4f46TNz2IzBXCCop7_ZEkn4bD7XJ7L8h7vhCuwqOtsc1UC0C33RG9ZrG5xwvHafpsW2RFAIJIRO7HIK6-ahvT8sqdGYhPqY/_/relatedads.-ad0._rightad1.,160x600;/showadcode. Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 480028c01a2e247000f41b6acddd23acf29941ddb5c725444ba80147d87bd404 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3sJVmJzVuX9Yi4d7K4P2kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3sJVmJzVuX9Yi4d7K4P2kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIm2Ppwh3b2AQuzJ-crqSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFkpmdgEl9gAADEYj31" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_companion_ad.js Show response pagead2.googlesyndication.com/pagead/	49 KB 18 KB	39ms 39ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 48a499debfbc0b377dc24cd452385432a81e5ddbbb81d2b69055b67b9b30f76b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:21:40 GMT content-encoding br x-content-type-options nosniff age 1409 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18558 x-xss-protection 0 server cafe etag 7178164194245631651 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Tue, 27 Aug 2024 18:21:40 GMT
POST H3	204	AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Show response fundingchoicesmessages.google.com/el/	0 28 B	221ms 66ms	XHR text/html	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Kyh5VdohTJ4.es5.O/am=UDA/d=1/rs=AJlcJMwV693qt8MavvUt6QxzR_8-3HZkqA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mA2VnWEH8wBkjaS-Oi6FmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mA2VnWEH8wBkjaS-Oi6FmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDiWLtyxjU3gxaKrGxmVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGZnoFZfIEBAGWLLkU" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	grumi.js Show response rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 1C57	466 KB 0	0ms 0ms	Script text/javascript	2600:9000:2511:5600:4:b37b:9440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a24dbd628c78237acad74febf5f7d3cce56ca897889a902dac38d91617f3e81 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:28:12 GMT content-encoding br via 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront) x-amz-version-id dAcstZTw5tfVcP9eS_gcAIM7c4mZIIwt x-amz-cf-pop JFK50-P6 age 1016 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 27 Aug 2024 17:06:32 GMT server AmazonS3 etag W/"4386023239f94cbe515559c922e2c384" vary accept-encoding content-type text/javascript cache-control public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate timing-allow-origin * x-amz-cf-id UpTbetuNIdqnWxcwpILBZDJJhjd52hd2610sTJ9WU5hwKmpc3HV8AQ==
GET H3	200	pixel googleads.g.doubleclick.net/xbbe/ Frame E399	0 0	236ms 87ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CEIi98fwEGI_U3JUCMAE&v=APEucNXbSbf9RYN_egIn3iFiAH5HYlk6P1GruUXB7qWnxg2OaW-aOzIIMbhItmcZRfG56w7lKNLLj0O_Wd1DeSuUz4-E1rK10wO7KBIXCwuWMoX9Ok_IvKI Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:45:09 GMT expires Tue, 27 Aug 2024 17:45:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1C57	99 KB 0	3ms 3ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35122 x-xss-protection 0 server cafe etag 2418474175030562626 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 27 Aug 2024 17:45:09 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1C57	42 B 63 B	105ms 104ms	Image image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bz-ksTeBTk8uDOFF-EZj3xbO9F5cyxYEBjHXgcDBjkRzzoArIpdRJuylqMeBdK_x42fW8oDU64fwyA-E6lhoD8Z-FhDJ7D2wJSrWYwi_U9KYWqLI0 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	b1a4987d-87df-4bb2-890d-feeb76681fcc beacon-iad2.rubiconproject.com/beacon/d/ Frame 1C57	43 B 75 B	207ms 74ms	Image image/avif	2602:803:c002:200::64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-iad2.rubiconproject.com/beacon/d/b1a4987d-87df-4bb2-890d-feeb76681fcc?oo=0&accountId=17374&siteId=546266&zoneId=3402582&sizeId=10&e=6A1E40E384DA563BBE8E9AAB57C68C4CFE9BB12A877F762FBBFBB1BAE2B9EBE950AA6EFEDFEB2DEF42875510341DA1C09D0AD62DCF3BCF2DC98D0367DC3A84495D2DA8B4AB8C3259A971D7101D70D91FBBF9E1E62517FD8086DE6AD79704A5E24F47D5DAF724E66E7865DEC6CF52D79B43F8636A77BACDB417D35FF87734846139C80475A490F8C233433FD942D77444A8EAA8E613C86F10CFE9EF88C6AE76ABAE701188BD35A6468979CF48E71A0E17E5A7D56FE7B8C7D2CDA10306204D320B Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c002:200::64 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff x-frame-options DENY content-type image/avif cache-control private, max-age=0, no-cache content-length 43 x-xss-protection 1; mode=block expires 01 Jan 1970 10:00:00 GMT
GET H3	204	1899 tracker.nitropay.com/i/	0 0	62ms 61ms	Fetch	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/i/1899?d=eyJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6IkxvZ2luIC0gU2lkZWJhciIsImNyZWF0aXZlSWQiOiIyMjQ5OjU4MjQyOTE5OSIsImJpZGRlciI6InJ1Ymljb24iLCJ0aW1lVG9SZXNwb25kIjo5MTMsImhlaWdodCI6NjAwLCJ3aWR0aCI6MzAwLCJjcG0iOjAuMzcsImhyZWYiOiJodHRwczovL2R1ZWxpbmduZXh1cy5jb20vbG9naW4iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJJZFwiOjI4MjYwLFwibmV0d29ya0lkXCI6MjI0OSxcIm1lZGlhVHlwZVwiOlwiYmFubmVyXCIsXCJhZHZlcnRpc2VyRG9tYWluc1wiOltcImV4cGVkaWEuY29tXCJdfSIsInJlcXVlc3RJZCI6IjAxOTE5NGYwLWZmM2EtNzAwMC1iZGRiLWI4ZTY5MzIwMTI3YyIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzI0NzgwNzA5MjYyLCJmIjoiMWV3ZzdjeSIsInYiOiIzMjIyOTM2In0%3D Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	720 Show response a.ad.gt/api/v1/u/matches/	13 KB 4 KB	240ms 31ms	Script application/javascript	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.ad.gt/api/v1/u/matches/720?_it=amazon Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd7acd38480051dcae6093257e60b98e67d12595b880d23e82a296096177f1dc Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 27 Aug 2024 17:38:44 GMT server cloudflare age 220 vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cross-origin-resource-policy cross-origin cf-ray 8b9ddfaa5e2736d0-YYZ
GET H3	204	1899 tracker.nitropay.com/i/	0 0	69ms 68ms	Fetch	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/i/1899?d=eyJhdWYiOiJmbG9hdGluZyIsImFkVW5pdENvZGUiOiJMb2dpbiAtIEZsb2F0aW5nIFZpZGVvIFBsYXllciIsImJpZGRlciI6ImJsYW5rIiwiaGVpZ2h0IjowLCJ3aWR0aCI6MCwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vZHVlbGluZ25leHVzLmNvbS9sb2dpbiIsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMTkxOTRmMC1mZmVkLTcwMDAtYjAwOC01MDE4Y2ZlNzZhNWIiLCJ0aW1lVG9SZXNwb25kIjowLCJjIjoiQ0EiLCJyIjoiUUMiLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcyNDc4MDcwOTI4MywiZiI6IjFld2c3Y3kiLCJ2IjoiMzIyMjkzNiJ9 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C4CF	0 20 B	108ms 107ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=521523436713&version=m202406030101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C4CF	0 20 B	106ms 105ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=521523436713&version=m202406030101&ct=76&x=8&cor=5674844647405089000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame C4CF	128 KB 43 KB	342ms 196ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVvfMcB19jgNgGUE2YPEGA5nAz8w65E5eSzyyhYYUbYP51ql2rcahakKcxQPNnvvL16N1Ok3aagqdAbj51K3BsU8_6iuVGSzbGNAhHVOtBT7qyWOrpG9OR9M7qeMXKdva7OpDROVP8cEHsGOAHso_lV6qmsNwxSVhPGp0L8-1vboZCf52UHxNKgPdRLFRSslBaiRC8DVJeZm6kmN_T1yx5uaNHbmc2UP-oNlCc2Ke50UJUH_Y&dbm_d=AKAmf-AchqBvUeNH5ekWG81Cf0lVRTyDdamuucrTT7GL-hjUgH38DOVXs-uK4LFlAenXOE0SY6XzMNEnlT77Fi0DBtMe9ryQsCV9jT7U888MAfn3v6eXq-VdKCQH82CTQP_GFn1n-LjFAglk6z65hjGd6SnXJUVIX9QxYhjrrlt_EtfbC6QRmlfJ1YX24pjafUlJJIyjMCmjmLxXZZ6d-0I7cTZenwBjaQbJj_CeVDIqBd-xi3V53WbX3C4WQcMFknajnF7d6GtQiayKiKoG0lhsQDn97aglm7XiRjXEQiGSjmhClPQhAtk_1CQvsWcT9bsKSFMnBEaIoHf69oWxo1nK5bF3xKFgPPGxzRxam1KT3-NILn81hxav5S-VZKlGoiEE2P-6rlE9yvh1RfsRU6hsk3fA3pUr2YGOFQ89SLFvK9SwglW8ayKNfQub7-xdtw29zHWGJuzm2BTzoAj739D_LIXB99GOBtsPmkylYvT9_-pV_ipbVnxv1_EIHViwIg-MAzHr7yZtkXBqyk4TiIDBnRUxj0eQD9NrE3n15-Z6kjuMx9Yk6pDck9vP_58Ite-MU0CsMSh6QYqHm5ahdq72HTLEdnplazPdqK_CRNS5DqqlM9YB5oq_irdDKi8cNRQMXD-xVPCUrRSf6BnZlkaLPirGbL_ZnMpzf0hrBWnXmmy-h1_UBZqTJp4WG8bA4u8IYMZhcWMswjJnsxreYQjGsfDk-VOya21nXk07dRvDcs1WRVE-EKP1HqiySCY0WXmx07xCTfZq_DISSH5hBcz6r-IIOW0UcLSPtnfsDF7nBa8qHC9c-PRPM-zcUw28zCkXNRZVX-OUrAhKAuGmiFBv90Crf053aj1ThsvAT1dNFA5PEViY-6FhDz8DkzqwFEEy-7mzuM33CScbHudBZs8q_7fkx87glhrcHdjN-NCX6ECOUTWqr3JcmcIiTH5BzT4Uut3YfwYEi7BZXbY005K0U4kAXUYdcRStOaEmXYwd7ozUdV2crUD_0FYRKpr8sQDQHWgzFs_cRW4I0OCRkH7cAXaUHNkveEqcvG9-Xc2IglrebWsgjkVGWS-MsTkmSzSuLsAXRwTA4PZMLNxMp0b_5q_2qTAuH5LD3VZlKLu5hERwnvuJVO8hNbanMcH_JioQ2lfh7kbHifORuDZNrabuoNINsA-g0Y-EkXKpCJ3oLH70Hw_-XAdXi3v-9i1a69JF45y7qElQP_vm6SwlVRCzvHibi5uNVaUENpRhz0Eo4i_t4b_u6K1px4C3XG1LjPS1E3SOuxZG88pXY1f82cRajDyJd2Hv7znP4NGEfOwUzVKzKBZ6t3iC6fMs3tnSDTaoAFMMT6Z2gXTwoEpRCnsitNA-fInVQa4lCv-fiMYpNKlmFVtynZPawjh1iyd2CO54JiUs79HqoLWIweAFEXOlurhEzd5XauEXxMa3l_p1xD4KPsPKb7k3mju8d7E4kJcGtezLg4lcyLPLTM-oaj1ZxQ3FPoJzBGljxtfq-6CAEFl6ip1E72bQgOGUrsl2vw8NGduuMJo9BrGMkcC_lKZ64hvDAud5oydwvqZVNobLt8fMs-K-3Dci6O03Zr1XzMWDhoimLOekN66xoZ2YRHQPjgPlZA65Ayb2vlqdRRnDANJ0FmHGcnqPaK4VuZvJIbpT1IBZ44LXVhBzA0YiyMqkaocekddWs-ko3avAxCykxt2zQ92aB8AdIXdQ01ne-NyzYn3z6i6JL5wV0XvWD0CUz8xuMSQR3L9dTD-ZNddWI9JR9UB_6dansOMxyUVX3fbBLBhK5D7gNqq6JPf6a5sRuqAoNkKTCpm7ZujumowfmWSmPi4e9gfdsa8C6QTo9mHeoRA1BBeHTGf3xWtgGHy0I3gTR41Tb1luL1vvu1GxEmEysMVX6wvMymqhIUyRHzUVj_G2kDO57UyU08C_oSxFaVbNxiVUklggtfKKB-UY5b6hkG_UHiGiYsCSevICZjT8ci0CzqfyU0A9Cu-6Pek4_ULCFNEAUhuvAK6mQUxoHj1O_ooRdPtN18TL8NgUr1MdZstKM2Pd_e46gg9BBLwPVCZ_aqhuHP3sY5gLM_z41eh_oCva3ebVLPCzuWe6cd3ab81MjFNKARHnc6qdpQAfkTcKSQ4XqpIkV-pmJHOBBGNZvBRCzmKZ4TWL1zTqv3SHs_7ZCmLu6ZO4lz5vzJSfeWDZA0ASYC87DcMrfCUcFH4MJxhJfdYXBUypeHzDx_30_dL3NCla1ey5fiyD9RLJsRVK7mq0wlEpGSIY1OkGQJB48G-c-vODUeSE1fYghA5cUhT0nKJqlaysdpIS86moD5whbwyw_6FPQWnfBfeSwGoQMLiCte3ayRgbynm2Z1f5imFTBZRZJ8aW_QYmUeqvkDV0HI0BaFYOnxT8L8gwhsdkrfXnmmsR7Ke9PNU-BEmDEHMsgKJuHQslT195xjkaHhZc6L3cXmMkf7JCEdU1v7iWeO9kx377TvgaS6qMcyWCuN5bLmZ7Cjsy6fUXVju4DdNA40kblvuwJDvbbxOX-J_89R7bur4PcM6bS-xwu0fvtj2NFE7hdF5GkwBzheuQGmPtUPMU35lrmfvyS1UhxNmoXmLy5e4v27iCmcUto3MOfM7TyYmz1RRcsDdmYZLqWWhw-xo0_aeHg2HpIeuEVgDAQHmVgkdpPjA8RizVZQmXUHWp0njBgQmQwGU6hCF9BbRKhuv7Hsf1GSK8Vejhf6SEKZaXn0PFJXAHayWOQcTlqb28Jv7fwdQYTbd8d-UOLD62lkdebAiiyXPAVq7_S0nvDs2X0sheV_OpaByhW5Hg7mvuiGd5W_tMhzbHr2Lk07Ac5b9VqsAYR_CS4I-muiVITXkdtMaxoZrp0x3tdp0kzYVgq223FYZek3SbQwmKuo_dodQShYVeI9Mzyw3V2JDFNRIhl_vE1PpCoIBEiSh8kgpVV0i63cSg45EfvlYVznookUh9NAJ58USEwgpDX7ktm7VnpjEN_CCXGXQB3HKF4pnn2zwVsiPF_MvHS1YmIiVFYPqxaVvjt9rafXfWigh_1s1zu07E2ro4R0yjJGzwBux_COCCrTyf0LhSkVwQH-Qk1sUllKlIFduxXCkdyFYRngPlXudHmspL859jbBt4k8AeMTFYt8p0az-sdbJ3zkwuFDqSS9qp4sD6qPq_DpNjQObR_26C3G3k2qvtpj7pMIeEEvUC9-9QAgimryJAIJxNhnlW1vtvhQV3BMHKZ-sJap_w46SoHl0xdb2--qThGwWueDD3MUpgsHhkds_kAEqqxEn0jfeChv4-ps8tfiojIBqd2Btg54pc2XeZ4q2szxccb__22UmDa2tkkSSgwpR7RYe220Fx5Bb2o2lF9BSBQkDLKXS8Z4jB1NKJ0LdBl8fI0WzE5HTuNy5JUQKHJN3U9eu8vDCxqYFDD-pWMGmVnmUDRzWNR-AiImn8C9bWR7WgT1DU-HFw2NbiTFZpFcJhEYrGP9SBbrbZUy7xRlpgWeaoq1VBfgNm09Qp-z9M1g1S172eJIxl5EVcVBYeWcviPA7ipeUBAjkdlGpjnDsRTaMEizGHvvf4drXNPPmdqJ07iIU-2FX-XCKgitK9RyuXItjSnVStZaCVDkVlhbX5kXcJuH4Nrwsyi6ngndvQrLhKTi8KU5Za2eHHbalJIPz2ewk-r8eoIKQ0QdbrN_HGnP8X1Gq_tuUJCabd_fjaUBXuVWO9ChABmBIU9aVfqLz4WD_O7V2MS5Vo6CbWpgkzVZL4aN7L5lXuolJa3Qm1dT8DxqMJijI-XiBergo1vtqn6t2BMQ&pr=8%3A57C4A44A7D225F82&cid=CAQSMgDpaXnf_dvvU7UGRuBOa8dJXF_ymU3kVyvzU-7clFjSScIDA07zpJyNZafNjO_MI4b0GAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fduelingnexus.com%2Flogin&ds=l&xdt=0&iif=1&cor=5674844647405089000&adk=1640775177&idt=80&cac=0&dtd=114 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4a00066571660a8655d9980c8dcf082f06863c306180c64129d086fdc888652 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43937 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	map Show response bcp.crwdcntrl.net/6/	156 B 615 B	443ms 116ms	XHR application/json	54.242.143.54 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.242.143.54 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-242-143-54.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash fd6806b6d237cfe332d1df9a8003a4912ae31a7a1bb417e2f20ec226f19633eb Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://duelingnexus.com cache-control no-cache x-server 10.40.55.50 access-control-allow-credentials true content-length 156 expires 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1C57	0 20 B	105ms 105ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6667291117958&version=m202406030101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1C57	0 20 B	101ms 100ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6667291117958&version=m202406030101&ct=76&x=8&cor=12447002118876422000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1C57	84 KB 39 KB	146ms 105ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-v2kRUae3aYBbuuyt77lXGPwlkouC_5D4bUKQBoA7swcnXh0c8Rhtg9pv2dmbiUGu1KPmklxpC6wNf1EjTL9tIWcnWt6IcbHhZ81UF-PhoqoAnNxpRtIHIf5rzJEw_Wz_oGZERcbtIuPzuO_aiPxKLnJipHcitjU2BVKF-ZyXIt8NvUr4sh-OA6VAP6IF8j86KduJJD3Wzlv_PWwpiyPTT_kWjdd-Nu27o_Aq8EfztMJqT8g&dbm_d=AKAmf-BvfwMBXuJYijcebl_Jcpv9wVH3dxA9BMC20TO9b_MAwoeP9cgurqyLcMFHymM7my7K477Za4kTbgDDvdPMoyv3cE-zEgEN9iNe6a1s2ph0BIg6iZUsiNPScSdfGn5XxrSUas3XJ0T4wUcJL0PX-UBozW9h67HwZ2SAusrAI1-aloQq48VptT_cHRu2P6alRnF8kWslOr3joSdsndqwxndJpN7vh_t8mFzOdUuwwReAyIfvC-PLbcfZRsEkHtr36w-SudIRCVtDtMsCpyFMEnAey5Jg7mulbZ6zLmazYu0kJa6vF7NucLhOESzSe0O9bVyin2_TFjCpm5z1xV-IzTG9-4ZM3nZI7zxruxfTORZp_-g3Thd04-KQ-UIZOcXDyzpLdAIsY8wIY5OLy06cweFcbH2yl7ISuN6suL9QBsZsKaD6BITgLT1RzNfgHJOzL2RmWdrGnflLT_bsZB4JXv9R4TOYCi4jXmOY4riBa3fyO-lAVCOs0cf7EQCRiaHDko9jE5j5wrvHKmXnOQQsETem7mfDAp12ivXYpMyG8-kVw22oenfOm1hA8mHUe6vj2b5Vgnh3BygYdETVEZNS-cF2YXGDi6GmIRA304G0AUJ5b-CjURnYcJuO0H41V-XiAfFu_Q0wBHBzYMCvnfdZRIaRYoH117XOgcTl8e7U9Ho-_s29mPmVridK3a_9fW5KEqdNiYR4F6vdeksFHjdo5J2XVAXENp2KcCGTzhUFB1MwA-Y7fD9yhrNiVzQMHzOyDRH8OnzxTich91frFpnsKaCZujG9HU8NXgG7ompxLMgIPA9fMDV57Fbi1q9NgejsfRqxpPzskU7HemQRcgGGt0lCNAM-RLJs44Lahd87VsYIEXX7N-UaBDA_rKD3Kx_GxHY-m-ehaDQgFMuha0Zv4gXUr-MDhkjmaPtI7LbqFuNmmau39Nl4EUK5_D2OjS9KASxzCe-Ew5XQt_7wwztX-u69wZo9-v-v46y3SUeffEk2cl-mkQZRNulu89ACpvZV-jW8fiA5-Qr6YQxPlZzd1Z44ghANe4GACTDFRz82kFyeXehvIKU_5qeQoGhVgHE2kFlYABuvZSa8R6-6Z82wNLfxSO8_P-uzOTVBESuucwBydx3JMj04dYrYuTJHNCQ2KilOs-5jblb-c10xnBNMN745H7Kaw8UrJXd7Rp3GZrSSRvBoQZsPemWAFF4f-BBVCsMGR_NzmtpKKoHIBavo2QKjqsF_QFRRhwHkbHdpmdI871aTwNT7nQGsZFNkgueYWneLSCcBYjdXx6neiJWnc7nW65Cng5fXMjbklFWGgT7TnBv_lhu_Zg2RO_gF5WmT8izLWSejoZ9BoY3qjrSdERbd7YuPCTIMZ0zOh_fbCwzNnpXyduU_eNj5cBgNBd5sc7R2N9-LtKoFrG_I51b9a85oDUdiCKfC8CMMVsrpF6XCCCqdgHgsvMKHW4665k3BuAo1Vwx4mb1Fkxrdu52fvUFC4-aDOn3fQc33x7u2OZy3WDTKkhzF3kCih6WvMGS9z8JRFgunB2VpJAdpKCDtSMpQFuSpihTAgOalWdfpul_1YAGU4fHfcOzOVkd1REXNGLuJJYAKMwl41BgBkdXSCXd3zED8MovIuFMRcm5gvVBnobJC9dFHDrIvKxpISgQ1wmf1QZ5r7qKINTA--K4BA1Qa6QcyC5ExVjEdTTHT2m0IK3cVCnCYHAUBB0LqomjaCv3Wpf0tcsg-0IKjpT04ihk4EIJaj-h6G3mPnhrovB_D__s2qx2Q2cLudyhKMEwMxOErEhjHNbhWBPANqKJS9rpyTlOLZnFPCf_7WFWs6xBeW1ZNQtLm-3plba7XxwoshlQWvnqKxZpsqdsMdvxtbvKUnFEmDVEYsQEw2keEH40_WdsTToMskm57LlY07NF_aKVddYVzmThftypoENKMdMqBMy721QKqYZ9ckMmFazPzp2nfFBRVey0UG8ukuT4R0t7dPVjhy9Q12fBvc4WjnF9XAiwuFv2kpC07ayVBvcBC6WNp68kMWsWy3hTrlz5EVvcRzKWhX9EPvJvQVd_2IOuKOmk2umJYdFA4iSckVqsKl9qVgwHnAeycI1W7qhXFmX0-x2xbGIyETUkCBpNBEKh5XFysLLHCQtQatEryxIOSzecib7vP-qQRQB1ZwuIox16u8yeJujIikYkuh-7POK6GPlbpC1tUFn0OI7zNH_tncAmr_f_ZZINGWDvNIHA6HT8pAawdhJf6qqMcVVTFtIfZEvFZnpvf7myjqXNMc5vGREqlMtYh_SGOSo92ua4NN_MsnKz9HYYV-rh0DHEdXudGwoIrekbmzW5X1uMiE5rJAEA4W_71AxAFVhS8GqkgWVv3ioymGvn7bBwg94CFYFvl-ppWUF2TmxRI1zPqJ9h29MQgKJEhR-kOBbD_fZRF0bLopNO3WEgP7_uxR-u0vTi0zjW0hUaX-RT4xONfJ1awZ-82nbyAPFS7_AbJBzjmT4WhkEe_Ln0ywxJORHrE1mPXicaqXT8lce7IhWZpra0yFMvQIUsHgdEqTpdR6iWrQFdB2dJWmTLreEQeebPY8sOpRRuugkiUAoRg-ZoY_easizsAeBNXVLcOf38PdKDgQMEeMnLIALzDRA6_O4r7pnpLnUjIb0X9tn1vlFxvsdI0vggvKLbZGviifK7O1I-6eUGGEyctJadXUOU7fUOzJtMIFJJJKXxd1ceDldqUhbeedFlz0Tm3NY8Dk5fjMJZApKPLWXrEFO3UqF858i8JYRWoDBFXW6iqm47CrctD1icavPQhwMM0fcXsZ8Gg9SOTk3P6MaWWENvcgEJDlOYlx4rtn0WguJ-lG6fuY_fHGHkX3NsCTXjjT8TNrCfZL76deByC-WjFCVhh-uWgRMAiM8pRKz6z5eW4cKuAALZRtuBLq99yNpdgs6xdVZZQDSizLKodftfSAcgVVmGBp8skxdpTEE3nYqrdaHVWKzWGAN0hQ8aqD1I8BRWJ0IjCRDHAE7nWqF4s9FFzEH3_y7kiMYv7UbsRVzeqlJkPPVki0qmnR8CXz8Ey6-irRcuIqO9VmVXaFRZrvPr4r5b0ZrkvgR-GqdiwMoThuqR58ivgOoRCm2m67iHXttg8vhbDg0tsbbR4FgF35AIUVFwMC0Qi5WLixrPX5eQT8aPlmuQzgT0dii2SXMXsQX4gJt3vZTuMwFEfP4DapcglBmb_zJG56OJM-dIUogldH-vSMVt5ZWOPUJSyCJ4ONwEVE_SOP95OUtYGOuL7f4dKgutJgqqKfoQ6Wbdxb4hEhbo5-47V8eKoVTfuwRHrMReAYo3nh6Y99PubOMeMMPNbEWLNSoUFg327eyQ7AuzI9tKKllZgIg4Q03iPGQuWjkrU7y8RocWf6BZE76_bmxl0JCq-YguCz1uY5ij0sQRW1uZRiMpCHVJbkNCLchkdD0XQWB3DzOA0Fg-dOXvBTom7JmcZAXVkSK_jWj0GRS3AVQCgFOxGukxJDHZTk8qWgqpC-GM_H5mN2OeOyYcIb21zYSfvJVLFZ6aaU6g9BdVNB6ZTrk0ihqJ-cCVRgeXwvZT8ezTIU6jSTajbFsWo2-P44kqTGyGO6LhopLkf5q8Hurw-Q5PGECAvTMnlyadW05O59iqQ7fFaM1OSTZc31igrh6oOqXlyGMoUr2NlTgldCDGE0q7hjtOYUZntEFLE7otZls29kPqOuwVMghwOJOMekuBTjMOpEJy1ALihxFT1Uyb0YR8SFrtz4CN_Lsk&pr=8%3A0AB75D3B9199B6EE&cid=CAQSMgDpaXnfSg3A3HMC3zE_aSeWNnLC6EotH_B9_YQDrBydcguJv6pcRJrhzSn3N5NyvHHcGAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fduelingnexus.com%2Flogin&ds=l&xdt=0&iif=1&cor=12447002118876422000&adk=4245699638&idt=7&cac=1&dtd=41 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 52231b0aa89de311e27751263dfa1f07caf35fdaa9c4d35fac7f2a5fd5f9e8fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39841 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Show response fundingchoicesmessages.google.com/el/	0 28 B	71ms 64ms	XHR text/html	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Kyh5VdohTJ4.es5.O/am=UDA/d=1/rs=AJlcJMwV693qt8MavvUt6QxzR_8-3HZkqA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GzukDirlKIQ8vpinmgWMfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GzukDirlKIQ8vpinmgWMfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDiWLtyxjU3gQMv-xUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshMz8AsvsAAAEEgLc8" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	grumi.js Show response rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 69B1	466 KB 0	0ms 0ms	Script text/javascript	2600:9000:2511:5600:4:b37b:9440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Requested by Host: duelingnexus.com URL: https://duelingnexus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:5600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a24dbd628c78237acad74febf5f7d3cce56ca897889a902dac38d91617f3e81 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:28:12 GMT content-encoding br via 1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront) x-amz-version-id dAcstZTw5tfVcP9eS_gcAIM7c4mZIIwt x-amz-cf-pop JFK50-P6 age 1016 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 27 Aug 2024 17:06:32 GMT server AmazonS3 etag W/"4386023239f94cbe515559c922e2c384" vary accept-encoding content-type text/javascript cache-control public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate timing-allow-origin * x-amz-cf-id UpTbetuNIdqnWxcwpILBZDJJhjd52hd2610sTJ9WU5hwKmpc3HV8AQ==
GET H3	200	pixel googleads.g.doubleclick.net/xbbe/ Frame 27A0	0 0	119ms 114ms	Document text/html	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CEIi98fwEGNbn3JUCMAE&v=APEucNUhbrp_cQDMGZ6f59w8-yma4aVkxhvurSTtftoHxK_0nuo0IT7nw0N91BKSLJ3CTpUWEEXSP4j0KboRFKLDhZh4q-m9v-Yt1jLVQWUKxiAVs1YiAwg Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:45:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 69B1	99 KB 0	3ms 3ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35122 x-xss-protection 0 server cafe etag 2418474175030562626 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 27 Aug 2024 17:45:09 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 69B1	42 B 63 B	144ms 132ms	Image image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAVQ9vIBObW5gy8PsyvJNAaa5dKfI7ChxaLqNRThK4t8XZEEfK9uCKe_Do5xDYclmZ0hzPRd1gpP1uWJrYM4N_wsMO0mNBSPZdtsQZMNwDFAqt1uA Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	c9339e9e-03cd-49a4-878e-5b54b7ed4ec8 beacon-iad2.rubiconproject.com/beacon/d/ Frame 69B1	43 B 75 B	133ms 40ms	Image image/avif	2602:803:c002:200::64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-iad2.rubiconproject.com/beacon/d/c9339e9e-03cd-49a4-878e-5b54b7ed4ec8?oo=0&accountId=17374&siteId=546266&zoneId=3402582&sizeId=43&e=6A1E40E384DA563B90CBA2E9D107E99B2E8CC5ABBBDA879DB021E2CEAF0FCB14E632B7D80D2475F6BD69998FFEF25581E9F89206FC79094ADAA03EA5A458C35ADAC8A588CB5AA90B77C8C1E8CC906615F763BD6DB093A1887060E9DC00784EBE233E051E784C5341B4977F613B8F7FE3441CAC941DB38075D0AF315B6A68C3EC6D2EDA147CFD43AA15A3790E8AD2175F53FE1802C2618C444E6C82E5B728A5D69344B3B60B236FAAE9CD2BFA6C34DA027226E95D54B00D8D094AD983351A134A Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c002:200::64 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff x-frame-options DENY content-type image/avif cache-control private, max-age=0, no-cache content-length 43 x-xss-protection 1; mode=block expires 01 Jan 1970 10:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 69B1	0 20 B	134ms 101ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5885080388171&version=m202406030101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 69B1	0 20 B	136ms 103ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5885080388171&version=m202406030101&ct=76&x=8&cor=14403780077498083000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 69B1	85 KB 39 KB	101ms 100ms	Script text/javascript	2607:f8b0:4006:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp3WswBofZLelMUJzhj3fkh4S1W3P7r4ykIbnS4ouvkonds60lUA_p7okfxQgj2VWPzXpmY0t9RbcdVOpl5P9IFJqg6YFPPk-PgsLjQVGt6mBEePpq0VzQsQPpS8zoq_7baTaXDhne6MWA8VDB3PaZekJDzXszcYu9jD-FE4kFWNEMO3bpy4GfuOBTA2bTi_Sx5cap93GxyEnD6ogcmqJAj2y41TETgRnRracjmEq7p25q9eM&dbm_d=AKAmf-Ax0P-UBaugKTBl5Ro1zxGwVjQ3-cmX89qSh8ZY2NyJMJ1kv5GKtrhgfXvpuzmwdQIsaDzVwo7WmremCejvdSOlyx3I1po87ZKLwRBKcCjHwMBbOmzUlLn6RSIrJQetDCAAUbPWSnnKQQzl-p-POCiNYtL24AHe3swtxNqKu6lMXTFECsER5bb4vC--ccLMMK-Y4E9mu7Nc_fOZFVLuM6qsLrdythHIwvvuXNbZGp0yT6O7GSl1p_iqFZHu8D3bUEmHctdKwI19wiL_gh2CDizkMhF2ii9-45WvuUOiHQMl7Elw0GT_6YU303elkweZjV2FYQqB4WviIi7MbBgtufXs0dcWxjyJLoSzzqheSE-HCSCS7T1CWIdUKsYsn0IDt83EhF5tf-4ObxGMW8bJEaYUE-dUpg7AB9wGjzPGOMp2I59FpEgEb3vmgam_D6xE9aE72Si9n8z37vJMa2NS_1m9Ub6mJn47yfE6TT8kpQNDP1ufFhc7Db_x3w9Zyz5Hq1mUX4Gm7jKPkSMo0417eYjdCApIr4V_LPzXc6O8gHnVoQ9rYl24iL5gowF3OnP-Ixu6znRh7cS9L2IKl_rd73xoXNlV-b2wl7J4kWH2pKs2W-ouJaBV3tbXcugKxFYa3agqtyPvMNWhJVp6tsmzZrYe6wBckTU6nYs0b7nWmXGN5d3mNfkabSEIw5uwhoAWGJwcYlxGTNSR3hOR3wnv1Q4NNHa_8K3JmBpGNdJcEkZQCxWNvB-mNQhrbDIplXOlM0yZaqj0OM910jeU9ViUTIiQIWbTCysZhlKiWjV54n0QsLBgO4SUMuVLkHDMp4B4P7SCKFcmfapBGMH77OxsQCxAXWbFIp00YPYsm9xjkcJJ7ZF7U_dLUwoCaBJYl2O3bkUlVt0NK2TP06BSSprfJEdj54DiF_sfiJToBJZkimkaIsONa9z6oRfLY2x7xXgzpi84PlW3yh-D8Jf4mn5YysBSn4ux9RuBCXswohXi7uaBzDN548kqptwabpu4x3-JpSa8p3_pRY8OB-Vt0WWkqr1NMj_OV1Dg6n8nf2CQ9SAIMKEwyynRkRh0IgvbsJMfILU-FE6yXgbjUxMiTzQTY4C_eB-LP-m4L7noh-D7u9XDXIOJGi5criz-rDQrMdLsLM8O4olESSRqOs3R54_FFnEgZb3oTD6es02570LyKg5GMXgAqzSNXitwqVWpVKsr8vDGpys2bQNc4BNjK7N1eRjVjXVYiWGr0oTswE1cvvQRX8M0ZAMEGBLoaX7j1A4a0O9a_4avIJSJzhro1Z4p8Wem0yYBOoNv8oqwrG4k9eIYpcSlpjsOBCAPbyaILa1cDBJlpGQh0X99FUt3A1N97v2TarNj1_3Uy8wIXXbbOQ2yOwBJj52ehOx4Zvopk2aVvB-k03uwPd-XpYd8v_gVeK6lzapBEy3FgAsRWS_kFHcWeRMA65LzrbwfnolViNmr2lEA4Ok3yFDfeFvAP2KI2Sl2-2MpKqYjdkIGH_5L8Zo1MqbYwEVAX1ejlNujg2179w8MiZMBuQmwctTDXpn7xblCi2jX4o2G9UQaGNCE4NLByIRvwMB6VGLgvcTDmWBXXYzpTpmCKH1VerYFISVS_CMcLQxrMVVX8SVH3pZ_DOj6rfCw2xQYFlPf5TqlQULIDVwqon_qGYcOQn2hRs6Slh1EO2WIIiF0VH3TNtyJS1J0cBC8Sw3rnX_ls61u2FHgNeo8NMJS0N_atCCJ6Q1AADBQTASzMDNwrSTWSiCLLy71OSQNN1bW88qx4vNtLejk1pNyJB2mkF5DxPirrPLT3u4VH7aK9ZTRTV-SbN7OfXSo-bOv95v9PAWNZBlgSvBkukoz1cD6xtZ44QdTeeWg_2V8ZsILG_QfQqsSfAuyV_GW9tHQ2zei2726LDrY-kfrDhnZnt1CBcrwU3SsEn2Sx8OfQt7d4Ip-RzO6cyvXP9HyxcyPDG2uTeQjttqq4BgYb1a4L5r9gwzlBtv2EWGqqLgo9HHQLJrgtWDPMp9IVYCgevLSieSCACzfN9op7aWZkHFc00uyGCig_C6NwrL5KiMqmBNnCZRsyhgXRlvqMVkcO9fMIU24y5oWVtSev9kLn5lKBL3QA9K2MSo3l540R5luTttmQgrNQ2FWL07nWC1fS3fcfh0pr9_0VhQbJoY1huqRW-D42MeJndwjudw6b4kV9OIc0DeoHMEEuCf8Rce6eVhiTXw_sWbMxraikljZE_-AGwM2-9tApiISL993E3Eg274NHlQQ8sZD2od_-mB2i9NE-e_DMD2eea00mztoUWv4N1mt2RWtHQnUOsac2ZfWu1ba_htdoZZLMQuR4TIvDtivTOPyZEXFjyxf_Cy30JbXU3MhccqH6__hKhrggzmJqyIinMuOnE-7-nYJ4MMqNbQnUf0q_jpu2_qen3vDYABiVER7zyNmw5jWyhg3PWT8we47n1wYoPcal9djRY_ZC9mzVgcZ-lWdvAS0dYXkvFgGXNvuiEeQLeBNggYhVMv-Z4C0YRn1n8mOpRgm8ewEAd9ozXVf8D56TCviXuh7TBhQVafTBEf7ykA2GZkZxjDMrlnA7yOSmsnQYRCNoExR4XeYRPsTvGkV1VbZuZwIYQAno92_ZQVWYOjkDSgEy5j4jtUmj5xB-w6ZUlyAF41qoK6jKAQx39lJG_JPlqcKzKX5TSqykLssxU3YtzZDYZT9h73_xy_r6NBzCxqNblPZzWQlRG_G9h33R7qQSm0OiZxWeaGf8Km3WQKNeHdCH2OYQkhU6soEIdoFZnwlp_0iezsqW428-MzHmW0jxfYOV6bTkXynuXehOSBvyu0adKtVcqseYaFkuEZiQc1kzRZk5g2IX46I2XWVR96c4CxXCYBYcbwOj_mrue2Y5H_9nf4YrdHMPo-ZcTBjj7ifsKIkvi_c-H67mYSG35GiNOnwX1LW3Pj95jaUvcT0uA-b9tuRW9w6GH0tDW3zTof70HjVkRfSSac5kO2ZSRPI15PR7F9zgujSJkijtyNRW2zb9I8BW1Uud7kkbt75NoN7Yqg-14ov5S-pBfb0rsxUfwVdsAUTjqjEUk1O4QWLz1uUJzzP7v20yxYPsRtrnkkaJflJ-sOoo3Y8i-xlh291UR7QcNZyv2m9juSGAoyW9g2UeOgpVGga9Qcf4ajjF1A-ZjhSlOKpDVD1HkBcXbLgNPabQANBpAbUYodkm0dS8dVqzJ-IBm7pk8mASP5RWtrDpOe643t_ZSTsU4062-2picj0W4nOAFmudEpLREqXSlHBdcxhJbkDD19pWnZ4oL_HfgyxhlGU92e3ohznNtcwd93oyp4sUS4ygZ4Wb8Y1FKF0-h1l0VIScASi5HkwZe_LkUnuFZ72lUb9SLZCP7B-nudLBSjR7s7S9UaQgrTTa3HKK_fUVfYrYlBFqcbcAAtjpOeatFKW3lE6p7uF0ilUr-KJV4ZQMi8Jb2etWbhvwsDJA0koS4I6Xn1JZGA7xX3M-XPg1AHYRFAFnbBf-dE-4jgxr29tllUwKiGqCTo_Ibbv2d_HKxugKC_VQeHhSmO-VdEef2pHJ4k0pU6c-PiOGyBvPtGMdFsC_vuw5igIgtvq_R3ymsC2KIbtYQJ7xbcCc9Mz6G-_AuLDaIOLPfFU9PpSYetxWwxhyzCuZ2S-dDPdCV8uD5WN7VB5QcDJiEgcFKcsqNq0RPTXzu2yXHd8zK0OVshsd98XdmGCN5uSGHqs7OR_PvdFdRbqluD8nSrhhXDE8P2BnYY&pr=8%3ADD2662744DD05FCE&cid=CAQSMgDpaXnfGMDBmLlbarA_QYEEMpWOG8ixoe19rGFtV5rmEGSBlkdVBEjId0AzB6TQaIypGAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fduelingnexus.com%2Flogin&ds=l&xdt=0&iif=1&cor=14403780077498083000&adk=996169123&dtd=139 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5306f59c6a84cefa9567ed59b3b2e3497c00b44ab4d7b4f5693b9f3439109ee8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	1899 tracker.nitropay.com/i/	0 0	64ms 63ms	Fetch	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/i/1899?d=eyJhdWYiOiJhbmNob3IiLCJhZFVuaXRDb2RlIjoiTG9naW4gLSBBbmNob3IiLCJjcmVhdGl2ZUlkIjoiMjI0OTo1ODI0MzE3MDIiLCJiaWRkZXIiOiJydWJpY29uIiwidGltZVRvUmVzcG9uZCI6ODMyLCJoZWlnaHQiOjUwLCJ3aWR0aCI6MzIwLCJjcG0iOjAuMzYsImhyZWYiOiJodHRwczovL2R1ZWxpbmduZXh1cy5jb20vbG9naW4iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJJZFwiOjI4MjYwLFwibmV0d29ya0lkXCI6MjI0OSxcIm1lZGlhVHlwZVwiOlwiYmFubmVyXCIsXCJhZHZlcnRpc2VyRG9tYWluc1wiOltcImV4cGVkaWEuY29tXCJdfSIsInJlcXVlc3RJZCI6IjAxOTE5NGYwLWZmOTQtNzAwMC05NjQ0LTBlYzRjZTMyNmVlYSIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzI0NzgwNzA5ODYxLCJmIjoiMWV3ZzdjeSIsInYiOiIzMjIyOTM2In0%3D Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H3	204	AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Show response fundingchoicesmessages.google.com/el/	0 28 B	70ms 68ms	XHR text/html	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Kyh5VdohTJ4.es5.O/am=UDA/d=1/rs=AJlcJMwV693qt8MavvUt6QxzR_8-3HZkqA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zvO_PCsNgshoYZFGd83nTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-security-policy script-src 'report-sample' 'nonce-zvO_PCsNgshoYZFGd83nTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDiWLtyxjU1gRs-bTcxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshMz8AsvsAAAE1ELfU" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Show response fundingchoicesmessages.google.com/el/	0 28 B	67ms 66ms	XHR text/html	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVoKgVOLrcNVB2aGgucP6bN4jfAyhhzVCeOEIIz_sZVc5IhmCdKCMLOYiLAE5VKyqiqOD3zWA-GR5Piekh7CzEmgRjsuM6k1BZRTmk_ZTShN_WHiaZyi0asw665uOP2EeREcM5oFw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Kyh5VdohTJ4.es5.O/am=UDA/d=1/rs=AJlcJMwV693qt8MavvUt6QxzR_8-3HZkqA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-hHg2uf6zgmpWslrSl40FYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-security-policy script-src 'report-sample' 'nonce-hHg2uf6zgmpWslrSl40FYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDiWLtyxjU1gwc5Xm5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGZnoFZfIEBAFm0LiM" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxWTY8mWcNWs4ODa0hiuqTn_1VLZcZIpIx48HiXg4RJ2sxtvdX6Oj3H2JmCSNXn5D65QPatjkmTGzWI9Wc_7X9ho9OUj9LuVZyFhla3wAEG38qzF6W6aO-tO2EoYZTWpdbbAWxQFuQ== Show response fundingchoicesmessages.google.com/f/	8 KB 3 KB	86ms 86ms	Script application/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWTY8mWcNWs4ODa0hiuqTn_1VLZcZIpIx48HiXg4RJ2sxtvdX6Oj3H2JmCSNXn5D65QPatjkmTGzWI9Wc_7X9ho9OUj9LuVZyFhla3wAEG38qzF6W6aO-tO2EoYZTWpdbbAWxQFuQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NzgwNzA5LDg3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZHVlbGluZ25leHVzLmNvbS9sb2dpbiIsbnVsbCxbWzgsIkt5aDVWZG9oVEo0Il0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NjEzMV0sbnVsbCwxNF0iXSxbMTksIjIiXV1d Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 16ad955cc2d6e380ca18ef0564d27c6995c9ab8aaca759953e5934842ca56cb7 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-M9ZWTBTlw_zw2wCKqM0kfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:09 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-M9ZWTBTlw_zw2wCKqM0kfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw15BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2Ppwh3b2ARebP26i1lJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDCyEzPwCS-wAAAGbs-1w" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/ Frame 1C57	31 KB 11 KB	57ms 57ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/abg_lite.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 78808c26f29dcc5b6fd7663ea771dcc42471093925f135df3d3cc747c665151d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1682 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11661 x-xss-protection 0 server cafe etag 17027311836879658703 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 10 Sep 2024 17:17:08 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1C57	204 KB 63 KB	51ms 48ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1ec5eff3dc2fba7c74f4f89b509f6d42a71b45051528b065150e61a65ecd6d29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:40:36 GMT content-encoding br x-content-type-options nosniff age 274 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64908 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 27 Aug 2024 18:40:36 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/elements/html/ Frame 1C57	12 KB 4 KB	56ms 54ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/elements/html/omrhp.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1682 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4395 x-xss-protection 0 server cafe etag 4271344721252203484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 10 Sep 2024 17:17:08 GMT
GET H3	200	view ad.doubleclick.net/pcs/ Frame 1C57	0 0	127ms 125ms	Fetch image/png	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjst5-pQ4hf6ogCdsca1lD9xEBUjT5RdJctP_yu1qaFx9hRV13WmzjxPBL-g4BGp8u_SCX-XZbTknf04DfGUaHYzKiEljbURKHy3rURuoXXnGdNwOsWqWEcMeQwvI0uxRDqlZMpEZuTU-NHuynPQ8PcMb8LycQJ7hqWiiGMWiV8K9F9LQDXnjsFQtOBsKtt01Swao90FPBFb9_a74BhyyWXooC7SrgCqkX610zmuM2dkfl8SYwGglycDWfDyM8qHpTq-1OfCxNARuQWhIbQZQdOeAhc5YU6NYfhDGJIqAZfkS3z3MEYWABnZzWpVXutRVn0a5lT2dLI34os5yHGfUU3rhdEXdURnbrq5pAy7h7Cdw_gUn2GD9tB3EiL8UcVR30p4-TvHzKZ5ZwCImgo1DoZwFxNSMYs3Aymmkt5cXwv3NTQN5cQrMJGl7KVajNQg02EVbC62CkKN6kYOtCQSmJrDq5Rg1djo9g2oNkmTYBFWwccLEc74g1PEzP6NIE5Djv4CxHkSFPqI0bo3teJSf4qu08G02ZNVBCvN6pSjc6kgKfOmsFvqqvBOmFgdBykcaju5IhHD9UsDleN6X5PYOIWvMWEh2KGZ4ukUGxTxZrWh4iIIdAG6MEF4Uw4lHKGJNXvSR7cud5CEyvNnmryzZomhdfuy5cEHu0jw_KJ7HdKy7ro6WUrwOEWhWcBUnNRfZhdAsCpsE7_8rIf_xUq2lHW0JjviNE6_cGt9d_ke1X-nE32w8koKL9OvJM3sgJtNVo46pFFrhBHoMDn4HpId5xH7DKVkQRVSnkIsBeTstb-IhblB-uoaFZAuJ4fMGnlFz5gsqL8YvpAoo2GHVsjFEnhnTxe6WRyDit9ekbFRmyQC3FVl54E84bkZvr0PvZLlkuoaknY3KRYnvYX_JaPPjpA-_t6ipINDdVOGMUep1p4x1Rdigc9wJxUkVJddeI63LcHyOptqYgMOiA0YSmGOy-ZYvQMsWWt8ABhXVMpbcU6wB1aa60_NoryacWWZn-x6mXpU4BtzXzMGy1NcN6_z23ngd8gFGV90zBoQkAxKFmEW4ZXk3dj0ILAa_kfNsoIPwITe9mfhQIfaUTNf_97L98Nn83AKJ8gGBMR8mgIm-GhPSlD9HmFXnSAbMFudrKVFgcFq4CR-24hO9-HzBzO9Yv5n1PE0Xa7SagXVlCnhvfGO6fwM3v49byLv5fRBD8ZSYH11ncHxZqIHdcho1Ct52KFgB5IvMN_KGUPMNhOU7JLYugH0gW339ey_tTyuiR9JbmVSgm0RmCh_c_SmLyXnygKZ2W8ozifoO-lssuTf0hla7Tdkz30oj5BhYkJTA7FP_Q-PmFmpSO0rV1lxzQv6ZCA7XmEPGJUtCLzRjkdamSCs4XjhCyqt006vznVvzprcLEWa3aA&sai=AMfl-YStAiVVSssuA54gKaXYbV-VyJduKT4CDcsu7628XJ2qM67bWQbBlofsv_w51GtRwl13kRIVhVXECwCYBHaS_A1dWvSeTW2CY5t-oFYup16zjwKSkKZ1P2D4Xcb7ylwEJUkwKeFyMusQFEzvtNMAU2uC0R8po_ZU_pUlnAV3O1Qw7FLTG9f7aL7I9PVd0nDD6OQDz-5-8UgQJ1N17qb3kYYPXIEjnxNtDWyCHEncBX6caolK29s3JSt3U4k-kxkq7w9q4IQKf5I&sig=Cg0ArKJSzOk0RjhAbxtqEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9mbHlmbGFpci5jb20&pr=8:0AB75D3B9199B6EE&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=26&cbvp=1&cstd=0&cisv=r20240822.08539&arae=1&ftch=1&adurl= Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 27 Aug 2024 17:45:10 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 attribution-reporting-register-source {"aggregation_keys":{"18842532":"0xc2c956dd62cc63ac0000000000000000","18842533":"0x258b35851620f5c0000000000000000","18842534":"0xe815306497874f780000000000000000","18842535":"0xff74ec8a4c30c1e70000000000000000"},"debug_key":"6835056271214958502","debug_reporting":true,"destination":["https://hotels.com","https://expedia.com","https://getyourguide.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["73793868"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9163167"]},"max_event_level_reports":2,"priority":"0","source_event_id":"10714081847715439255"} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/png access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Tue, 27 Aug 2024 17:45:10 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 1C57	41 KB 14 KB	1211ms 54ms	Script text/javascript	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1683 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Aug 2025 17:17:08 GMT
GET H2	200	5659745700236185699 s0.2mdn.net/simgad/ Frame 1C57	23 KB 24 KB	233ms 56ms	Image image/jpeg	2607:f8b0:4006:81d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/5659745700236185699 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 43e11d4c4add26f790547e5ba49c548f8228e8073bc888a0669f3753e14aa5cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Sun, 25 Aug 2024 23:58:39 GMT x-content-type-options nosniff age 150391 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23661 x-xss-protection 0 last-modified Fri, 05 Jul 2024 23:26:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 25 Aug 2025 23:58:39 GMT
GET H2	200	usync.html eus.rubiconproject.com/ Frame EB00	0 0	411ms 114ms	Document text/html	23.56.163.106 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-163-106.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 224 content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 17:45:10 GMT etag "28052a-10d-6142d69a886c0" last-modified Thu, 21 Mar 2024 15:32:19 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding
GET H2	200	html_inpage_rendering_lib_200_280.js Show response s0.2mdn.net/879366/ Frame C4CF	174 KB 61 KB	189ms 56ms	Script text/javascript	2607:f8b0:4006:81d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_280.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ead6613354e36353e48b2a0bded4bcb693d0b5934691e89b14deb8dc453b6ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Origin https://duelingnexus.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 06:36:26 GMT content-encoding gzip x-content-type-options nosniff age 40124 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61938 x-xss-protection 0 last-modified Mon, 08 Jul 2024 16:51:02 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 28 Aug 2024 06:36:26 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/elements/html/ Frame C4CF	12 KB 0	0ms 0ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/elements/html/omrhp.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1682 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4395 x-xss-protection 0 server cafe etag 4271344721252203484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 10 Sep 2024 17:17:08 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/ Frame C4CF	31 KB 0	1ms 1ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/abg_lite.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 78808c26f29dcc5b6fd7663ea771dcc42471093925f135df3d3cc747c665151d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1682 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11661 x-xss-protection 0 server cafe etag 17027311836879658703 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 10 Sep 2024 17:17:08 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame C4CF	41 KB 0	1139ms 1139ms	Script text/javascript	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1683 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Aug 2025 17:17:08 GMT
GET H2	200	usync.html eus.rubiconproject.com/ Frame F11E	0 0	372ms 372ms	Document text/html	23.56.163.106 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-163-106.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 224 content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 17:45:10 GMT etag "28052a-10d-6142d69a886c0" last-modified Thu, 21 Mar 2024 15:32:19 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding
GET H2	200	720 Show response p.ad.gt/api/v1/p/	40 KB 14 KB	594ms 44ms	Script application/javascript	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p.ad.gt/api/v1/p/720 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b28f6e21cde0773e5e4742d5c39faf31c810dd2687f8c7fe19fd4b66fd1b0df6 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:10 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 27 Aug 2024 17:40:49 GMT server cloudflare age 245 vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cf-ray 8b9ddfb25a1639cf-YYZ
GET H2	200	halo_match ids.ad.gt/api/v1/	43 B 143 B	1163ms 169ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&halo_id=060ixe6ju6a65kihgfc676faj6hbef6ekceuom0wi0e0yyusqoi020oew0sgmo0my Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif
GET H2	200	ip_match ids.ad.gt/api/v1/	0 192 B	1160ms 167ms	Image text/html	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT server nginx/1.24.0 content-length 0 content-type text/html; charset=utf-8
GET H2	200	match ids.ad.gt/api/v1/ Redirect Chain https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&adnxs_id=$UID&gdpr=0 https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&adnxs_id=699858439086164783&gdpr=0	43 B 143 B	992ms 168ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&adnxs_id=699858439086164783&gdpr=0 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif Redirect headers pragma no-cache date Tue, 27 Aug 2024 17:45:10 GMT an-x-request-uuid ee8297b1-de49-49a4-b141-8a55fb6214ee server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&adnxs_id=699858439086164783&gdpr=0 x-proxy-origin 166.0.205.70; 166.0.205.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	t_match ids.ad.gt/api/v1/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001724780710-9LLMAXUG-QZBZ&gdpr=0 https://ids.ad.gt/api/v1/t_match?tdid=25074f55-c861-4298-b00d-d0e249bb6510&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ	43 B 144 B	792ms 167ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/t_match?tdid=25074f55-c861-4298-b00d-d0e249bb6510&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif Redirect headers location https://ids.ad.gt/api/v1/t_match?tdid=25074f55-c861-4298-b00d-d0e249bb6510&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ date Tue, 27 Aug 2024 17:45:10 GMT server Kestrel content-length 259
GET H2	200	pbm_match ids.ad.gt/api/v1/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ https://ids.ad.gt/api/v1/pbm_match?pbm=4B05D89C-78A8-4743-BBC8-EC8EB1062C29&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ	43 B 143 B	137ms 131ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/pbm_match?pbm=4B05D89C-78A8-4743-BBC8-EC8EB1062C29&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif Redirect headers location https://ids.ad.gt/api/v1/pbm_match?pbm=4B05D89C-78A8-4743-BBC8-EC8EB1062C29&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	rub_match ids.ad.gt/api/v1/ Redirect Chain https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001724780710-9LLMAXUG-QZBZ&gdpr=0 https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&rub=M0CPWFKX-1R-HLY2&gdpr=0	43 B 143 B	187ms 185ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&rub=M0CPWFKX-1R-HLY2&gdpr=0 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif Redirect headers P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Pragma no-cache Cache-Control no-cache,no-store,must-revalidate Location https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&rub=M0CPWFKX-1R-HLY2&gdpr=0 content-length 0 X-RPHost 84e0f527cd81a00b0210e20b4ee7ed94 Expires 0
GET H2	200	tapad_match ids.ad.gt/api/v1/ Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724780710... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724... https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e11719bf-cbb7-48c4-83ad-b22c6ab9748e%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi... https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=25074f55-c861-4298-b00d-d0e249bb6510&ttd_puid=e11719bf-cbb7-48c4-83ad-b22c6ab9748e%2Chttps%253A%252F%252Fids.ad.gt%252Fap... https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&tapad_id=e11719bf-cbb7-48c4-83ad-b22c6ab9748e	43 B 143 B	94ms 94ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&tapad_id=e11719bf-cbb7-48c4-83ad-b22c6ab9748e Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif Redirect headers date Tue, 27 Aug 2024 17:45:11 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&tapad_id=e11719bf-cbb7-48c4-83ad-b22c6ab9748e alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	g_match ids.ad.gt/api/v1/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&google_gid=CAESEKwKI7oGCeU1JRxojwChHY8&google_cver=1&google_ula=450542624,0	43 B 143 B	268ms 167ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&google_gid=CAESEKwKI7oGCeU1JRxojwChHY8&google_cver=1&google_ula=450542624,0 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif Redirect headers pragma no-cache date Tue, 27 Aug 2024 17:45:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&google_gid=CAESEKwKI7oGCeU1JRxojwChHY8&google_cver=1&google_ula=450542624,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 357 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Redirect Chain https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001724780710-9LLMAXUG-QZBZ https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNDc4MDcxMC05TExNQVhVRy1RWkJa	170 B 243 B	75ms 73ms	Image image/png	142.250.81.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNDc4MDcxMC05TExNQVhVRy1RWkJa Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:11 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNDc4MDcxMC05TExNQVhVRy1RWkJa date Tue, 27 Aug 2024 17:45:11 GMT server nginx/1.24.0 content-length 453 content-type text/html; charset=utf-8
GET H2	200	openx ids.ad.gt/api/v1/ Redirect Chain https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ%26auid%3DAU... https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ%26auid... https://ids.ad.gt/api/v1/openx?openx_id=a242fc9d-2dfb-401d-b35e-3316cc12b092&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&auid=AU1D-0100-001724780710-9LLMAXUG-QZBZ	43 B 143 B	209ms 176ms	Image image/gif	52.37.62.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ids.ad.gt/api/v1/openx?openx_id=a242fc9d-2dfb-401d-b35e-3316cc12b092&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&auid=AU1D-0100-001724780710-9LLMAXUG-QZBZ Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Server 52.37.62.163 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-62-163.us-west-2.compute.amazonaws.com Software nginx/1.24.0 / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:12 GMT cache-control no-cache server nginx/1.24.0 content-length 43 content-type image/gif Redirect headers date Tue, 27 Aug 2024 17:45:12 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type image/gif location https://ids.ad.gt/api/v1/openx?openx_id=a242fc9d-2dfb-401d-b35e-3316cc12b092&id=AU1D-0100-001724780710-9LLMAXUG-QZBZ&auid=AU1D-0100-001724780710-9LLMAXUG-QZBZ p3p CP="CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	204	0 sync.1rx.io/usersync/audigent/	0 99 B	338ms 135ms	Image text/plain	69.194.240.13 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001724780710-9LLMAXUG-QZBZ%26unruly_id%3D%5BRX_UUID%5D Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:14 GMT cache-control no-store, no-cache, must-revalidate expires 0
GET H2	200	/ onetag-sys.com/match/	0 201 B	305ms 112ms	Image text/plain	51.222.39.187 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=180&uid=AU1D-0100-001724780710-9LLMAXUG-QZBZ&gdpr=0 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.222.39.187 , Canada, ASN16276 (OVH, FR), Reverse DNS ip187.ip-51-222-39.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
POST H2	200	init gw.geoedge.be/api/ Frame 1C57	0 0	1042ms 97ms	Fetch	2600:9000:23cb:c400:10:43f:4340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gw.geoedge.be/api/init Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23cb:c400:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Referer https://duelingnexus.com/ Accept-Language gzip User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Tue, 27 Aug 2024 17:45:11 GMT via 1.1 e82b8f8953c90f58ae3b2feee6b64b70.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 content-length 0 x-amz-cf-id N75sgfSsIH16sP3yD6W3SfBFuKQIaI315Xv31w64zzcQvXEVuy_bfA== x-cache Miss from cloudfront
POST H2	200	init gw.geoedge.be/api/ Frame C4CF	0 0	1065ms 120ms	Fetch	2600:9000:23cb:c400:10:43f:4340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gw.geoedge.be/api/init Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23cb:c400:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Referer https://duelingnexus.com/ Accept-Language gzip User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Tue, 27 Aug 2024 17:45:10 GMT via 1.1 e82b8f8953c90f58ae3b2feee6b64b70.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 content-length 0 x-amz-cf-id QPqZOBpT-KRKwkgw176WfsZMK83YqLBs2t2VrQ3lyx9czcQ6-2Epeg== x-cache Miss from cloudfront
POST H3	204	1899 tracker.nitropay.com/i/	0 10 B	241ms 67ms	Ping text/plain	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/i/1899?d=eyJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6IkxvZ2luIC0gSGVhZGVyIiwiY3JlYXRpdmVJZCI6IjIyNDk6NTQ5MTcxMzMwIiwiYmlkZGVyIjoicnViaWNvbiIsInRpbWVUb1Jlc3BvbmQiOjEwNDAsImhlaWdodCI6MjUwLCJ3aWR0aCI6OTcwLCJjcG0iOjAuNDUsImhyZWYiOiJodHRwczovL2R1ZWxpbmduZXh1cy5jb20vbG9naW4iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJJZFwiOjM0NTYyMixcIm5ldHdvcmtJZFwiOjIyNDksXCJtZWRpYVR5cGVcIjpcImJhbm5lclwiLFwiYWR2ZXJ0aXNlckRvbWFpbnNcIjpbXCJ3YWxtYXJ0LmNhXCJdfSIsInJlcXVlc3RJZCI6IjAxOTE5NGYwLWZlOGItNzAwMC04ODdhLTkyMGMxNmYxOWEzMyIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzI0NzgwNzA5MTE1LCJmIjoiMWV3ZzdjeSIsInYiOiIzMjIyOTM2In0%3D&v=true&t=1102 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:10 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/ Frame 69B1	31 KB 0	47ms 47ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/abg_lite.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 78808c26f29dcc5b6fd7663ea771dcc42471093925f135df3d3cc747c665151d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1682 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11661 x-xss-protection 0 server cafe etag 17027311836879658703 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 10 Sep 2024 17:17:08 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 69B1	204 KB 0	29ms 29ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1ec5eff3dc2fba7c74f4f89b509f6d42a71b45051528b065150e61a65ecd6d29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:40:36 GMT content-encoding br x-content-type-options nosniff age 274 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64908 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 27 Aug 2024 18:40:36 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/elements/html/ Frame 69B1	12 KB 0	30ms 30ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240822/r20110914/elements/html/omrhp.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1682 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4395 x-xss-protection 0 server cafe etag 4271344721252203484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 10 Sep 2024 17:17:08 GMT
GET H3	200	view ad.doubleclick.net/pcs/ Frame 69B1	0 0	181ms 155ms	Fetch image/png	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssssu0aJ0tEpXbIADpS6xs-c8PjmUBi_m6RdjFbVAICea9cKstsLMjkS6rn7gkymeZ72dKiUYRMuxmcXymKd-T6HWv2_FYqZy0xttlrvDaumIYlsuBJHI6yVZOxuEDJi_OX1BGRK9aDTYz5RJ22wgM2_fw4XeQwSdCADWWMtusoBVXmjtQ8SUjosWykJCR_Ccie3-4ZEmNK2aQIwyftRnbcwn1LSOUpzyfq1A2rgDSjDCj8eeHWqGOAmhdUX4aQXOfEFvYSMclJ6WmjOdnetAqJFVnqNkrRqrR5w9Qqx2QbYnuKI0gZwurZOoqwOx2HmR-JUaaHs2RVTerCtEP6hexRGJReUJj43lFsLB8TpyDqShfLcAYwlBxHVSOOMJsDyUt1UhKcHFuUjrPsO-ea0ZEEcGOnydsC-CeWGemZ2Whb39GAgM8Xts4fOzvEIo9vYIH1xrTd1oS_RfAewdP1s0o89JxfO17z25vCgR2tmeyaXvP7G6D5kfGKsy58XrKzgEgS1c9bMdvpIA1biiAFCQ0hJexmeDE_5ehuGpP1CeJ62695GquydR_GSonSpdA1mrbuwuvpO_Wr7bzBZZMaOJEfyGHdFhrAi8GjgyeUESmU0qbOV0M_JATvbPKIYUlFQlssdQrE5eeIRyd8wmJq-EWtwO7O9Y1uMn5MAVLjpj7ugx2jb8TCYCOPROR9eAZkae-O_M2UxHCVvFkoGKla6TqJ8hN-RqvWQRACZnUuzW_uvKWaaRyhTvkgKvJtTjrZYQRg8qJGuGgZfofY4p3yKzo7tqW0IC6_RmyLp78mPCFqxNvWy6yVlXV8ial68GbHdirk-KNNNVTBJy_uVc-UWWOQ_pNl-Y_x7iKtN9Cb0ArGam5HaEWXScjJz27rh8T7SrgUwisghipob0zHNWCkNR1tea2lmWYZwLLTvIn6CYfvGDngu2Mto8pMXcX-NXX-0XMebN-GEurGOMj_v3zZuRLPNoQkbjFkeYrmJNRWHObY2GXXz7DS_QbAIK8Spw5_d4DfYSSj90hLWQ9aBHvPJlGx7Idqdh2YlMyTCqeuUo-JO7sh-7GarNC0sASY3H63x9QFXHzpLyGSKlApozgNjoCHF7JcKlWBiEsCCGvgss3Y9eY55i85LDTJbEqPV8q8Ao92ddKHUgmKwKDhs33eEtkb_EvyQbu9Dp2c4udH22_l-B53mgZTddD-g44nJc5rv0wqSiahHpAQyr2Ra761FW73DO-XuAUDNFcMHEG10AfR6MstQ659qjBOCrUEqX5tbd4fpV9eOQ6q_DfYBhdRL29JjN35O-1XtSQWKUI0rXJgwjj_hZKo6eY9_EPCpGweZmPLxoKrZEfwnPf93W6ol0ezQBI2hdKbYNxmvUSoF3X3LpdyOuLBQaM_fcyYs7Pfdnmi2Q&sai=AMfl-YSY35uqgOGP-jhcvYvf__NsHumi77ueitoexIWTUwgQh8xcbo1q5sQRPf1VOzrzrZ7jUxQhqfi8W7wbQB823R7DPn5J3Xzx48ScTNYpky16oWJiHliFhAib7CAV6iIL6_6GrB3QF1Q-BYzYe8-3euSIEBZ4QJpr0ExLmfToiCcUh3H2KmyLxlm_uLmDOn2LSZ7ELObjV9QyfhhJ96X0hzjd6wyvfMf47obYHUkLrBPt3DOIuZT4aouAYV26Ph1Eq5ScJI6wnt4&sig=Cg0ArKJSzKk7dtaGqiq-EAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9mbHlmbGFpci5jb20&pr=8:DD2662744DD05FCE&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=6&cbvp=1&cstd=0&cisv=r20240822.63018&arae=1&ftch=1&adurl= Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 27 Aug 2024 17:45:10 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 attribution-reporting-register-source {"aggregation_keys":{"18842532":"0xc2c956dd62cc63ac0000000000000000","18842533":"0x258b35851620f5c0000000000000000","18842534":"0xe815306497874f780000000000000000","18842535":"0xe7c2d2d613c05d460000000000000000"},"debug_key":"1715267289323055497","debug_reporting":true,"destination":["https://hotels.com","https://expedia.com","https://getyourguide.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["73793868"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9163167"]},"max_event_level_reports":2,"priority":"0","source_event_id":"11000943521987837314"} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/png access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Tue, 27 Aug 2024 17:45:10 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 69B1	41 KB 0	19ms 19ms	Script text/javascript	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:17:08 GMT content-encoding br x-content-type-options nosniff age 1683 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Aug 2025 17:17:08 GMT
GET H2	200	1465826476722595841 s0.2mdn.net/simgad/ Frame 69B1	8 KB 8 KB	58ms 43ms	Image image/jpeg	2607:f8b0:4006:81d::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/1465826476722595841 Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c68b6b23e885be1c07d6916ead673f86b5c73ac3f58f3e8c31ef8ba68c3c5e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Fri, 23 Aug 2024 15:46:54 GMT x-content-type-options nosniff age 352696 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8375 x-xss-protection 0 last-modified Fri, 05 Jul 2024 23:26:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 23 Aug 2025 15:46:54 GMT
GET H2	200	usync.html eus.rubiconproject.com/ Frame FD8C	0 0	1ms 1ms	Document text/html	23.56.163.106 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca Requested by Host: duelingnexus.com URL: https://duelingnexus.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-163-106.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 224 content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 17:45:10 GMT etag "28052a-10d-6142d69a886c0" last-modified Thu, 21 Mar 2024 15:32:19 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding
POST H2	200	init gw.geoedge.be/api/ Frame 69B1	0 0	901ms 119ms	Fetch	2600:9000:23cb:c400:10:43f:4340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gw.geoedge.be/api/init Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23cb:c400:10:43f:4340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Referer https://duelingnexus.com/ Accept-Language gzip User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Tue, 27 Aug 2024 17:45:10 GMT via 1.1 e82b8f8953c90f58ae3b2feee6b64b70.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P1 content-length 0 x-amz-cf-id d8zMZATdMFH6JH110V7WoSIe_-Pb3-5VXrHMfxdZ3DtWqi98AVTUyg== x-cache Miss from cloudfront
POST H3	204	1899 tracker.nitropay.com/i/	0 10 B	94ms 72ms	Ping text/plain	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/i/1899?d=eyJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6IkxvZ2luIC0gU2lkZWJhciIsImNyZWF0aXZlSWQiOiIyMjQ5OjU4MjQyOTE5OSIsImJpZGRlciI6InJ1Ymljb24iLCJ0aW1lVG9SZXNwb25kIjo5MTMsImhlaWdodCI6NjAwLCJ3aWR0aCI6MzAwLCJjcG0iOjAuMzcsImhyZWYiOiJodHRwczovL2R1ZWxpbmduZXh1cy5jb20vbG9naW4iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJJZFwiOjI4MjYwLFwibmV0d29ya0lkXCI6MjI0OSxcIm1lZGlhVHlwZVwiOlwiYmFubmVyXCIsXCJhZHZlcnRpc2VyRG9tYWluc1wiOltcImV4cGVkaWEuY29tXCJdfSIsInJlcXVlc3RJZCI6IjAxOTE5NGYwLWZmM2EtNzAwMC1iZGRiLWI4ZTY5MzIwMTI3YyIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzI0NzgwNzA5MjYyLCJmIjoiMWV3ZzdjeSIsInYiOiIzMjIyOTM2In0%3D&v=true&t=1143 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:10 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	view ad.doubleclick.net/pcs/ Frame 1C57	0 0	151ms 150ms	Fetch image/png	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjst5-pQ4hf6ogCdsca1lD9xEBUjT5RdJctP_yu1qaFx9hRV13WmzjxPBL-g4BGp8u_SCX-XZbTknf04DfGUaHYzKiEljbURKHy3rURuoXXnGdNwOsWqWEcMeQwvI0uxRDqlZMpEZuTU-NHuynPQ8PcMb8LycQJ7hqWiiGMWiV8K9F9LQDXnjsFQtOBsKtt01Swao90FPBFb9_a74BhyyWXooC7SrgCqkX610zmuM2dkfl8SYwGglycDWfDyM8qHpTq-1OfCxNARuQWhIbQZQdOeAhc5YU6NYfhDGJIqAZfkS3z3MEYWABnZzWpVXutRVn0a5lT2dLI34os5yHGfUU3rhdEXdURnbrq5pAy7h7Cdw_gUn2GD9tB3EiL8UcVR30p4-TvHzKZ5ZwCImgo1DoZwFxNSMYs3Aymmkt5cXwv3NTQN5cQrMJGl7KVajNQg02EVbC62CkKN6kYOtCQSmJrDq5Rg1djo9g2oNkmTYBFWwccLEc74g1PEzP6NIE5Djv4CxHkSFPqI0bo3teJSf4qu08G02ZNVBCvN6pSjc6kgKfOmsFvqqvBOmFgdBykcaju5IhHD9UsDleN6X5PYOIWvMWEh2KGZ4ukUGxTxZrWh4iIIdAG6MEF4Uw4lHKGJNXvSR7cud5CEyvNnmryzZomhdfuy5cEHu0jw_KJ7HdKy7ro6WUrwOEWhWcBUnNRfZhdAsCpsE7_8rIf_xUq2lHW0JjviNE6_cGt9d_ke1X-nE32w8koKL9OvJM3sgJtNVo46pFFrhBHoMDn4HpId5xH7DKVkQRVSnkIsBeTstb-IhblB-uoaFZAuJ4fMGnlFz5gsqL8YvpAoo2GHVsjFEnhnTxe6WRyDit9ekbFRmyQC3FVl54E84bkZvr0PvZLlkuoaknY3KRYnvYX_JaPPjpA-_t6ipINDdVOGMUep1p4x1Rdigc9wJxUkVJddeI63LcHyOptqYgMOiA0YSmGOy-ZYvQMsWWt8ABhXVMpbcU6wB1aa60_NoryacWWZn-x6mXpU4BtzXzMGy1NcN6_z23ngd8gFGV90zBoQkAxKFmEW4ZXk3dj0ILAa_kfNsoIPwITe9mfhQIfaUTNf_97L98Nn83AKJ8gGBMR8mgIm-GhPSlD9HmFXnSAbMFudrKVFgcFq4CR-24hO9-HzBzO9Yv5n1PE0Xa7SagXVlCnhvfGO6fwM3v49byLv5fRBD8ZSYH11ncHxZqIHdcho1Ct52KFgB5IvMN_KGUPMNhOU7JLYugH0gW339ey_tTyuiR9JbmVSgm0RmCh_c_SmLyXnygKZ2W8ozifoO-lssuTf0hla7Tdkz30oj5BhYkJTA7FP_Q-PmFmpSO0rV1lxzQv6ZCA7XmEPGJUtCLzRjkdamSCs4XjhCyqt006vznVvzprcLEWa3aA&sai=AMfl-YStAiVVSssuA54gKaXYbV-VyJduKT4CDcsu7628XJ2qM67bWQbBlofsv_w51GtRwl13kRIVhVXECwCYBHaS_A1dWvSeTW2CY5t-oFYup16zjwKSkKZ1P2D4Xcb7ylwEJUkwKeFyMusQFEzvtNMAU2uC0R8po_ZU_pUlnAV3O1Qw7FLTG9f7aL7I9PVd0nDD6OQDz-5-8UgQJ1N17qb3kYYPXIEjnxNtDWyCHEncBX6caolK29s3JSt3U4k-kxkq7w9q4IQKf5I&sig=Cg0ArKJSzOk0RjhAbxtqEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9mbHlmbGFpci5jb20&pr=8:0AB75D3B9199B6EE&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=434&vt=11&dtpt=408&dett=2&cstd=0&cisv=r20240822.08539&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl= Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:10 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"18842532":"0xc2c956dd62cc63ac0000000000000000","18842533":"0x258b35851620f5c0000000000000000","18842534":"0xe815306497874f780000000000000000","18842535":"0xff74ec8a4c30c1e70000000000000000"},"debug_key":"2013763974549506428","debug_reporting":true,"destination":["https://hotels.com","https://expedia.com","https://getyourguide.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["73793868"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9163167"]},"max_event_level_reports":2,"priority":"0","source_event_id":"11859551718384665657"} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/png access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 27 Aug 2024 17:45:10 GMT
GET H3	200	AGSKWxWIise1VeXTkcau3r577sE15S1wfLgufgXoppmAP1YAL57DnOa7bDX82jvtau_WUQSJqOa6AeA2zYLMWNoLPsIjbtYrfdwC51vUv21RY68D9Gq8VfhbzAuAQUOmr7Xtlupi4IQ28A== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	103ms 103ms	Script application/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWIise1VeXTkcau3r577sE15S1wfLgufgXoppmAP1YAL57DnOa7bDX82jvtau_WUQSJqOa6AeA2zYLMWNoLPsIjbtYrfdwC51vUv21RY68D9Gq8VfhbzAuAQUOmr7Xtlupi4IQ28A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NzgwNzEwLDQzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZHVlbGluZ25leHVzLmNvbS9sb2dpbiIsbnVsbCxbWzgsIkt5aDVWZG9oVEo0Il0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NjEzMV0sbnVsbCwxNF0iXSxbMTksIjIiXV1d Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 59e646bab66147deca25ca4924fc5181f542c0924b86992dee25e9f6bd4fa670 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5khRiWXgEYBNY_YiOVD3ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:10 GMT content-security-policy script-src 'report-sample' 'nonce-5khRiWXgEYBNY_YiOVD3ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2PZwh3b2AQO3On7xKikkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBhZKZnYBJfYAAADL0-nw" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	view ad.doubleclick.net/pcs/ Frame 69B1	0 0	138ms 136ms	Fetch image/png	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssssu0aJ0tEpXbIADpS6xs-c8PjmUBi_m6RdjFbVAICea9cKstsLMjkS6rn7gkymeZ72dKiUYRMuxmcXymKd-T6HWv2_FYqZy0xttlrvDaumIYlsuBJHI6yVZOxuEDJi_OX1BGRK9aDTYz5RJ22wgM2_fw4XeQwSdCADWWMtusoBVXmjtQ8SUjosWykJCR_Ccie3-4ZEmNK2aQIwyftRnbcwn1LSOUpzyfq1A2rgDSjDCj8eeHWqGOAmhdUX4aQXOfEFvYSMclJ6WmjOdnetAqJFVnqNkrRqrR5w9Qqx2QbYnuKI0gZwurZOoqwOx2HmR-JUaaHs2RVTerCtEP6hexRGJReUJj43lFsLB8TpyDqShfLcAYwlBxHVSOOMJsDyUt1UhKcHFuUjrPsO-ea0ZEEcGOnydsC-CeWGemZ2Whb39GAgM8Xts4fOzvEIo9vYIH1xrTd1oS_RfAewdP1s0o89JxfO17z25vCgR2tmeyaXvP7G6D5kfGKsy58XrKzgEgS1c9bMdvpIA1biiAFCQ0hJexmeDE_5ehuGpP1CeJ62695GquydR_GSonSpdA1mrbuwuvpO_Wr7bzBZZMaOJEfyGHdFhrAi8GjgyeUESmU0qbOV0M_JATvbPKIYUlFQlssdQrE5eeIRyd8wmJq-EWtwO7O9Y1uMn5MAVLjpj7ugx2jb8TCYCOPROR9eAZkae-O_M2UxHCVvFkoGKla6TqJ8hN-RqvWQRACZnUuzW_uvKWaaRyhTvkgKvJtTjrZYQRg8qJGuGgZfofY4p3yKzo7tqW0IC6_RmyLp78mPCFqxNvWy6yVlXV8ial68GbHdirk-KNNNVTBJy_uVc-UWWOQ_pNl-Y_x7iKtN9Cb0ArGam5HaEWXScjJz27rh8T7SrgUwisghipob0zHNWCkNR1tea2lmWYZwLLTvIn6CYfvGDngu2Mto8pMXcX-NXX-0XMebN-GEurGOMj_v3zZuRLPNoQkbjFkeYrmJNRWHObY2GXXz7DS_QbAIK8Spw5_d4DfYSSj90hLWQ9aBHvPJlGx7Idqdh2YlMyTCqeuUo-JO7sh-7GarNC0sASY3H63x9QFXHzpLyGSKlApozgNjoCHF7JcKlWBiEsCCGvgss3Y9eY55i85LDTJbEqPV8q8Ao92ddKHUgmKwKDhs33eEtkb_EvyQbu9Dp2c4udH22_l-B53mgZTddD-g44nJc5rv0wqSiahHpAQyr2Ra761FW73DO-XuAUDNFcMHEG10AfR6MstQ659qjBOCrUEqX5tbd4fpV9eOQ6q_DfYBhdRL29JjN35O-1XtSQWKUI0rXJgwjj_hZKo6eY9_EPCpGweZmPLxoKrZEfwnPf93W6ol0ezQBI2hdKbYNxmvUSoF3X3LpdyOuLBQaM_fcyYs7Pfdnmi2Q&sai=AMfl-YSY35uqgOGP-jhcvYvf__NsHumi77ueitoexIWTUwgQh8xcbo1q5sQRPf1VOzrzrZ7jUxQhqfi8W7wbQB823R7DPn5J3Xzx48ScTNYpky16oWJiHliFhAib7CAV6iIL6_6GrB3QF1Q-BYzYe8-3euSIEBZ4QJpr0ExLmfToiCcUh3H2KmyLxlm_uLmDOn2LSZ7ELObjV9QyfhhJ96X0hzjd6wyvfMf47obYHUkLrBPt3DOIuZT4aouAYV26Ph1Eq5ScJI6wnt4&sig=Cg0ArKJSzKk7dtaGqiq-EAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9mbHlmbGFpci5jb20&pr=8:DD2662744DD05FCE&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=120&vt=11&dtpt=114&dett=2&cstd=0&cisv=r20240822.63018&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl= Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:10 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"18842532":"0xc2c956dd62cc63ac0000000000000000","18842533":"0x258b35851620f5c0000000000000000","18842534":"0xe815306497874f780000000000000000","18842535":"0xe7c2d2d613c05d460000000000000000"},"debug_key":"14065364840131328580","debug_reporting":true,"destination":["https://hotels.com","https://expedia.com","https://getyourguide.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["73793868"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9163167"]},"max_event_level_reports":2,"priority":"0","source_event_id":"11242150336789894966"} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/png access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 27 Aug 2024 17:45:10 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1C57	0 0	284ms 100ms	Fetch image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C4CF	204 KB 63 KB	58ms 46ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1ec5eff3dc2fba7c74f4f89b509f6d42a71b45051528b065150e61a65ecd6d29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:28:31 GMT content-encoding br x-content-type-options nosniff age 999 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64908 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 27 Aug 2024 18:28:31 GMT
GET H2	200	index.html s0.2mdn.net/sadbundle/7829920651181123238/ Frame 8A20	0 0	456ms 57ms	Document text/html	2607:f8b0:4006:81d::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/7829920651181123238/index.html?e=69&leftOffset=0&topOffset=0&c=dcR1p9aFTq&t=1&renderingType=2&ev=01_252 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2006 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:45:11 GMT expires Wed, 27 Aug 2025 17:45:11 GMT last-modified Wed, 19 Jul 2023 13:58:42 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	view ad.doubleclick.net/pcs/ Frame C4CF	0 0	125ms 124ms	Fetch image/png	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsspQe67xEiN12O9Xbhi75Btwyo4_ZKS_WsdOn12tUoU6TGwECV0W_Kk5elzcLhIRUKTMCKYzYDYFom6jwK5rsR0JxQY4Sxi3-RcfXZ0L3pb18eIBH46woYia08ba1G7YSpOOO13FsQGnV-pTlZ_3Vqh46xnzVwWUTBDBnQ5txpMt4Nf-VKGYtJs_mExbA5-mP3SSXgD-7ZAZTpH6Ra1ING8KqoZ-H-CBDkqiZG_OtPwDELUXiGJVSlkkSmViZydMwaWcUoc0hbqQi1ercr5GAO0a7kpsAK4IeRo-42cqnQDJUdqEbqn7_HIeAfqRioE3xeQ57Umchd5b5gvB6yo2w7bsHvLZ0eDopf2Q0cCc5bDVWT2Us9S-PAl3xA5MSBEcTa1pnDGVjGGodXJoN3Z4ZX5hwyqceKaJ1yMZWvw6LFX33yLwoM2Smr9g50KIYUVN96VfUSeiiM1qpmyIkUTbmyGUor7UEtq_qCNQi46o2Ktu_E9Vg583aTr6gSIBSumEPvfGY4ZgjblJ4XHFxGMC9PTSNm_6Zl4qlrOGYSL2xxw7kGepM54csuMDw-BO1nzqDQbNclvNwbsbZKxiLrEY7L_NXvA9DvJVUS6b-K4nzbcKIUmAXuB54Ki-7FLKplrKZgGxedd9486WwgJrueVhQMHPTmQOR7q-Mq0OwqZzg-zq1hwbRJsR1pCgXxntBqM-UY48ONVf_S4_zFwFnVi6pigutqPrrtSE8CUugQAD2G9Hh4Yid7tASWv4ur5AJLjFP8oFwtLWDydifr-YrZalMr2ol9xJt44oj42lxsEiZ3xZKAUYcPs9HOQAiRbdNUW32zORDbAUH3gL1p3w31UJpaLMdIOfP6fsYHOBm3O1SBmArT8IKO85cl7pq6wPGFxpswi6FIA6-dtf82vQHblTGniAt1wJqf8HbK-VGmJbQrtCfKZvL5h2on_jGigeaCeZaQ4l_vghJibIBAvUScBo7xqK1vxnD9jgWjLAcE9UnAr29OaQeQWCGHalXLp8i3n85__LZeIiy0pDzk3OtLTKMyNiM9IHpMxudOp3GDnJoCRb003wrLfC3UZUAgDhedRmX3GnACRm-JeXf47oIWEaOnaXx88jelxEYqvvcpUu2IBur9TSbGZhHlaOU87KIlZrtc-hk6ABURxzKTbUY0YeB7sj0rtmvHQNWzqPT5daLLPsVB0msDoa5rM-8BY7dlgjnWX_e50H_a9KptMV-Kdi7smlwAnjJxGugMAA-TVuVolpO6eWCKuBgLyHNZd4QnUbu2laK6lsCgniU6izPQ_zKva_JkvGr2RZXzGU7DFjQVHd3kJ4EbmQGKf9lSApAsRaRFdBrFsfPI0tVginWFOba2WEbglIvA3TC2-wUgQJzYzl-rKOV0DGb_Q5LmSyktx4GWnEwUl5rDjue21y7dqep1fTkjEBZgfBk2Hi9x6KP-xB7rf-Upehm_cRK4McxrpDQXTB8MWAF9_o7nuEw&sai=AMfl-YQPZmc4EfbbYUN_W09i1UjQLloJDgG8kL9axS5Aa70HR0526m2ikws5PHs8QrIqcWNJq8Za-cjIp7g12eoCoRMFSfbjgAD3rzJGn7qzL4s8OSXLmhryaqxh3vGV9dx1pIgwV3F34p1ISvxAduJ6lwniVtjenHt1YABewX1AUQw3hTSa8vAdlxPQtZgoMkibrKa9TiG9lJ-x2lYRMHqOMdTv8IBd8PP2eIqotE2sZ0fn4rqqopzcDPg219Le4bOjXkHIJ-5paRkDi0tnt3k&sig=Cg0ArKJSzHbwS-X5webTEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9nb29nbGUuY29tLGh0dHBzOi8vd2FsbWFydC5jYQ&pr=8:57C4A44A7D225F82&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=519&cbvp=1&cstd=489&cisv=r20240822.92544&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl= Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 27 Aug 2024 17:45:10 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 attribution-reporting-register-source {"aggregation_keys":{"902562524":"0x4f92d6cdedb289ce0000000000000000","902562525":"0x90a85deac9fad8d80000000000000000","902562526":"0xbb3f793ce95ea9430000000000000000","902562527":"0x9f6c2ceae0263dd40000000000000000"},"debug_key":"1493709554140159377","debug_reporting":true,"destination":["https://walmart.ca","https://walmartrewards.ca","https://debugconversiondomain1.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["41169635"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["6835277"]},"max_event_level_reports":2,"priority":"0","source_event_id":"18337219241665311277"} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/png access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Tue, 27 Aug 2024 17:45:10 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 69B1	0 0	195ms 102ms	Fetch image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxX8Qc-1054M2cAQL-0ybCwQ6sfn5yHXSiHXI3zrQCcqBDrIi4I41aK85PSbn-Z6gz93nigNoLxno6CxP02yd1iWAje3JIlVO9v2GQlZu6YajKWOLXEVEAVy3nQJ5r14NwhB9MMrAg== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	87ms 86ms	Script application/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxX8Qc-1054M2cAQL-0ybCwQ6sfn5yHXSiHXI3zrQCcqBDrIi4I41aK85PSbn-Z6gz93nigNoLxno6CxP02yd1iWAje3JIlVO9v2GQlZu6YajKWOLXEVEAVy3nQJ5r14NwhB9MMrAg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NzgwNzEwLDgyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kdWVsaW5nbmV4dXMuY29tL2xvZ2luIixudWxsLFtbOCwiS3loNVZkb2hUSjQiXSxbOSwiZW4tVVMiXSxbMjAsIltudWxsLG51bGwsWzMxMDg2MTMxXSxudWxsLDE0XSJdLFsxOSwiMiJdXV0 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 14169d93dccf79cbafaff14f48be1d234d681c96d4e6ee28f7bb411d5a82dab3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FxE9YWHJCPV9NY8SnuHSZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:10 GMT content-security-policy script-src 'report-sample' 'nonce-FxE9YWHJCPV9NY8SnuHSZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh2PZwh3b2AR-_H-6hFlJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDCyEzPwCS-wAAAIdg_CQ" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	1152ms 49ms	Script text/javascript	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 27 Aug 2024 16:06:04 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 5948 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 27 Aug 2024 18:06:04 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	255 KB 90 KB	1185ms 98ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash aa8d91eb94c0c28b438a6ee3d2105e1dacf5aa4bb20d24b1ee98cfa6b075e6ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91638 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Aug 2024 17:45:12 GMT
POST H2	204	collect Show response a.ad.gt/api/v1/	0 118 B	116ms 102ms	XHR text/plain	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.ad.gt/api/v1/collect Requested by Host: p.ad.gt URL: https://p.ad.gt/api/v1/p/720 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type text/plain Response headers access-control-allow-origin https://duelingnexus.com date Tue, 27 Aug 2024 17:45:10 GMT access-control-allow-credentials true cf-cache-status DYNAMIC server cloudflare cf-ray 8b9ddfb33c3036d0-YYZ vary Origin
GET H2	204	getpixels Show response pixels.ad.gt/api/v1/	0 89 B	1196ms 108ms	Script text/plain	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixels.ad.gt/api/v1/getpixels?tagger_id=200e3458abc2f9142f7a61fbc84eecf3&url=https%3A%2F%2Fduelingnexus.com%2Flogin&code=%27none%27 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:12 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 8b9ddfbd1db5541f-YYZ
POST H2	200	match Show response seg.ad.gt/api/v2/	4 KB 398 B	139ms 135ms	XHR application/json	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seg.ad.gt/api/v2/match Requested by Host: p.ad.gt URL: https://p.ad.gt/api/v1/p/720 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f219f9278f342ab0129993f03cbc303fe8fa68bc679398358bfb5ba057d16d4 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/json Response headers date Tue, 27 Aug 2024 17:45:12 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary origin, access-control-request-method, access-control-request-headers, accept-encoding content-type application/json access-control-allow-origin * access-control-expose-headers * cf-ray 8b9ddfba0f54ac26-YYZ
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C4CF	0 0	104ms 104ms	Fetch image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	1899 tracker.nitropay.com/i/	0 10 B	60ms 59ms	Ping text/plain	35.244.144.25 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tracker.nitropay.com/i/1899?d=eyJhdWYiOiJhbmNob3IiLCJhZFVuaXRDb2RlIjoiTG9naW4gLSBBbmNob3IiLCJjcmVhdGl2ZUlkIjoiMjI0OTo1ODI0MzE3MDIiLCJiaWRkZXIiOiJydWJpY29uIiwidGltZVRvUmVzcG9uZCI6ODMyLCJoZWlnaHQiOjUwLCJ3aWR0aCI6MzIwLCJjcG0iOjAuMzYsImhyZWYiOiJodHRwczovL2R1ZWxpbmduZXh1cy5jb20vbG9naW4iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJJZFwiOjI4MjYwLFwibmV0d29ya0lkXCI6MjI0OSxcIm1lZGlhVHlwZVwiOlwiYmFubmVyXCIsXCJhZHZlcnRpc2VyRG9tYWluc1wiOltcImV4cGVkaWEuY29tXCJdfSIsInJlcXVlc3RJZCI6IjAxOTE5NGYwLWZmOTQtNzAwMC05NjQ0LTBlYzRjZTMyNmVlYSIsImMiOiJDQSIsInIiOiJRQyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzI0NzgwNzA5ODYxLCJmIjoiMWV3ZzdjeSIsInYiOiIzMjIyOTM2In0%3D&v=true&t=1079 Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 25.144.244.35.bc.googleusercontent.com Software nginx/1.27.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:11 GMT via 1.1 google server nginx/1.27.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H3	204	AGSKWxUEq7o3QP1LSWwNQPXORSxWJmF0g01lJz1dnKuprZs0UYNFekN7wulIc6uQ17hEKNmDS1veXnbw6yGqoLZDjOZZa2q3bPNuKMg3PJ4Rz1iSewFLiYW9jfES0oR4Mbl9E_8Q9djCuA== Show response fundingchoicesmessages.google.com/el/	0 28 B	92ms 87ms	XHR text/html	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUEq7o3QP1LSWwNQPXORSxWJmF0g01lJz1dnKuprZs0UYNFekN7wulIc6uQ17hEKNmDS1veXnbw6yGqoLZDjOZZa2q3bPNuKMg3PJ4Rz1iSewFLiYW9jfES0oR4Mbl9E_8Q9djCuA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Kyh5VdohTJ4.es5.O/am=UDA/d=1/rs=AJlcJMwV693qt8MavvUt6QxzR_8-3HZkqA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xGJlHYrkR3NsS8kcGY3ygQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Tue, 27 Aug 2024 17:45:11 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xGJlHYrkR3NsS8kcGY3ygQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDiWL9yxjU3gw8_zLYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshMz8AsvsAAAGy9LmU" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://duelingnexus.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	62bHydCX.html tpc.googlesyndication.com/sodar/ Frame 3AAA	0 0	168ms 37ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1683 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:17:08 GMT expires Wed, 27 Aug 2025 17:17:08 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	62bHydCX.html tpc.googlesyndication.com/sodar/ Frame D84D	0 0	138ms 138ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1683 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:17:08 GMT expires Wed, 27 Aug 2025 17:17:08 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	200	match seg.ad.gt/api/v2/ Frame	0 0	1084ms 102ms	Preflight	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://seg.ad.gt/api/v2/match Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://duelingnexus.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * allow POST cf-cache-status DYNAMIC cf-ray 8b9ddfb95ebdac26-YYZ date Tue, 27 Aug 2024 17:45:11 GMT server cloudflare vary origin, access-control-request-method, access-control-request-headers
GET H2	200	62bHydCX.html tpc.googlesyndication.com/sodar/ Frame 8E53	0 0	6ms 6ms	Document text/html	2607:f8b0:4006:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1683 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 17:17:08 GMT expires Wed, 27 Aug 2025 17:17:08 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1C57	42 B 65 B	101ms 100ms	Fetch image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuu3xGGsHSHTFXwFtAPI3HjrtUw2_oZTGI5K6YSWKJzeRKX67RQxBkeeqo_HIc_W_lGCPnljYy4fuDPfw7pd5Xd-eC7ncQomOeVWkx4wuhNjJnEFHvq6i-5czabnIWV6n6C6AqEBMX710Qlfg&sig=Cg0ArKJSzGkO1hE-xSrPEAE&id=lidar2&mcvt=1002&p=0,0,600,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240826&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2071351000&rst=1724780709193&rpt=1351&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:11 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	log api.btloader.com/	0 0	77ms 66ms	Fetch	130.211.23.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/log?tid=0qWlBqC68&cv=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&sid=dqAaq3kh&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=6278260873756672&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 27 Aug 2024 17:45:11 GMT via 1.1 google vary Origin x-ratelimit-remaining 4680 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-ratelimit-reset 1724780712 x-ratelimit-limit 5000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	rid Show response match.adsrvr.org/track/	108 B 732 B	113ms 61ms	Fetch application/json	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash e9eee4e1178dbdd92355023076514ecc169381495a97ee2e6c029bc8086cd816 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Tue, 27 Aug 2024 17:45:11 GMT content-encoding gzip server Kestrel vary Origin, Accept-Encoding content-type application/json access-control-allow-origin https://duelingnexus.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept expires Thu, 26 Sep 2024 17:45:11 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 69B1	42 B 65 B	130ms 123ms	Fetch image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIwY-B8X7WaxCd38NC1h5lFmxk_mIlJgRxQY18roI-FMCRAX-I1vsqFnRv0a1EXCFBzBWsn7kZOmlBefnplAP4bzzTwcWIxmiFTMj-IHdMjjp-btGzqfv5_689bBJ5VP59s77nELWh_0E3yg&sig=Cg0ArKJSzJDT_YdeYYmnEAE&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240826&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2071351000&rst=1724780709577&rpt=1160&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:11 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame C4CF	42 B 65 B	102ms 102ms	Fetch image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjLVGVGjf1J85HK9uosU3Qwi-weYQMMHOB-BXNmB75fpJnKYqWrapP7Tk4JL7ORrSmfse2EI9xDb0X_0j5CtcTckgTLlJS0b-0YixXC8IRpZUllChWvUjbmuiVig_CYfOTo-88yPwyrRMcEw&sig=Cg0ArKJSzIIPWOBFzYJ1EAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240826&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2071351000&rst=1724780708971&rpt=2019&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:12 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	join-ad-interest-groups.html proton.ad.gt/ Frame 48CE	0 0	448ms 58ms	Document text/html	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://proton.ad.gt/join-ad-interest-groups.html Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-origin * ad-auction-allowed true age 3090 apigw-requestid dLJQWgcLvHcEPyg= cache-control max-age=14400 cf-cache-status HIT cf-ray 8b9ddfbefa9eac52-YYZ content-encoding br content-type text/html date Tue, 27 Aug 2024 17:45:12 GMT last-modified Tue, 27 Aug 2024 15:22:29 GMT server cloudflare supports-loading-mode fenced-frame vary Accept-Encoding
GET H2	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 962 B	71ms 67ms	Script text/javascript	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 16:47:41 GMT content-encoding br x-content-type-options nosniff age 3451 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 630 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 27 Aug 2024 17:47:41 GMT
GET H2	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	68ms 67ms	Script text/javascript	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:13:30 GMT content-encoding br x-content-type-options nosniff age 1902 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1129 x-xss-protection 0 last-modified Tue, 27 Jun 2023 17:28:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 27 Aug 2024 18:13:30 GMT
GET H3	200	view ad.doubleclick.net/pcs/ Frame C4CF	0 0	221ms 208ms	Fetch image/png	142.251.40.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsspQe67xEiN12O9Xbhi75Btwyo4_ZKS_WsdOn12tUoU6TGwECV0W_Kk5elzcLhIRUKTMCKYzYDYFom6jwK5rsR0JxQY4Sxi3-RcfXZ0L3pb18eIBH46woYia08ba1G7YSpOOO13FsQGnV-pTlZ_3Vqh46xnzVwWUTBDBnQ5txpMt4Nf-VKGYtJs_mExbA5-mP3SSXgD-7ZAZTpH6Ra1ING8KqoZ-H-CBDkqiZG_OtPwDELUXiGJVSlkkSmViZydMwaWcUoc0hbqQi1ercr5GAO0a7kpsAK4IeRo-42cqnQDJUdqEbqn7_HIeAfqRioE3xeQ57Umchd5b5gvB6yo2w7bsHvLZ0eDopf2Q0cCc5bDVWT2Us9S-PAl3xA5MSBEcTa1pnDGVjGGodXJoN3Z4ZX5hwyqceKaJ1yMZWvw6LFX33yLwoM2Smr9g50KIYUVN96VfUSeiiM1qpmyIkUTbmyGUor7UEtq_qCNQi46o2Ktu_E9Vg583aTr6gSIBSumEPvfGY4ZgjblJ4XHFxGMC9PTSNm_6Zl4qlrOGYSL2xxw7kGepM54csuMDw-BO1nzqDQbNclvNwbsbZKxiLrEY7L_NXvA9DvJVUS6b-K4nzbcKIUmAXuB54Ki-7FLKplrKZgGxedd9486WwgJrueVhQMHPTmQOR7q-Mq0OwqZzg-zq1hwbRJsR1pCgXxntBqM-UY48ONVf_S4_zFwFnVi6pigutqPrrtSE8CUugQAD2G9Hh4Yid7tASWv4ur5AJLjFP8oFwtLWDydifr-YrZalMr2ol9xJt44oj42lxsEiZ3xZKAUYcPs9HOQAiRbdNUW32zORDbAUH3gL1p3w31UJpaLMdIOfP6fsYHOBm3O1SBmArT8IKO85cl7pq6wPGFxpswi6FIA6-dtf82vQHblTGniAt1wJqf8HbK-VGmJbQrtCfKZvL5h2on_jGigeaCeZaQ4l_vghJibIBAvUScBo7xqK1vxnD9jgWjLAcE9UnAr29OaQeQWCGHalXLp8i3n85__LZeIiy0pDzk3OtLTKMyNiM9IHpMxudOp3GDnJoCRb003wrLfC3UZUAgDhedRmX3GnACRm-JeXf47oIWEaOnaXx88jelxEYqvvcpUu2IBur9TSbGZhHlaOU87KIlZrtc-hk6ABURxzKTbUY0YeB7sj0rtmvHQNWzqPT5daLLPsVB0msDoa5rM-8BY7dlgjnWX_e50H_a9KptMV-Kdi7smlwAnjJxGugMAA-TVuVolpO6eWCKuBgLyHNZd4QnUbu2laK6lsCgniU6izPQ_zKva_JkvGr2RZXzGU7DFjQVHd3kJ4EbmQGKf9lSApAsRaRFdBrFsfPI0tVginWFOba2WEbglIvA3TC2-wUgQJzYzl-rKOV0DGb_Q5LmSyktx4GWnEwUl5rDjue21y7dqep1fTkjEBZgfBk2Hi9x6KP-xB7rf-Upehm_cRK4McxrpDQXTB8MWAF9_o7nuEw&sai=AMfl-YQPZmc4EfbbYUN_W09i1UjQLloJDgG8kL9axS5Aa70HR0526m2ikws5PHs8QrIqcWNJq8Za-cjIp7g12eoCoRMFSfbjgAD3rzJGn7qzL4s8OSXLmhryaqxh3vGV9dx1pIgwV3F34p1ISvxAduJ6lwniVtjenHt1YABewX1AUQw3hTSa8vAdlxPQtZgoMkibrKa9TiG9lJ-x2lYRMHqOMdTv8IBd8PP2eIqotE2sZ0fn4rqqopzcDPg219Le4bOjXkHIJ-5paRkDi0tnt3k&sig=Cg0ArKJSzHbwS-X5webTEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9nb29nbGUuY29tLGh0dHBzOi8vd2FsbWFydC5jYQ&pr=8:57C4A44A7D225F82&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2582&vt=11&dtpt=2063&dett=3&cstd=489&cisv=r20240822.92544&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl= Requested by Host: rumcdn.geoedge.be URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 17:45:12 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"902562524":"0x4f92d6cdedb289ce0000000000000000","902562525":"0x90a85deac9fad8d80000000000000000","902562526":"0xbb3f793ce95ea9430000000000000000","902562527":"0x9f6c2ceae0263dd40000000000000000"},"debug_key":"1079831195987122500","debug_reporting":true,"destination":["https://walmart.ca","https://walmartrewards.ca","https://debugconversiondomain1.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["41169635"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["6835277"]},"max_event_level_reports":2,"priority":"0","source_event_id":"10738352357384909209"} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/png access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 27 Aug 2024 17:45:12 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1C57	0 22 B	101ms 101ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6667291117958&version=m202406030101&ct=76&x=8&cor=12447002118876422000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 69B1	0 22 B	119ms 112ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5885080388171&version=m202406030101&ct=76&x=8&cor=14403780077498083000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	event Show response p.ad.gt/api/v1/	0 34 B	101ms 98ms	XHR text/plain	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p.ad.gt/api/v1/event Requested by Host: p.ad.gt URL: https://p.ad.gt/api/v1/p/720 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/json Response headers access-control-allow-origin https://duelingnexus.com date Tue, 27 Aug 2024 17:45:13 GMT access-control-allow-credentials true cf-cache-status DYNAMIC server cloudflare cf-ray 8b9ddfc53ac7ac57-YYZ vary Origin
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C4CF	0 22 B	119ms 118ms	Ping image/gif	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=521523436713&version=m202406030101&ct=76&x=8&cor=5674844647405089000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 27 Aug 2024 17:45:13 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/dmp/ Frame E668	0 0	1001ms 45ms	Document text/html	151.101.65.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 85872 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Tue, 27 Aug 2024 17:45:14 GMT ETag W/"623de86a-cf34" Expires Fri, 17 May 2024 08:31:56 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 26, 273639 X-Served-By cache-lga13626-LGA, cache-yul1970026-YUL X-Timer S1724780715.917986,VS0,VE0
GET H2	200	checksync.php contextual.media.net/ Frame CB51	0 0	174ms 172ms	Document text/html	23.56.162.28 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2075%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C2104%2C2026%2C236%2C3038%2C2025%2C2069%2C237%2C556%2C117%2C97%2C55%2C99%2C2045%2C3012%2C2087%2C3011%2C3010%2C2041%2C122%2C201%2C2039%2C246%2C4%2C521%2C126%2C203%2C522%2C2113%2C446%2C523%2C326%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C294%2C251%2C450%2C2009%2C255%2C3018%2C3017%2C2125%2C214%2C2124%2C3014%2C338%2C459%2C77%2C38%2C2100%2C2022%2C182%2C141%2C262%2C3073%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-162-28.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=93600 cache-control max-age=0, no-cache, no-store content-encoding gzip content-length 12748 content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 17:45:14 GMT expires Tue, 27 Aug 2024 17:45:14 GMT pragma no-cache server Apache strict-transport-security max-age=31536000 vary Accept-Encoding x-mnet-hl2 E
GET H2	200	usync.html eus.rubiconproject.com/ Frame C576	0 0	70ms 69ms	Document text/html	23.56.163.106 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-163-106.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 224 content-type text/html; charset=UTF-8 date Tue, 27 Aug 2024 17:45:14 GMT etag "28052a-10d-6142d69a886c0" last-modified Thu, 21 Mar 2024 15:32:19 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 4163	0 0	49ms 47ms	Document text/html	23.41.168.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=0&gdpr_consent=&us_privacy=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-41-168-202.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=78811 content-encoding gzip content-length 5633 content-type text/html date Tue, 27 Aug 2024 17:45:13 GMT expires Wed, 28 Aug 2024 15:38:44 GMT last-modified Mon, 26 Aug 2024 15:25:10 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	sync eb2.3lift.com/ Frame E29D	0 0	56ms 56ms	Document text/html	52.223.22.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync?us_privacy=1---& Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate content-length 1274 content-type text/html; charset=utf-8 date Tue, 27 Aug 2024 17:45:14 GMT p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	pd ggsoftware-d.openx.net/w/1.0/ Frame 042D	0 0	75ms 46ms	Document text/html	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ggsoftware-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1--- Requested by Host: s.nitropay.com URL: https://s.nitropay.com/ads-1899.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash Request headers Referer https://duelingnexus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 549 content-type text/html date Tue, 27 Aug 2024 17:45:14 GMT p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
OPTIONS H2	200	event p.ad.gt/api/v1/ Frame	0 0	228ms 114ms	Preflight text/html	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p.ad.gt/api/v1/event Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://duelingnexus.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-allow-origin https://duelingnexus.com allow OPTIONS, POST cf-cache-status DYNAMIC cf-ray 8b9ddfc48a2fac57-YYZ content-encoding br content-type text/html; charset=utf-8 date Tue, 27 Aug 2024 17:45:13 GMT server cloudflare vary Origin
GET H2	200	envelope Show response lexicon.33across.com/v1/	42 B 244 B	317ms 96ms	XHR application/json	35.244.193.51
General Check archive.org Show headers Download Go to Full URL https://lexicon.33across.com/v1/envelope?pid=0010b00002VqwyFAAR&src=aps&ver=1.13.0&us_privacy=1--- Requested by Host: cdn-ima.33across.com URL: https://cdn-ima.33across.com/ima.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.193.51 -, , ASN (), Reverse DNS Software / Resource Hash 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d Request headers Referer https://duelingnexus.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 27 Aug 2024 17:45:18 GMT via 1.1 google vary origin content-type application/json access-control-allow-origin https://duelingnexus.com cache-control private, must-revalidate, max-age=28800 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

apex.go.sonobi.com

URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226006d256b3a542%22%3A%2273417d48500921b44e50%7C728x90%2C970x90%2C970x250%2C300x250%7Cf%3D0.05%2Cgpid%3D%2Flogin%23Login%20-%20Header%2Cc%3Dd%2C%22%2C%22742c55fd10b06c%22%3A%2203b4b3582d3dcb19e84c%7C300x250%7Cf%3D0.1%2Cgpid%3D%2Flogin%23Login%20-%20Header%2Cc%3Dv%2Cpm%3D2%2Cp%3D2%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fduelingnexus.com%2Flogin&s=e5720e2d-10a3-413d-8664-719c886e30be&pv=10cb6a5c-accd-44d5-a3c5-de36130dae08&vp=desktop&lib_name=prebid&lib_v=8.52.0&us=999&iqid=%7B%22pcid%22%3A%22a87b8fbe-43aa-4d75-a7e8-3af84a112f8a%22%2C%22pcidDate%22%3A1724780707532%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%229213a89d-00a2-492a-911b-eadd1ce71385%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%2C%22keywords%22%3A%22duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards%22%2C%22publisher%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduelingnexus.com%2Flogin%22%2C%22name%22%3A%22Dueling%20Nexus%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22269%22%2C%22271%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%221469%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac12e589-e16d-4b22-a795-679dbdc8a930%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards&us_privacy=1---&coppa=0

Domain

apex.go.sonobi.com

URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2236d0d5a4fbfbd66%22%3A%2273417d48500921b44e50%7C300x250%2C300x600%2C160x600%7Cf%3D0.05%2Cgpid%3D%2Flogin%23Login%20-%20Sidebar%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduelingnexus.com%2Flogin&s=9d32cf1e-40fe-4c2a-9dfe-8e050660a2e6&pv=10cb6a5c-accd-44d5-a3c5-de36130dae08&vp=desktop&lib_name=prebid&lib_v=8.52.0&us=999&iqid=%7B%22pcid%22%3A%22a87b8fbe-43aa-4d75-a7e8-3af84a112f8a%22%2C%22pcidDate%22%3A1724780707532%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%221eaa565f-8f63-402f-8901-1f4a0079aab8%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%2C%22keywords%22%3A%22duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards%22%2C%22publisher%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduelingnexus.com%2Flogin%22%2C%22name%22%3A%22Dueling%20Nexus%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22269%22%2C%22271%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%221469%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac12e589-e16d-4b22-a795-679dbdc8a930%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards&us_privacy=1---&coppa=0

Domain

apex.go.sonobi.com

URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2260785c96041793f%22%3A%2273417d48500921b44e50%7C970x90%2C728x90%2C320x50%2C320x100%7Cf%3D0.05%2Cgpid%3D%2Flogin%23Login%20-%20Anchor%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fduelingnexus.com%2Flogin&s=77aa2dc0-b73f-468d-b52e-3a0dea9fe4a0&pv=10cb6a5c-accd-44d5-a3c5-de36130dae08&vp=desktop&lib_name=prebid&lib_v=8.52.0&us=999&iqid=%7B%22pcid%22%3A%22a87b8fbe-43aa-4d75-a7e8-3af84a112f8a%22%2C%22pcidDate%22%3A1724780707532%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22241f81ca-5a95-49b8-aa15-e38b1445cc1d%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%2C%22keywords%22%3A%22duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards%22%2C%22publisher%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduelingnexus.com%2Flogin%22%2C%22name%22%3A%22Dueling%20Nexus%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22269%22%2C%22271%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%221469%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac12e589-e16d-4b22-a795-679dbdc8a930%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards&us_privacy=1---&coppa=0

Domain

apex.go.sonobi.com

URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2276823b6e5300a67%22%3A%2203b4b3582d3dcb19e84c%7C300x169%7Cf%3D0.1%2Cgpid%3D%2Flogin%23Login%20-%20Floating%20Video%20Player%2Cc%3Dv%2Cpm%3D2%2Cp%3D5%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fduelingnexus.com%2Flogin&s=38622995-4cc8-4d92-b2df-7668030e61b8&pv=10cb6a5c-accd-44d5-a3c5-de36130dae08&vp=desktop&lib_name=prebid&lib_v=8.52.0&us=999&iqid=%7B%22pcid%22%3A%22a87b8fbe-43aa-4d75-a7e8-3af84a112f8a%22%2C%22pcidDate%22%3A1724780707532%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%224aa18c36-31ab-4703-89da-0cb922a3c698%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%2C%22keywords%22%3A%22duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards%22%2C%22publisher%22%3A%7B%22domain%22%3A%22duelingnexus.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fduelingnexus.com%2Flogin%22%2C%22name%22%3A%22Dueling%20Nexus%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%22269%22%2C%22271%22%5D%2C%22privacypolicy%22%3A1%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nitropay.com%22%2C%22sid%22%3A%221469%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ac12e589-e16d-4b22-a795-679dbdc8a930%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=duelingnexus%2Cyugioh%2Cyugiohgame%2Cyugiohonline%2Cfreeyugiohgame%2Cyugiohdeck%2Cyugiohdecks%2Cyugiohdiscord%2Cygopro%2Cygoproandroid%2Cygopro2%2Cygoprodiscord%2Cduelingbook%2Cduelingnetwork%2Cyugiohonlinedueling%2Cyugiohbanlist%2Clatestyugiohbanlist%2Cplayyugiohonline%2Cyugiohonlinegames%2Cyugiohcard%2Cyugiohcards&us_privacy=1---&coppa=0