urlscan.io logo urlscan.io
SecurityTrails logo

www.ducksters.com Open in urlscan Pro
2606:4700:20::681a:c86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/duckstersvd
Effective URL: https://www.ducksters.com/holidays/veterans_day.php
Submission: On November 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 21 domains to perform 144 HTTP transactions. The main IP is 2606:4700:20::681a:c86, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ducksters.com. The Cisco Umbrella rank of the primary domain is 273035.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time www.ducksters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
17 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:225... 16509 (AMAZON-02)
2 88.221.169.143 16625 (AKAMAI-AS)
2 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
16 2600:9000:225... 16509 (AMAZON-02)
1 18.132.134.118 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
10 3.91.171.243 14618 (AMAZON-AES)
2 4 142.250.185.70 15169 (GOOGLE)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 185.94.180.124 35220 (SPOTX-AMS)
144 28
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
6    2606:4700:20::681a:c86 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ducksters.com
17    2600:9000:223d:d200:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergi.com
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    2600:9000:2250:4600:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergient.com
2    88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
16    2600:9000:2250:4e00:13:7c50:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.playwire.com
1    18.132.134.118 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-134-118.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
1    2600:9000:223c:6800:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
config.playwire.com
7    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
26    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    3.91.171.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-171-243.compute-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
4    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
2    2a02:26f0:780::5f65:36c3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
Apex Domain
Subdomains		 Transfer
26 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
480 KB
20 googlesyndication.com
736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
85 KB
17 playwire.com
cdn.playwire.com — Cisco Umbrella Rank: 17279
config.playwire.com — Cisco Umbrella Rank: 12766
181 KB
17 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 14425
288 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
ad.doubleclick.net — Cisco Umbrella Rank: 208
180 KB
10 amazonaws.com
kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1588
6 KB
7 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 12118
79 KB
6 ducksters.com
www.ducksters.com — Cisco Umbrella Rank: 273035
118 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 317
109 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 134
www.google.com — Cisco Umbrella Rank: 17
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
region1.google-analytics.com — Cisco Umbrella Rank: 2041
21 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 598
mb.moatads.com — Cisco Umbrella Rank: 892
px.moatads.com — Cisco Umbrella Rank: 620
78 KB
2 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1999
125 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
95 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5594
914 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
8 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
118 KB
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 688
1 KB
1 gstatic.com
fonts.gstatic.com
28 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4938
248 B
144 21
Domain Requested by
26 s0.2mdn.net 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
s0.2mdn.net
17 cdn.intergi.com www.ducksters.com
cdn.intergi.com
16 cdn.playwire.com cdn.intergient.com
cdn.playwire.com
10 kinesis.us-east-1.amazonaws.com cdn.intergient.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ducksters.com
736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
10 securepubads.g.doubleclick.net cdn.intergi.com
securepubads.g.doubleclick.net
www.ducksters.com
736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
www.googletagservices.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 cdn.intergient.com cdn.intergi.com
cdn.intergient.com
6 www.ducksters.com www.ducksters.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 ad.doubleclick.net 2 redirects 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
3 www.google.com 1 redirects tpc.googlesyndication.com
www.ducksters.com
3 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 code.createjs.com s0.2mdn.net
2 www.googletagservices.com 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com www.ducksters.com
2 www.googletagmanager.com www.ducksters.com
www.googletagmanager.com
1 search.spotxchange.com cdn.playwire.com
1 googleads.g.doubleclick.net www.ducksters.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 config.playwire.com cdn.playwire.com
1 px.moatads.com www.ducksters.com
1 mb.moatads.com z.moatads.com
1 region1.google-analytics.com www.googletagmanager.com
1 z.moatads.com cdn.intergi.com
1 bit.ly 1 redirects
144 30

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
cdn.intergi.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
cdn.intergient.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.playwire.com
Amazon		 2022-03-13 -
2023-04-11		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
kinesis.us-east-1.amazonaws.com
Amazon		 2022-10-21 -
2023-10-20		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh

This page contains 11 frames:

Primary Page: https://www.ducksters.com/holidays/veterans_day.php
Frame ID: 3B6C02EF843573A2C68050166FC9A9EC
Requests: 58 HTTP requests in this frame

Frame: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 8F8A357F05074CEC6961C5EB2697E113
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2461B41D96A385722FCE6C08EFD7D6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 72EBFF0CA15AD89BEBF8127A6E26396C
Requests: 2 HTTP requests in this frame

Frame: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: E5293BC00EF7D03A902821FDE2B61056
Requests: 9 HTTP requests in this frame

Frame: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 326307FEF8B9623C8D3FE29F8412652D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: C7B4B949FCD9430D6347AB342BA03053
Requests: 15 HTTP requests in this frame

Frame: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Frame ID: 92020EB500C3D14DEE96CCB007C62FE1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
Frame ID: EAF93BF5E65DEC86031600F58BAE6068
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
Frame ID: 54A20DBEC64E248B55297CC574DE0F71
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
Frame ID: 5E0E093717F675EE23D90C4718AED6FB
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Holidays for Kids: Veterans Day

Page URL History Show full URLs

  1. https://bit.ly/duckstersvd HTTP 301
    https://www.ducksters.com/holidays/veterans_day.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

144
Requests

98 %
HTTPS

79 %
IPv6

21
Domains

30
Subdomains

28
IPs

4
Countries

2003 kB
Transfer

5675 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/duckstersvd HTTP 301
    https://www.ducksters.com/holidays/veterans_day.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 94
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348400702;dc_trk_aid=539845069;dc_trk_cid=179424599;ord=1282631836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348400702;dc_pre=CLfYsvn6nPsCFbyg_QcdSf8BrQ;dc_trk_aid=539845069;dc_trk_cid=179424599;ord=1282631836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 104
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348402172;dc_trk_aid=539589905;dc_trk_cid=179424266;ord=1871095679;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348402172;dc_pre=CPefs_n6nPsCFYnuuwgduoIH3w;dc_trk_aid=539589905;dc_trk_cid=179424266;ord=1871095679;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

144 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request veterans_day.php
www.ducksters.com/holidays/
Redirect Chain
  • https://bit.ly/duckstersvd
  • https://www.ducksters.com/holidays/veterans_day.php
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd391b3b9114b484d4c3e0e11220893e9808f969618ab5b627a55b69d5bbcd09
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=2592000
cf-cache-status
MISS
cf-ray
7668fc8bd9b5921f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 20:58:21 GMT
expires
Wed, 07 Dec 2022 20:58:21 GMT
last-modified
Mon, 07 Nov 2022 20:58:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ6JPtsfX5HwJ9Gn8s8gQqsN8yfPDVXufZlDt751Pf9u6rcXUXlr0KGtx3JnwizVZFNVmL0aCA%2BHsfk4EA8lG9U8KhUkSiElnQDfIotYCCXrL4F9u0Ct40QZR6JCj2TDFzL0UjjEpneG5jIED9nt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
138
content-type
text/html; charset=utf-8
date
Mon, 07 Nov 2022 20:58:21 GMT
location
https://www.ducksters.com/holidays/veterans_day.php
server
nginx
via
1.1 google
tyche.js
cdn.intergi.com/hera/ 		258 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/tyche.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
dee2e849bab24063ea7d3c9edb43cc9e01ca74d587e306acd83567860d7adefa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
br
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-lambda-function
us-east-1.pageos_production:154
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
ywRvDz3YPzLMRpzLx95RZBYMOPfQC_kBLItfXCs3zLj7Medvqy1ucQ==
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-714916-2
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aeaa3012886bc059c89fdc67fb020bad93d5d53bae3e7c1b33a2af3e1f76635a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43511
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 19:14:28 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Nov 2022 20:58:21 GMT
jquery-1.10.1.min.js
www.ducksters.com/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducksters.com/jquery-1.10.1.min.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/holidays/veterans_day.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2017 00:44:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4459284
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE9YUqigGR0hadb%2BtlonqdySb30GCdK48MJqKWwGEfg46uuTJ%2BaOt3%2BGjDxKPkErtH3XXpabUrMVXVU8JVwMD%2F1b18hzNO67dUMU41vvfxYyxDDhjE4EIoay7rkzZT3o%2BP1cZ3eIKXu4tKSJVa9s"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
7668fc8f0ef6921f-FRA
expires
Sun, 17 Sep 2023 06:16:56 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2853149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
975
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-fe0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WV1CtQDOS0LzNQ0SJ2fucoVH4UQz8dEUEAL8SPNqHb6ixe1je9WIeZhsmCqkqHy9CFXVynWbwq9q5t8IKDjwJ8B%2BeNJ3BY9cuKrMZGNbfprkWLGRiacD%2Bm%2Bf6SZ3n8gM4pfhtAj%2FTr97lJzfTx5tOZWW"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7668fc8f4a8c690d-FRA
expires
Sat, 28 Oct 2023 20:58:21 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10192314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5978
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woYbJYnBz%2F6K%2B8owLKyFqZg9Gq5qzjgoNKM%2Fvwr110t3CPsS8Phtcr%2BVa3RXyizVPCnj%2FVQdnv26OCWRCidyU8CzRqFWvr%2FsT9TdlxH276TlHr4rrIMi2HFjd384M7Nj2uW7ZVU6m1%2B3%2FjqfKegxfrAA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7668fc8f4a8e690d-FRA
expires
Sat, 28 Oct 2023 20:58:21 GMT
header.gif
www.ducksters.com/graphics/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/header.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/holidays/veterans_day.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Jan 2021 19:51:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4459285
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WhOQetHEtkIPiQAt6Hl5CAvEXRoUdJ7Kc6H%2BkhiF1OiP0dwoWDigFiZGhOYg99OrUlEHrB6m%2B%2BJbTd%2BAl4DeA5ytkaEBmPmMy6GF88c45SoPbS9mX3RoaLs4oH77X1pkqr5IicCbeUhw6FLS0kK"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7668fc8fbfe3921f-FRA
content-length
36185
expires
Sun, 17 Sep 2023 06:16:56 GMT
mobile.gif
www.ducksters.com/graphics/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/mobile.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/holidays/veterans_day.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Jan 2021 19:51:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4459285
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=befiGD3uda3AX1dLVbZvj1lAQ0UW6hJdL5vFi8gpcOswfsracVfIulwmwhgsisqRXYfpgAcr4sYicyFZd8BpFSl%2FSrsX5br9aSTk1uLTINbj%2FeJhQHoew3nzKXQdV2lahk8GcgyNmXSXXrO90X%2Fh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7668fc8fe838921f-FRA
content-length
5904
expires
Sun, 17 Sep 2023 06:16:56 GMT
veterans_day.jpg
www.ducksters.com/holidays/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/holidays/veterans_day.jpg
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f769b00cf1f9c0eba5cc9b7e3d45db499b491a8d00c4918548455d57468b40ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/holidays/veterans_day.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Jul 2012 16:00:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsjY4yv1yJhzRRcvosBCfIvI4FJfHmF7F%2FVv9d52uwdTmvjUbXoXHgbSPajpDM8CvEjQbNDLftsPK6r%2BtVbYWNIFyJwrT15UFg8QnphZ3ze6HUR8ktpKtQ6ueQDdb5CnxAzWOqYrfxJI9ILeWPfe"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7668fc9038b7921f-FRA
content-length
16245
expires
Tue, 07 Nov 2023 20:58:22 GMT
ducksters_footer_1.gif
www.ducksters.com/graphics/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducksters.com/graphics/ducksters_footer_1.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e3c588cc419ab189db73839b09f41688ad87e3e3531345780f05a202261208
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/holidays/veterans_day.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2017 21:40:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2460716
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kfaTNYn81OQ4ZmIPNL986fz%2FM267HjmSD09ECbIHOxPfLOKoztFOfiXuywnc2pyPfhNWztfjDg0Zpzw2Ic8%2F%2F8TXVRcfTicftLmC%2BIY6zxBYh4TJqWilVPFUVwYahIJf3NZ7vTE%2FBx63p%2F5g3dn"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7668fc912a34921f-FRA
content-length
19106
expires
Tue, 10 Oct 2023 09:26:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea5bfe8d3f07e7e6bc856b373bed2212ed68374fdf3d62f509920583feeca317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27485
x-xss-protection
0
server
sffe
etag
"1387 / 347 of 1000 / last-modified: 1667822841"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Nov 2022 20:58:22 GMT
videoCard.01fa78e7064a386f48fc.js
cdn.intergient.com/pageos/1.9.5/ 		554 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.9.5/videoCard.01fa78e7064a386f48fc.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 01:06:37 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 13:51:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
71506
etag
"ce3cc474e63b7f656de18953fb710c43"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
554
x-amz-cf-id
Vy16wYtF67nDH_DWDAVHz3jgBgsGsA3mb_ZUFIqrUOzAShFm64yCNA==
batchHandler.48b67d8f5be3c2f25514.js
cdn.intergient.com/pageos/1.9.5/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.9.5/batchHandler.48b67d8f5be3c2f25514.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48027641b9b68fc4c935af1c09f60855127855d88d6db82cbc0636c051964377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 00:26:22 GMT
content-encoding
br
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 13:51:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73921
etag
W/"54fee70c6729768e1d9c151cc2f3f4cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TQ-T181Kk81B8c-mnKts8GMoLNHYEa9UC1Xr7yWdq5JMwuJKpAjYjw==
ducksters_prebid.json
cdn.intergi.com/configs/ 		247 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/configs/ducksters_prebid.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
725c59437154130ffaecf8d148c147d836758271df0d9369f725834aa4e9baa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
JqrDbBkKdjv.Qd32Pap.O1cYNjcvMyHS
content-encoding
br
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 07:43:32 GMT
x-amz-cf-pop
FRA56-P3
age
47691
x-cache
Hit from cloudfront
last-modified
Mon, 03 Oct 2022 13:39:32 GMT
server
AmazonS3
etag
W/"28535da34fb9790666c74caacfa82db1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
DE
vary
Accept-Encoding
x-amz-cf-id
taronr06pnPcpWg7-jkZuXSgz0u_bpF5SzPCTOXt3Jhpjc1xYfEO4w==
moatheader.js
z.moatads.com/playwireprebidheader597261727146/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0c21790fd53e3b78fe935dd04be28160b7a39f95e0067a134dedffc0a2d2314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 15:35:45 GMT
server
AmazonS3
x-amz-request-id
96H0H0T975E30WP1
etag
"eeeb08dd5a0c527a953c4126e2b32065"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=40360
accept-ranges
bytes
content-length
78960
x-amz-id-2
FPARW4JAXMx+6uaJAW3/8R1GdIeog9uy8i/BeCX9Ic/KLx0ehZ0duYWB+GjLZzMlt7OGtVmo34g=
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714916-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 19:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5613
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 07 Nov 2022 21:24:49 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K9B1TMX9Y2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714916-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47f7af4fdab4124697338b245e17a0b2134c761887e2f944f6fa27d6eaedc4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76478
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Nov 2022 20:58:22 GMT
88.53d45eac092b4513841f.js
cdn.intergient.com/pageos/1.9.5/ 		49 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.9.5/88.53d45eac092b4513841f.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
092566589bd8db5eebfed9e0e4ef75778b493b74bf519f5c283f375971625b88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 00:27:01 GMT
content-encoding
br
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 13:51:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73882
etag
W/"521b8dcb529c1fc9697d2140bc44c4e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
uz_hJZarSqgjeBxQPXnok7Cr--aodg7ZBnFocmEENcRNa6qFsPKgHA==
gdpr.08e40d36661739c00108.js
cdn.intergient.com/pageos/1.9.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.9.5/gdpr.08e40d36661739c00108.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b821d080d60f13e78c18bfbb4d279dcfc5beb587e00a49621a8dcfd58f2356d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 21:17:39 GMT
content-encoding
gzip
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 13:51:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
85244
etag
W/"46bf18510d417bc31b449bc5611c1875"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
p5w9JmLGVZznC1mqLlwbonJ2Y8fYJ7JErIEn-PIlunAWxOHOksZt6w==
nielsen.b850d86715bcafaea630.js
cdn.intergient.com/pageos/1.9.5/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.9.5/nielsen.b850d86715bcafaea630.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 03:56:26 GMT
content-encoding
gzip
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 13:51:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
61317
etag
W/"70341af160996aa15aad5fcd74fdda2a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JkXbbHAo_G6DDyWKLyLJayViaE8CelqnEl-IPgKhycm_0GZ5d4k23Q==
trendiVideo.d441aa8e3131ccfbf935.js
cdn.intergient.com/pageos/1.9.5/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.9.5/trendiVideo.d441aa8e3131ccfbf935.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d833c06dd1b91530e21f68566ed1b70d3851904b0428ebb4244deed953a282ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 02:38:42 GMT
content-encoding
br
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 13:51:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
65981
etag
W/"3959e1a8e9890ff260ec92020775cd59"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GSH4Vi-oWOrLb1fvHlLHK2B7aM-B7sOomhgJKBzzBu_Na2b0YMtIgA==
tyche.js
cdn.intergi.com/hera/releases/4.6.4/ 		922 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8fb069896030634c590e0b2a793953e4bcce8ce4a6fab454130890c344b593b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
D_5L399B6Ifz5ACysWFB8zpyUI3NSCDN
date
Mon, 07 Nov 2022 05:37:31 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
55252
etag
"f13cc414b890e0a460ee7fddf15af323"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
922
x-amz-cf-id
J7cLart2Vga8PhkrSw1esGsBdu-aN-7wOpXyQgtoQFS7BXgfCdAovA==
runtime.5fd745998bc99f3ab683.js
cdn.intergi.com/hera/releases/4.6.4/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/runtime.5fd745998bc99f3ab683.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2dac5c0c4230274cee88a5ea0ae8aaca2fdc43a0274e6b43f728de8194f6b79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
Xz4Pvps_BEbTGmPEwC0QXkrJbgCaaXmr
content-encoding
br
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:21:59 GMT
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
59784
etag
W/"b031b4b4b93e7b2151e0662a70c73a68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lyUkpMRHflrgH9ylotxmAoEtyRnol-Uv56sdIclxnhQT4n18qWQ78A==
npm.core-js.9ecd3933ce7c5b26ca2f.js
cdn.intergi.com/hera/releases/4.6.4/vendor/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/vendor/npm.core-js.9ecd3933ce7c5b26ca2f.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae726193112d41052e35118aa67d5f832d40aa9e53c2594466e0ee5df73caab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
gVihwAzKR6kQJYj8FrFAuRV7VU_yO9UJ
content-encoding
br
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:21:59 GMT
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
59784
etag
W/"3f84b4e4b73d992c8c2e246edb01f88b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
U1JDddfnaVrOTOGY_aQIfSMfk5ShIcnZyAgvLtZ-xatMt2zUdxzIJQ==
npm.lodash.39a04a8f1c96ade254ee.js
cdn.intergi.com/hera/releases/4.6.4/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/vendor/npm.lodash.39a04a8f1c96ade254ee.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
272b9948716c2d3274e41beaf32ba844e9277382560b7f109e9486069f922104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
qsZhBNZvTRqP4or2H2cSEE.a9xz0vqxN
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 07:39:14 GMT
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
47949
etag
W/"51add7edf2782c9ddf9380a9a5d6c529"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
zCZlTK8sWcAR_7LMNtslC6Yxr0IWIQzxlpup-drofpmNowlKwmaMHQ==
npm.babel.816b6b897780bce545f1.js
cdn.intergi.com/hera/releases/4.6.4/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/vendor/npm.babel.816b6b897780bce545f1.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91fb73240f6c4d14842b31b056a2a77919b7438588c62ab880d9f4d90cbf2e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
hZHxAbbSti2dchUlGD_YYzgs.Rtu7aXw
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 07:39:13 GMT
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
47949
etag
W/"4c1827dd36989b5b458ebcc0299e2c59"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XoJws640SIHiZnFS71Pp_NJ1jtHWMI53qqxKUGAexV1hzEg5a_BPLg==
npm.intersection-observer.312f6562336e9769b3ec.js
cdn.intergi.com/hera/releases/4.6.4/vendor/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/vendor/npm.intersection-observer.312f6562336e9769b3ec.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4547a3e2e7545a504b3a1cdcc817a6219c904c94f79c3b98744a264652d3bcd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
lLSO2wqaoizk0z0xtOYI79Jxute7W4Ud
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 08:02:48 GMT
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
46535
etag
W/"3fbf8b46b12b434ff5936e830c2d66be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xopdgUB5VIj7wUZ3wmYJ5R0VeetMU_egxtXbMRFOBuBWc8XWb-Lcng==
635.c6832658487cc1354cf2.js
cdn.intergi.com/hera/releases/4.6.4/ 		1 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/635.c6832658487cc1354cf2.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db6e9b9c4a8d198b13039b61e72982d72bfd88e5faf9069da73156e0b9674894

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
SUoxA6s7lAELA7vYFLpEIGTpcCh2L68O
content-encoding
br
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:21:52 GMT
last-modified
Thu, 03 Nov 2022 12:51:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
59791
etag
W/"e6039b016665cb6b7e1f57fea4b52ee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hXoXUh5OEAebVwT0icWtY3nJslCyYTjkxiIW1i4eDWp2b9fKiaIpDw==
main.df5bc677049132d6835f.js
cdn.intergi.com/hera/releases/4.6.4/ 		117 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/main.df5bc677049132d6835f.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
446c2273da5a402c2e7ce9ab0ec9fc4fd317216aefb9971c47f18de0f2ce922c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
i1SaSp0Rsg2U3aTGDwmDcMIQ4SvrR8nB
content-encoding
br
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 02:22:13 GMT
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
66970
etag
W/"5b4c4be6b8d129c5064178962615dacb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
bmNfuZwx2Eu5lMiMSo_tWcS7epUjctrpEAVtlo1IL3cT_YxKvszGRQ==
lib.37dee626aab965fa63d6.js
cdn.intergi.com/hera/releases/4.6.4/lib/ 		168 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.6.4/lib/lib.37dee626aab965fa63d6.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc6b3654648a3c72901bc3261e6b3d758e1646a42cf0df9250e90a54a5e5f485

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
1BxpnFatjlnJMtFuTnLJoSH5sgFyyTbL
date
Mon, 07 Nov 2022 02:11:50 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Thu, 03 Nov 2022 12:51:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
67593
etag
"55207ad611091d1e6eb6c264a431a7b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
168
x-amz-cf-id
T0WF30Elf9mU7H_q4Nd76LlZ0GzESr38AXFRsrWrMFMwgNW2MXxtSQ==
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K9B1TMX9Y2&gtm=2oeb20&_p=1106836568&cid=353593907.1667854702&ul=en-us&_rdi=1&_geo=1&_s=1&sid=1667854702&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducksters.com%2Fholidays%2Fveterans_day.php&dt=Holidays%20for%20Kids%3A%20Veterans%20Day&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9B1TMX9Y2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ducksters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022110201.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131066
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 08:35:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Nov 2023 18:03:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		96 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ducksters.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96cddb2c4c259ad698ef12685f75b8bea7f844ed81013835c46513d482e5bf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70
x-xss-protection
0
expires
Mon, 07 Nov 2022 20:58:22 GMT
aws-sdk-kinesis.min.js.br
cdn.intergient.com/pageos/js/libs/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.9.5/batchHandler.48b67d8f5be3c2f25514.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:01:57 GMT
content-encoding
br
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 19:02:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35931
etag
"575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
57858
x-amz-cf-id
yH-PeLYN6_royI85kw32ZTyXoGj3dq8h_IMIRJ7yI-0owQEEjYA72Q==
embed.js
cdn.playwire.com/bolt/js/zeus/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt/js/zeus/embed.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.9.5/trendiVideo.d441aa8e3131ccfbf935.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9402bc2b0e7582ba423b88f71ad383cb6b859f61f916be5c4c073f1a9c66122c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
EAU1BlOViQ5pTD6gOnu3aAXE_38ybz39eCO4h5UydxzZx7m3TJUShw==
v2
mb.moatads.com/yi/ 		238 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-UDQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-JK8FHCPigVLOGg%3D%3D&sc=1&os=1-QA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.ducksters.com%2Fholidays%2Fveterans_day.php&pcode=playwireprebidheader597261727146&rx=874309099117&callback=MoatNadoAllJsonpRequest_325375
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.134.118 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-134-118.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
ca2b7196f2eaeae017bc1baa557971a331db7b46087d31e1f2c27e1af7f2d5d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"18eafe06c070cd374edaea0b68f5ea57c379dd56"
content-length
238
content-type
text/html; charset=UTF-8
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1106836568&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ducksters.com%2Fholidays%2Fveterans_day.php&ul=en-us&de=UTF-8&dt=Holidays%20for%20Kids%3A%20Veterans%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=61873411&gjid=451636459&cid=353593907.1667854702&tid=UA-714916-2&_gid=1627326978.1667854703&_r=1&gtm=2oub20&z=782995032
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ducksters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ducksters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js.br
cdn.intergi.com/prebid/ 		550 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b081ffb446bac14a786e4bd7ea03280a8ba2b0b449025d7a9732eba07c0437eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:39:32 GMT
content-encoding
br
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-version-id
K8kP4r5tksRQfNThYgarbgWSFVw_4Jg_
last-modified
Tue, 13 Sep 2022 13:28:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
33530
etag
"72ed8f14f54390ba19b05f7c29407fa7"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
137344
x-amz-cf-id
hgtR0_BvWMXSKP42tmwQsHBIH0k6wvi3Vnluin0leVcWhlQ7z-Lccg==
7.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/ 		158 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/7.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee25114153e04f79c799378353879da2d0d18f5f9e3142de9abe72cb30a8dd6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
GIFxPToTlEqMoJUkACPDp98auHc7uxI7
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 05:09:01 GMT
last-modified
Wed, 26 Oct 2022 12:13:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
56962
etag
W/"d90cdca5457f27526b18e321bd9c5f57"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
aH8-QJ4FeiK7O34pK-fw7etb2UdOaLaV6SVCjIXPyXXsqeYKKIraBg==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ducksters.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ducksters.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2083024770626108&correlator=904786462076117&eid=31070747%2C31068367&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&npa=1&tfcd=1&iu_parts=96780239%3A87674693%2C1015702%2C62069%2C1015702-62069-desktop_leaderboard%2C1015702-62069-medium_rectangle%2C1015702-62069-bottom_rail%2Cpublisher%3A1015702-website%3A62069-site_skin&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%2C1x6%7C728x90%7C970x90%2C1x1&ifi=1&adks=3990941679%2C2587671236%2C867050698%2C4265023270&sfv=1-0-39&ists=1&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3Dd0acfeb5fd074759ac64f98e68258d8354702757%26takeover%3Dtrue%26price_floor%3Dna%26in_view%3Dtrue%7Cpos%3Datf%26slot_id%3Dmed_rect_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D29710a878e0640e4b8af42795452a08554702774%26takeover%3Dtrue%26price_floor%3Dna%26in_view%3Dtrue%7Cpos%3DFIXED%26slot_id%3Dpw-oop-bottom_rail%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D9884270441af45c2b919fd2033c4a1c654702775%26price_floor%3Dna%7Cpos%3DFIXED%26slot_id%3Dpw-oop-site_skin%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D35dee9d4e3fe41739b02ed8e8c153a9554702777%26takeover%3Dtrue%26price_floor%3Dna&eri=1&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26dd%3Draspberry%26di%3Draspberry%26vd%3Draspberry%26vi%3Draspberry%26sitecont_cat%3Dkids%26hour%3D20%26day%3DMonday%26OS%3DWindows%252010%26browser%3DChrome%2520107%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.6.4%26kver%3Dv1%26ab_test%3Dna_A%26page_focus%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1667854702806&lmt=1667854701&dlt=1667854701911&idt=789&adxs=265%2C1016%2C800%2C0&adys=366%2C482%2C3221%2C3221&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ducksters.com%2Fholidays%2Fveterans_day.php&frm=20&vis=1&psz=1070x80%7C320x290%7C1600x3220%7C1600x3220&msz=1070x-1%7C300x-1%7C1600x0%7C1x-1&fws=0%2C4%2C0%2C512&ohw=0%2C1070%2C0%2C0&ga_vid=353593907.1667854702&ga_sid=1667854703&ga_hid=1106836568&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245ae03a84417c41044c077166f31e56243f8a79a8deba2ab8b8430dc5d28467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23073
x-xss-protection
0
google-lineitem-id
6130595756,6130595756,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407353502,138407353211,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ducksters.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 8F8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducksters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:58:22 GMT
expires
Tue, 07 Nov 2023 20:58:22 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:22 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 07 Nov 2022 20:58:22 GMT
pre_content.json
config.playwire.com/1015702/v2/ 		1 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/1015702/v2/pre_content.json
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
45ea8ad150982ead3c41af377077eb5027cbe2e3d630807b0e46cff45c93e6bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 17:37:34 GMT
via
1.1 vegur, 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
FRA56-P2
age
12048
x-cache
Hit from cloudfront
server
Cowboy
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
DE
vary
Accept-Encoding
x-amz-cf-id
7O2fBElYNOqBzJ6aPSrkDGRWW4MbWRIGJs0uMIeoX7oaJVi3fvQNww==
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56474eb6c4c632455860249e0d511eb15b834b09966a6af3601bcbf5c6e9a5fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11129
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:58:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C246 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducksters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:17:51 GMT
expires
Tue, 07 Nov 2023 20:17:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 72EB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e9514f96a8af95ff9bc0f59e6ffe6d03f1b34e23a934fa6f4eaf3749c73754b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KMKN71UVNaahLpIgOmxLWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ducksters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-KMKN71UVNaahLpIgOmxLWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:58:23 GMT
expires
Mon, 07 Nov 2022 20:58:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/1.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14dd5bdcaf1f7582bf9104f89e77e2b31895bdb8f9dc55d669cc8136715c500f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
b.JC9iWmbxNYOOFTiVY.HyM3hv5M5jzT
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:55:34 GMT
last-modified
Wed, 26 Oct 2022 12:13:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
57772
etag
W/"b39a3fe80b7e1a4a6a0613134f7175eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Q9595qPwl5EL3VzlMW7XsF-BMK10dcpymxWKUWOmn9VbcQ0qAbPO9w==
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame C246 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 15:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Nov 2023 15:02:55 GMT
container.html
736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame E529 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducksters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:58:22 GMT
expires
Tue, 07 Nov 2023 20:58:22 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 3263 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducksters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:58:22 GMT
expires
Tue, 07 Nov 2023 20:58:22 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame C7B4 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 04 Nov 2022 01:17:06 GMT
age
330077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Nov 2023 01:17:06 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C7B4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
13611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C7B4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 04 Nov 2022 03:28:40 GMT
age
322183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 04 Nov 2023 03:28:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C7B4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 07 Nov 2022 17:11:32 GMT
age
13611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 Nov 2023 17:11:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame C7B4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 02 Nov 2022 09:07:25 GMT
age
474658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 02 Nov 2023 09:07:25 GMT
css
fonts.googleapis.com/ Frame C7B4 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 20:24:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 20:58:23 GMT
report_ad_style.css
cdn.intergi.com/tyche-assets/report_ad/ 		1 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/tyche-assets/report_ad/report_ad_style.css
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/main.df5bc677049132d6835f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5651133b0392ce80a91d2e057fcfaf0b227307b35f32f11060e65c6e494c0a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
yQJG2B2SnzFKKyF.jAa0ZlOr43UtUwUI
content-encoding
br
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 20:58:24 GMT
last-modified
Tue, 06 Nov 2018 18:42:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"5ee185abd03eb7c5f89cfb8cd1c06255"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
no-cache
x-amz-cf-id
nCer5miSIzImokK5TMGS7RkxXhegAHwjAK5Ls1vJVWQbVQfRiwiY7g==
mail.html
cdn.intergi.com/tyche-assets/report_ad/ Frame 9202 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.6.4/main.df5bc677049132d6835f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f36125ff55f3f506abf6d4c43601d285cf2959c239e8fe78d669aea00400e6d

Request headers

Referer
https://www.ducksters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 07 Nov 2022 20:58:24 GMT
etag
W/"2ba20f85185d14c9c49663bcecacc812"
last-modified
Tue, 06 Nov 2018 18:42:32 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-id
QxmYMxpqhRRH2IwZHDFPsjjDaAsZNCNKwYTETm1Japs60lPrg9y9yw==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
fntLXTDEEOnH4AHgucUW6yMIXK0FU7Qs
x-cache
Hit from cloudfront
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C7B4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:25:34 GMT
x-content-type-options
nosniff
server
cafe
age
1969
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Tue, 08 Nov 2022 20:25:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C7B4 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 23:28:16 GMT
x-content-type-options
nosniff
server
cafe
age
77407
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 07 Nov 2022 23:28:16 GMT
l
www.google.com/ads/measurement/ Frame C7B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTF37dn35CPTvwo2jX4WF6Zhw5PaldAmDpzaughGlK2XptUa97_s8O1NqCLJ7DiSKNFl2Bh
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C7B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQFb-bnFpY9qTNsG63gPl3bPYDMTbzvZsiJXWouQQsMST19A3EAEgr43QLGCV4pCCoAegAdvU38ECyAEBqQL_2PjEG8awPuACAKgDAaoE7gFP0OJMp60DztGubUCjJsqB0BbR0v0WBSl70A9WjUpBThePe9UFWc8LYStaGPRx5vAxY6tvs_8fDh-kwuWvsoRU7fk4dY3QD_0xbv-Q1J1zPlKQTzQmWc60xOH31NYFO170GaJyUprjCLhKdplfQGoqLAD56o1it7If6XydWJgR8ZTx28_7zYjHY7WBakhXprswnRtlAxBo1of1i3v3XQEA27ouqRXd799wq025aKZXQEv70aZ_TNPt4CthmNIGzzOKC9l6x6IVJAqBZWNF0RqQCpax-fEEIoq767Hgo25paWKNrzUsEYWZfucZG1A8wAS37KjOmATgBAGSBQQIBBgBkgUECAUYBIAHwb2XwAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC3jgPSCBMIiOGQcBABGB8yA_uCAToDgMAQ8ggbYWR4LXN1YnN5bi03MTkyMDgwMTEwMDM4NjcwgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTUwNjA2NjMzNzkwNDA3MTMYp7Ie&sigh=_rcDAJVTCuk&uach_m=[UACH]&cid=CAQSPgDq26N9tWNEuTLJDOt_bO4H-Wb96GiKreF0m5fMr8FQPo1B46Nie-SfJzeCFJI8GJPBNLOhInJw6lk-ed8UGAEgDg&template_id=5001
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
close-button.svg
cdn.intergi.com/tyche-assets/report_ad/ 		619 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.intergi.com/tyche-assets/report_ad/close-button.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
xhZoq6wMR.69xI4eIXn8TGqPwvpKTgWa
date
Mon, 07 Nov 2022 20:58:23 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Tue, 06 Nov 2018 18:42:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"3500c4be67d6d8f0469a8d37dd63a832"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
619
x-amz-cf-id
juV_QBAfPOID9WSyw3oWqOi5Wbn3JfafoAyW3oCKYObhbt9UthcxEg==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ducksters.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ducksters.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		438 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2083024770626108&correlator=1653260679984471&eid=31070747%2C31068367&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&npa=1&tfcd=1&iu_parts=96780239%3A87674693%2C1015702%2C62069%2C1015702-62069-flex_leaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&adks=335363073&sfv=1-0-39&ists=1&prev_scp=pos%3DFIXED%26slot_id%3Dpw-oop-flex_leaderboard%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D199d34478085432d830c66cd29fc22dd54702776%26price_floor%3Dna%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26dd%3Draspberry%26di%3Draspberry%26vd%3Draspberry%26vi%3Draspberry%26sitecont_cat%3Dkids%26hour%3D20%26day%3DMonday%26OS%3DWindows%252010%26browser%3DChrome%2520107%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.6.4%26kver%3Dv1%26ab_test%3Dna_A%26page_focus%3Dtrue&sc=1&cookie=ID%3D7fd6b9cc88c123a4-221e177e6fce00f5%3AT%3D1667854702%3AS%3DALNI_Mar-lcxKDhqkV1Zq0pz4_yxXuN8PQ&gpic=UID%3D00000b7e63d5cf8f%3AT%3D1667854702%3ART%3D1667854702%3AS%3DALNI_MZNeetN8J-cCgxNpZlcukPJENaE1A&abxe=1&dt=1667854703313&lmt=1667854701&dlt=1667854701911&idt=789&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ducksters.com%2Fholidays%2Fveterans_day.php&frm=20&vis=1&psz=1600x0&msz=1x-1&fws=512&ohw=0&psts=APxP-9AnQ5VOeu0KrucbZHHt5oeJTIuSgM4TRi8whKiceIipKF8Jx9B9TWEyDxuGBI-pIdgx8DnkEosznq2WHpJ1hZxixrYIBSXq%2CAPxP-9Buv-UzYACVIHxKMvn0VngmWdmpjqcFAgswd_U2erNhyYH3PO4FbruHRRlLhMRm28wQGqphm4BsProbIIrpfFyjZ7JWHOAs&ga_vid=353593907.1667854702&ga_sid=1667854703&ga_hid=1106836568&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50fd5d973a98af11fc4f1006ed701aefc2ea80aa2c5edc525a12e7cd28448e74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ducksters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9070039433308723779/ Frame C7B4 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9070039433308723779/downsize_200k_v1?w=100&h=100
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7df963cef9d9197e8c29f009d428d7a684cbe74ea4dbe8caeb34f6f114f44d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 09:10:03 GMT
x-content-type-options
nosniff
age
474500
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1201
x-xss-protection
0
last-modified
Fri, 09 Sep 2022 10:38:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Nov 2023 09:10:03 GMT
truncated
/ Frame C7B4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119337ba98d01f0033ccbcc0be41fa06009f9c57fbdb5de8b3e6e6deb42a0a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 72EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110201&jk=2083024770626108&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
frame.html
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ff9c3d7b9b17b42ea0d92d9e0aa3c2f8c97f5f07603ec9ccf53f28207797092

Request headers

Referer
https://www.ducksters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65203
content-encoding
gzip
content-type
text/html
date
Mon, 07 Nov 2022 02:51:41 GMT
etag
W/"53bf800c863c172bcc9a15cc0612c77e"
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-cf-id
-YD_7ulcTEHhWYMuxIJVA1v_EQ80sEpH8Lim9fTq2i0b4tC1IL1_hg==
x-amz-cf-pop
FRA60-P2
x-amz-version-id
8u1ELmtEr4QZVboGu8YAeIXnGF7p7zkQ
x-cache
Hit from cloudfront
zeus_boot.94e2acd08c29cb9012d8.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		130 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdf69f26e5b329be7d3948b1a064301f6dcfc8b9bbb47041b629ec647345540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
KJRvbKLUhJk25o1_xIotamvFvNAV..Lm
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 05:50:53 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
54450
etag
W/"94a009f765b9778eec72a7f74908e0e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dgXyWyEgVIk7LFj2PlL5ZXX_bsCDkgC5gQTERDGEI8UHOGbUrOMF_w==
iframe_style.css
cdn.intergi.com/report_ad/ Frame 9202 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/report_ad/iframe_style.css
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15baf364503744256e4f75cd5094462e4e91a462176367dc9d372932d3c8691d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.intergi.com/tyche-assets/report_ad/mail.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
VDq2Qg2rgko8.LPtUG1nXNfJ302sQhBE
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 06:57:02 GMT
last-modified
Thu, 29 Sep 2016 17:32:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
50482
etag
W/"010298c08dfdfae4755e881b8392fcf7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
8B2y3sPCemvEP8ynTSwNWgfcBc4p3FZzbSmaBQ7GUGVYQZi26cswKg==
form-handler.js
cdn.intergi.com/report_ad/ Frame 9202 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/report_ad/form-handler.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d200:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ba94955ea222644f145ce564f4a5cd15731039aceacceae73d4f2eeb4a49980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.intergi.com/tyche-assets/report_ad/mail.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
0o7aIxDU3bLZoxNIEYMDVUCy6JC268h4
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:16:39 GMT
last-modified
Thu, 21 Dec 2017 18:27:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
60137
etag
W/"e341914b5c3b0d0db8f91f9f8dae6844"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
cTtFyo02U08lhR6wwx7HZ48zlc2MvMpKBv3_s_IxLEG6N2_lEOdQoQ==
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame C7B4 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ducksters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 21:35:41 GMT
x-content-type-options
nosniff
age
343362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 21:35:41 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C7B4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.ducksters.com
URL: https://www.ducksters.com/holidays/veterans_day.php
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Mon, 07 Nov 2022 20:58:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
frame.78b255bcc7bda9429858.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		138 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.78b255bcc7bda9429858.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a12f71a382952ff23588015d79da35f9c35a44df276c57a0e08ba3a210faf308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
lEb7TD8mgK2BNAA3jBKvZaMQdcShzkWe
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 19:38:52 GMT
last-modified
Wed, 26 Oct 2022 12:13:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
4772
etag
W/"310e707bd61cbd9cabfa1fb22f368c4a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Mx_vjsbwhVnzxlQXFqVvCJrSJCdSL-pQXQABOO1ZxoBbP36H3AxQYQ==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame E529 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
32040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 12:04:23 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame E529 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Nov 2023 08:50:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E529 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:58:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 3263 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
32040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 12:04:23 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 3263 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Nov 2023 08:50:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3263 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:58:23 GMT
generate_204
tpc.googlesyndication.com/ Frame C246 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_FiNDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pegasus_theme.25d5d942be4acce443aa.css
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/pegasus_theme.25d5d942be4acce443aa.css
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38b88d35ff7abc2f1614745b704a2995714660452baa4719737545b05c7e6f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
VDi5s7lbUU9qqa7.4.l0r9SFQCbvisIC
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:59:11 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
57553
etag
W/"e61b0f2eda089b99e0fd60e112bc2916"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
VptgAfYq3L70BixxsRAd46XTKdDA1Ywb43oaP3d3JuvBoS74G8Gj-w==
pegasus_theme.25d5d942be4acce443aa.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/pegasus_theme.25d5d942be4acce443aa.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a0fbf8080c07e60ae91b9ab6ef235cac37d61db575dfce463aee4cfa591e8e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
RJqppia14kcXrymtcYGYK6quZrl_lwHy
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 03:05:35 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
64373
etag
W/"dbfb1dd1512bf9960e5f936e284cff15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
8pcxMjno_ML81_Yg_y3t-lUAsZoI5dgPlpyl-aufl8dmpZ73QsvTpg==
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame E529 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
Origin
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:07:07 GMT
/
kinesis.us-east-1.amazonaws.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash
6990779a580ea08b1c549619a748dbbcd5c0782176f5987a1e9df45da5cc30ae

Request headers

accept-language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIA44GIABD5TUHDLF3S/20221107/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e9e935240b346085f003045952d8fc36595bc52e9f9539e519946c2da1ab2e3c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
ad283ca2e658209a49baa077d078864a0f9289765451dc6dd076926341ee0887
Referer
https://www.ducksters.com/
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
X-Amz-Date
20221107T205823Z

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
d7ea5a69-a718-2d4a-8c09-29d985bcb924
Content-Length
1145
x-amz-id-2
eOHjlfeoy3xen0YSgrhcQvq4JPOJ8mnzBaHzhg8y9N/TgoD5g2MsEda4yNc2xTli49Ff6con1dVrKQmCpJ4cR7+h8Q1E6ifSfdUtMDBmeDo=
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.ducksters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
f376760c-fcb6-3847-a895-05bc318939a8
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 3263 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
Origin
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:07:07 GMT
admgr.86ff0af70e4a48b1bbd9.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		159 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/admgr.86ff0af70e4a48b1bbd9.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3879fa3a78d83ff59f850398e0860645388db1bc52fc0266266457f4d28c911b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
fdUSNEy9Yc_ZevfjD7wCXswfK73GyBSi
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 01:00:57 GMT
last-modified
Wed, 26 Oct 2022 12:13:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
71848
etag
W/"1a714597b2ee740af9c5b1469ea44e8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
K5MfbYNSZ_iBQGaN6RexlhtH2xV3dfxYEoKCvIpYAYB41NEBszsj0Q==
Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/ Frame 54A2 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1e44b8a37396d89c2ffb7e51c7d122e46e8aca57d0d992b222cff3698dd48e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29404
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
2313
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 12:48:20 GMT
expires
Tue, 08 Nov 2022 12:48:20 GMT
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E529 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaCc7EFxyaz_7km5a1tvkzQsBUwEVnbJlR_NhE-EFWA6xge_X6TA-wtH8_hwtBovh2Y7DZkIirLRS1CbYoWR5DKlCccvyWiI9cRl7m6a-ob5-vPinHRMGEq119qMx1EVnBEqrzjoXmBJc-WWE0wKsNrTMp1P7K02PUHWJmevDK8hdOwGSVQqiocCO2zzSMirSnEYq9RTMmTaWPpz1n22beeuStHLsLBVzxVn3CYpuMP5DGH6_zXek80I-5jzmusRdZ1EbfY-G84iBumSPfYozeEF7O_fKDUsZxpoGlObYzQ8e7Jta5nbd3GBrBLJx82xlXlYLah8JW_2_P44o6AT6oDc3OsEqEfDiGTTqA7kzODpncWrpoST7KpH-l4w&sai=AMfl-YSyQbbJmLtVAXPewBspqsTo1lCHtgQtW3jjvGhVOI9j8D9y72thXG4r_QH-8-iq4Y5KdGANkfaIvlJLmK_U0nR-1Xafm8HkF6zYZoFrC-sXGk3HYoG4nbVEsgptePEQ0mdm&sig=Cg0ArKJSzNYWglf_f_TQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
B28713540.348400702;dc_pre=CLfYsvn6nPsCFbyg_QcdSf8BrQ;dc_trk_aid=539845069;dc_trk_cid=179424599;ord=1282631836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/ Frame E529
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348400702;dc_trk_aid=539845069;dc_trk_cid=179424599;ord=1282631836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348400702;dc_pre=CLfYsvn6nPsCFbyg_QcdSf8BrQ;dc_trk_aid=539845069;dc_trk_cid=179424599;ord=1282631836;dc_lat=;dc_rdid=;tag_f...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348400702;dc_pre=CLfYsvn6nPsCFbyg_QcdSf8BrQ;dc_trk_aid=539845069;dc_trk_cid=179424599;ord=1282631836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348400702;dc_pre=CLfYsvn6nPsCFbyg_QcdSf8BrQ;dc_trk_aid=539845069;dc_trk_cid=179424599;ord=1282631836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pegasus_appearance_manager.054d2eb5124c7422f632.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/pegasus_appearance_manager.054d2eb5124c7422f632.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b5839ccf8b2a8013f74f4010170cef575f7112c19e791f7b71405d90687d065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
3qtuyCaItdXWjWcTtR6FuGz_mbCXMDao
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 00:44:40 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
72825
etag
W/"5f9f7795b6656b5381d86cbdb810bb02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
E0o1rTng4-3qvZSnleiHQKj72f2TI8hTBj09DaYH8X6IfLKM1CYS6A==
pegasus_controlbar~scrubber.70fc0cb703597c4be946.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/pegasus_controlbar~scrubber.70fc0cb703597c4be946.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
725d1edb01d4673a22b6b7c66348ab19f0be4467b2f17e364db97d500b8efd68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
A34hyE5GCFeYAz2gF_GVDfmTlaiTG_Id
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 02:35:50 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
66155
etag
W/"8bcb4ae00f7f2283363e332614a178c6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
jakWKFRXL-WWlWYRpj01g2Fbfgh_-ecRwTGN_HR76-Eh_kGi2mTtUw==
pegasus_controlbar.54f670259aab4d2303ca.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/pegasus_controlbar.54f670259aab4d2303ca.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c88fe77d0bb423a2815479f8f06a39d4a2f47f7ee3c800b2792d217e063576f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
WvWE3npjnxA3tvKMgdDBVXtjkZlaZEqf
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 01:03:47 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
71678
etag
W/"886d57da179b44c3dfbf2a8aa8738e14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
78V_eQ_pivMLuoe5ov8hkq2pP0XuFL24hvU8ZPnsfOLKTmY3JCMlNQ==
zeus_mouseinput.1e172995ca3d72bc714e.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_mouseinput.1e172995ca3d72bc714e.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23b9cb236050bdd3ee0ca83fd60c9b25eed708678b9f75e7e0fc6a913063cc2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
h5RQTp6ZS.MJawMzh.zRMTEXF.PGJ_ct
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 03:06:20 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
67978
etag
W/"bd3cf493840c23ace725a545e391f20a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
8s4xc5tnwoGPLuO9jH8Rcy9UzqcFIeCxhWKsvqhR_Eb4SPqgelJIMg==
pegasus_content.74b4b5d2f454f49d4ce0.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/pegasus_content.74b4b5d2f454f49d4ce0.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fbe4f3a945bb4673c78ff1af46f86172a35dbe87b66114968fb6e56a353a9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
YJ3h1IAUIZcRH2BWL8JtEwCwBswKRAby
content-encoding
br
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 03:49:48 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
61718
etag
W/"8c2721a8dc5e0f442f5813a4477b5d31"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
m2-B1r_Dg2Zv9FYHa-3kR0oxcNoNEvlLwogd0kD-2sbJ9Zf2Ml40MQ==
scrubber.fdcb4e9ac7706dfc0722.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/scrubber.fdcb4e9ac7706dfc0722.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f63a771e9e7e24a13a4ad3c8ac554db96c34874c3863b2b809f7f4e7e7b7db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
F91UVB8kHar6AjlsSDfplN8gHZ0Mfgee
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:49:25 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
58140
etag
W/"44ccac526aa990d453b909309b32f85a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Tpp9BMG4wEfHz_Wz6pNEkqqVxRhjBTCBzUtUdr6wsKQyKVskpXSMqQ==
pegasus_watermark.b40f6a4cbacc8bee7e91.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/ Frame EAF9 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/pegasus_watermark.b40f6a4cbacc8bee7e91.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4e00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3fef29529678ff5e018e5d2db4a897390044b92e9105cf7adae070f76f8dbe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
Ee.ZB8Vazo4rhWIGYWy8z7eOwp8ZQ4of
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 00:55:34 GMT
last-modified
Wed, 26 Oct 2022 12:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
72171
etag
W/"465bc19e6b489a7f9217fc1d7e4ebdba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6rLIkfltiNBCsN_eX6PGXa8XhfXszO7y0qj8lxu7iq5P0YnxTSRrLg==
Playwire-Fall-Tins_HTML5%20Canvas.html
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/ Frame 5E0E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
764967ec3fafdf24ba32cd771c93bdcaaf9dc2261c70c03b5eba64058d291bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
41163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
2308
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 09:32:21 GMT
expires
Tue, 08 Nov 2022 09:32:21 GMT
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3263 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh43lPgbom_1HuTBaly9rtEQ4Y1PJlcF17Dda841A-Eq4mcMUJwHDNy1ELntnycmvPjHjRVfnET31athwMHYnlPrGIEQcUaPwNhHw91E9TxFQEY0jsMxlcjIGx74yCyerFaTuWmsKPxTD-0OBg9WgiQJT8UAppUOsXk-dxIVx8JJ0VQ8IL_4uoyba9cGTgOOtO5bQX1EB0tItPQ36XLREYdi6uvjf1Sl1rjwmlIjfjhMmIh8KcGO5VoJTTJ5EfX9G_G8cgZHutlnN71MZGBLa8HjqG80o3GDQ1qz3KddU2OG8BydSzVczB2vAGrkNaLwiUM70bZE5K4MhqEFuuS6wU_2yZIiXJq1hPcFHVynPW5dkRokWiprwqIg&sai=AMfl-YTZNnXqPwmz7s1mLOXgBerJl2VSmVkumfidpxdl8SMhsID3qlMqcBpGQo3fQ2bsfAgP2LlqLE5sJmB4PwqciwHRkAWvmf7_4SXZ7iWWTMkU2mNiYQhqL3qB_vBcdiltckb6&sig=Cg0ArKJSzLwDURTJ0_ZkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
B28713540.348402172;dc_pre=CPefs_n6nPsCFYnuuwgduoIH3w;dc_trk_aid=539589905;dc_trk_cid=179424266;ord=1871095679;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/ Frame 3263
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348402172;dc_trk_aid=539589905;dc_trk_cid=179424266;ord=1871095679;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348402172;dc_pre=CPefs_n6nPsCFYnuuwgduoIH3w;dc_trk_aid=539589905;dc_trk_cid=179424266;ord=1871095679;dc_lat=;dc_rdid=;tag_f...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348402172;dc_pre=CPefs_n6nPsCFYnuuwgduoIH3w;dc_trk_aid=539589905;dc_trk_cid=179424266;ord=1871095679;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N963291.2522106PLAYWIRE/B28713540.348402172;dc_pre=CPefs_n6nPsCFYnuuwgduoIH3w;dc_trk_aid=539589905;dc_trk_cid=179424266;ord=1871095679;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 54A2 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:780::5f65:36c3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:24 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Mon, 07 Nov 2022 21:13:24 GMT
Playwire-Fall-Tins_728x90-HTML5%20Canvas.js
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/ Frame 54A2 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7a10f925dd37510a0e010f4ce2cce8db6fe645eee57fd29b72c84ba86814614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3598
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:48:20 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 5E0E 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:780::5f65:36c3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:24 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Mon, 07 Nov 2022 21:13:24 GMT
Playwire-Fall-Tins_HTML5%20Canvas.js
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/ Frame 5E0E 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90c97a1759c2654ce113f741e1f5b0f274c47c2bf5e368e039e17ad6edccffc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 09:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3540
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 09:32:21 GMT
231253
search.spotxchange.com/vast/3.0/ Frame EAF9 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/3.0/231253?VPAID=js&custom_skin=1&content_page_url=https%3A%2F%2Fwww.ducksters.com%2Fholidays%2Fveterans_day.php&player_width=320&player_height=180&x_source.pchain=playwire.com:fcddfba7adc2d929&pchain=playwire.com:fcddfba7adc2d929&schain=1.0,1!playwire.com,1015702,1&ad_volume=0&custom[campaign_id]=0.0&custom[channel]=231253&custom[content_page_url]=https://www.ducksters.com&custom[page_full_url]=https%3A%2F%2Fwww.ducksters.com%2Fholidays%2Fveterans_day.php&custom[player_height]=180&custom[player_width]=320&custom[adunit]=trendi_video&custom[device_type]=desktop&custom[owning_pub_id]=1015702&custom[player]=tyche_trendi_video&custom[pub_id]=1015702&custom[synd]=false&custom[secure]=true&custom[vid_id]=&custom[vpi]=VPAID_JS,MP4&custom[vid_long_form]=false&custom[after_aborted_request]=false&custom[vid_location]=corner&custom[product]=ads_only&custom[sticky]=true&custom[trendi]=false&custom[refresh_count]=0&custom[hour]=20&custom[day]=Monday&custom[pagecount]=1&custom[ab_test]=na_A&custom[instream]=false&custom[custom_path]=CP[/holidays]&custom[custom_path]=CP[/holidays]&custom[salad]=chef&custom[dd]=raspberry&custom[di]=raspberry&custom[vd]=raspberry&custom[vi]=raspberry&custom[ws_id]=62069&custom[cp_placement][]=cp4&custom[sitecont_cat][]=kids&custom[dmp_ids][]=&custom[window_width]=1600&custom[window_height]=1200&custom[abs_dist_top]=1100&custom[abs_dist_left]=1400&custom[rel_dist_bottom]=0&custom[rel_dist_left]=90&custom[daisy_chain_count]=1&gdpr=1&gdpr_consent=0
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/frame/zeus_boot.94e2acd08c29cb9012d8.js?94e2acd08c29cb9012d8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:58:24 GMT
X-SpotX-Timing-SpotMarket-Primary
0.037897
X-SpotX-Timing-Transform
0.000386
Content-Encoding
gzip
X-SpotX-Timing-SpotMarket
0.037897
X-SpotX-Timing-Page-Require
0.000385
X-fe
002
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.003160
X-SpotX-Timing-Page-Cookie
0.000001
Content-Length
79
X-SpotX-Timing-Page
0.042432
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000331
Last-Modified
Mon, 07 Nov 2022 20:58:24 GMT
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://cdn.playwire.com
X-SpotX-Timing-Page-Exception
0.000000
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000011
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000261
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash
ab406f0695e83d323522dd203dabb01cbf4d584e7034639bb01a772509eff23d

Request headers

accept-language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIA44GIABD5TUHDLF3S/20221107/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=c09e7c5d71e772d39b5ddd764c179180afcda11bb41772b996c921916714d17e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
a6c0f218b61aa2caabe322a4355bf410f3e4a8ab7b29a04273bec087bd94d1a0
Referer
https://www.ducksters.com/
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
X-Amz-Date
20221107T205824Z

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
dc872518-e45c-446f-8764-56a829634580
Content-Length
1145
x-amz-id-2
1I2uNiIiv3KCDZ8SWprXBh8+0ecbneUwULZGhiw+5eLTUYJylmDYBQhI4TVT6aQ7uJBlqZ+DLKyrlS/xtLxz2105nz1y9lq2aZ7wKQZu3g4=
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.ducksters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
ee61d28f-5f3a-f7bf-b582-a13f9205f650
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.ducksters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
f80ec319-1cb2-c55a-a3ed-b0a9d18dc4b5
/
kinesis.us-east-1.amazonaws.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash
907902f4a83d41281598d3eaffdadc0fcb4e9d55873725e521f734c80dc02cac

Request headers

accept-language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIA44GIABD5TUHDLF3S/20221107/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=afee2c867421f0bcfa90370b5aa4b58900a4527a183f7f65d3064806dc9d0b49
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9dce920379946300da5bb75b34dba235f74caf62a644a6d72def0baba66e3b2e
Referer
https://www.ducksters.com/
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
X-Amz-Date
20221107T205824Z

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
fcab54ed-422b-52fa-a748-275dc1f616ad
Content-Length
1034
x-amz-id-2
RJrsF5mKQgSth0yyHl/nqpgFYUu0j4MKxiPf08mkyp7hzQ6t0O0g2PDVRUaqsp7Ptnz78rGV6SQh9tnz0I1MSssuW8cuxZE7rCAFqxI4jEI=
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ 		146 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash
81ed06a494a4df5b01e5e1a30a7d30e882623021cd5674ab96955ada1ac437d4

Request headers

accept-language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIA44GIABD5TUHDLF3S/20221107/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=152fb6deb93a2017858a3e2f0b2b942cdfd28c779792d903c1bc1d73289982c4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
6d0f19d8ca369c8d965acb1e5c2ea361022266e0a343553fa2f953b0d361917a
Referer
https://www.ducksters.com/
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
X-Amz-Date
20221107T205824Z

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
f899aefc-bbed-feeb-a37a-dd4c0a33073a
Content-Length
146
x-amz-id-2
jr/HO5RNYmE+c6kXDEN5k4dEmopvBbbTwFXrzlxovvcM/NfWaOnltpn7jzfzrSdHmWS2lHECM9/2LyDYw4/a8OzgeDsIQgqsMF1RSfD+yyg=
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.ducksters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Mon, 07 Nov 2022 20:58:24 GMT
x-amzn-RequestId
f08cb59f-7cb7-7739-ab6f-c62fcd698ee8
background.jpg
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/background.jpg
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e955aab15203411de06fa389830ed78bad40edd529e4d5124a2c0e964968fe1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:48:20 GMT
x-content-type-options
nosniff
age
29404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39880
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:48:20 GMT
background.jpg
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/background.jpg
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16652291a62f034f08b5d1df0a0a99833551751f9620acee04da8b08362b751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:06 GMT
x-content-type-options
nosniff
age
28338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50179
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:06 GMT
P7784_3D_V_Tin_Lid_Decidueye_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/P7784_3D_V_Tin_Lid_Decidueye_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a561d6a331390487462ea9e43cd172e5232eb4c2eb8ae0cf38e700ce31717eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:48:20 GMT
x-content-type-options
nosniff
age
29404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:48:20 GMT
P7784_3D_V_Tin_Lid_Decidueye_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/P7784_3D_V_Tin_Lid_Decidueye_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f09eda7c191ec696d120b99d161f71d4cb94dc703acc599468776b6fa0ee3e67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:12 GMT
x-content-type-options
nosniff
age
28332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28327
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:12 GMT
P7784_3D_V_Tin_Lid_Samurott_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/P7784_3D_V_Tin_Lid_Samurott_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9360300038f9074b20174e339768a318cb04b32b2df3a2b84f73aee0f18da2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:48:20 GMT
x-content-type-options
nosniff
age
29404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12618
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:48:20 GMT
P7784_3D_V_Tin_Lid_Samurott_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/P7784_3D_V_Tin_Lid_Samurott_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c894793d9b331314c3685497f5de1cba181be0b1b9ec6c3751503758c88ea833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:31:51 GMT
x-content-type-options
nosniff
age
26793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29666
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:51 GMT
P7784_3D_V_Tin_Lid_Typhlosion_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/P7784_3D_V_Tin_Lid_Typhlosion_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62137946b19688b6b7ec717d57b0fe4f9225f6069fb67117e11ede2718322636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:54:25 GMT
x-content-type-options
nosniff
age
29039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11997
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:54:25 GMT
P7784_3D_V_Tin_Lid_Typhlosion_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/P7784_3D_V_Tin_Lid_Typhlosion_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1426aa92da8c8a252f5cfe2b95bcb7a74e57a20bb28d0aaf710d1b963676f1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:57:07 GMT
x-content-type-options
nosniff
age
50477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28405
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 06:57:07 GMT
SWSH237_BSP_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/SWSH237_BSP_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965e081a452ce56d394fff49dd911560f9d4e2b157c395f648358f1181a4a87d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:48:20 GMT
x-content-type-options
nosniff
age
29404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11010
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:48:20 GMT
SWSH237_BSP_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/SWSH237_BSP_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6238a8b841a0fb0e4ae27812f8a3fddda3884a077ec0ef575c45630461426887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:06 GMT
x-content-type-options
nosniff
age
28338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29898
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:06 GMT
SWSH238_BSP_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/SWSH238_BSP_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e00726d9d18bf05a4201ea4052a7ed05dddabecf1f478fb91193a4a7cc1c182a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:39:45 GMT
x-content-type-options
nosniff
age
29919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11106
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:39:45 GMT
SWSH238_BSP_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/SWSH238_BSP_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8d60547bf0911a0b8d019e651e59df64237a4b4c6790dc0797311aaa1cdff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:06 GMT
x-content-type-options
nosniff
age
28338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30364
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:06 GMT
SWSH239_BSP_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/SWSH239_BSP_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f55bd17bfbb20f0a89a29218851bc7cb8637155ff0840e76fade6d98abb6029e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:48:20 GMT
x-content-type-options
nosniff
age
29404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11520
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:48:20 GMT
SWSH239_BSP_DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/SWSH239_BSP_DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
863464bdb0be03b7fa837a403ad6f4b24d61bc47577da0843ad82e167f4ff211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:06 GMT
x-content-type-options
nosniff
age
28338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32725
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:06 GMT
tcglogode.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/tcglogode.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbc09180edc4472ceaeab8aec3074499a990a9c3f32580463195eca2d8b9462a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:48:20 GMT
x-content-type-options
nosniff
age
29404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18166
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:48:20 GMT
tcglogode.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/tcglogode.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d35f6fea1baeb9c05c09142d598cfe1df59342ed8962a45db1ee14ca49b412b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:06 GMT
x-content-type-options
nosniff
age
28338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13796
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:06 GMT
text1DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/text1DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1123650f8cf392e1e2a3d8717f73d445d9b5fa88f5a654cf04548d6cd4326232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:54:25 GMT
x-content-type-options
nosniff
age
29039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7967
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:54:25 GMT
text1DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/text1DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1123650f8cf392e1e2a3d8717f73d445d9b5fa88f5a654cf04548d6cd4326232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:06 GMT
x-content-type-options
nosniff
age
28338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7967
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:06 GMT
text2DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/ Frame 54A2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/images/text2DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc9eeb80974445442ab4d832e38c0f20339dd04e28cc2a655c8895bc596d93dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074917330/DE/Playwire-Fall-Tins_728x90-HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:54:25 GMT
x-content-type-options
nosniff
age
29039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6805
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:54:25 GMT
text2DE.png
s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/ Frame 5E0E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/images/text2DE.png
Requested by
Host: 736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
URL: https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc9eeb80974445442ab4d832e38c0f20339dd04e28cc2a655c8895bc596d93dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/497959/4823994172/1665074783481/DE/Playwire-Fall-Tins_HTML5%20Canvas.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:06:06 GMT
x-content-type-options
nosniff
age
28338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6805
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 16:46:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:06:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110201&jk=2083024770626108&bg=!gIOlg8fNAAZPh4lnb4c7ACkAdvg8WuIDjpvUseG_s9JqQdB2qfs2qj4Xg0zWgwHUhWQIwJg7biCcAQIAAAHkUgAAAAVoAQcKAF3lSmGlWXL1BeNgbrT2ArRmavfXyau_LajME7iCdPcq6Ifzs2eqdCGraDtCXuyp8iIJTRNW9CwTVoY_40nC0aAPsdil7fCHReNmk-gBeY2CKDO2sp8HhEGW3qpQC7iZAp7amBEeYWHxvfSmf_OSfB9eXOjb_nAZv44VX1jGVkr-7UVF0OfYXtiUnHEyQ1L7Opl_c6CvrHN9HlNs_YYLdVjLLYF4pk9GfFVjZu6wwKPdxX7jdr3d78zG2r1SA7A2BLjtl7eZwOajlEGT_hDcGKBYz9ywbocdiAyc0uJZTEHIDemiNskMdkGv0CeIcK5dk9HucjDdpMKqOIsGkmficmpKl8gHw776HTaSCGQgYotq_Ew6dIX0_3ebiAsgxrqltvZSP7yz2UWyqtMjn19WUkKQiVtx5SpNqK9P7Qwr-pX4gitQ9QRPLP-mTfEHbw__XIQegckz4XlaZg0f-DcSS0eGtuAosOdQblUTTudjze2H7iyoX6n0bSqF9KqnnqmCwuUFx-2-gEuh1yexG89mNmz9bylTZnasnsTBHWXmy5uURhk9ohlCUzppq26SUXL_Nsnaigr9n4mb8JWZmm3Vt3zs0KGXp8-DDbd_CQ6Da6n8aq8n-aOZ1_a6KEOQD51T6IqDuz2O26h85rTmZTG-wFwD6jDjzYQuPSWtAG7zNnmARJl23owlGzpX0Qe38WfEvcn3fiyV_Lnj2qO2Ig_ux67kzMMY6XMTx-xquP44Oce-T_T52hdUHMspY2b2XpwwNQS78WnV3d_dTd3D1SI1tF35VU190fV3Q2-0HEKB10raD1QA29YaAHu1zb2AoFyrANBxb3oo_4-39aV92QmbvoaGAUZYhb_SgOP2QH14N1sKafvnAtF8hwmDVNCdPNwXdkjcmpUZ7tMDHQfvVs8qnuhCeT-f74lUfc1fOiU8ips9fHxuX1opRCJiSjIWpLv0aH1BgVgsNZF7lqljR_6_3x8M34P9tOPZ0sKZGWkpOZ43xLWrPDpCxyOaTpmc64w8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame C7B4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubCej9jAdS1pRZZp_a1x6BjFtY6E7e61rFIkhyZGsB26rQIrMO5kJ1Pf5NIoJyTeF3Cbdr1uJF5XuKHeRBGwYU351hcAiJhxUWOdZEEWLKQg4eZT76pb4x4KJBJtmu6J4ZWL0-bra5&sai=AMfl-YS_MtzGV3CC5g0trucy898GjemL6ON4ffwtG73HyqCZBUrqIEOd5-beLWN43IlWgcOLsN8xdNmzOhn6Q5p7m4joDuDYdwdrXvVeBpsdnG4Zfogfy7rmCC0JLFoiEbirfg&sig=Cg0ArKJSzOCAMKHPJdgeEAE&cid=CAQSPgDq26N9tWNEuTLJDOt_bO4H-Wb96GiKreF0m5fMr8FQPo1B46Nie-SfJzeCFJI8GJPBNLOhInJw6lk-ed8UGAEgDg&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=326&tls=1326&g=100&h=100&tt=1326&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducksters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E529 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPNCZbmGl4fgC7IGIVyjwFAaNYITxSi3w1O_KSdaX_u76Od1ad8cs2uN7bW2PenGTgdBWd1b-8G2riHpBR63Z66Lm9YFUz5L2zuBESJ9OUgytALzHiuNivSTiCRo1-rTjAuMbYJwU8KzMLjzeVpamheys1c2iz3OLYxyMDhVWIx5LI0864AbILohK-kXwcD-ui3-ev14x6pyIKntlDEsPFlpHuubhbOo7eb5q1b40Wig0lhGBcCjxZzBo0mJ8jy_35n2C9O6yfrupE8mWAMv8RbDwXQpsZ9bU9LEg7aIr13flmd1NVaoEM5j8k1T99P_Q6Uw5mZJ9pfAgbzLzBQCT5d_MqpSeayR7Y0vHN8pZr3kfARvB-XpwU4vpHROXc&sai=AMfl-YQP_XwTskTSycKyGVYzuWsY3MuOF7vfjvfqU1lYik0982tzXb3fWER4GUwd7FudM8FzsHyvkfxbdR9YGTMgi7IdE6I6-Go-mTKWdPP8iljNwqrA9fu5ZaaD2xl-72jgv625&sig=Cg0ArKJSzAFzcvX-EOnMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Nov 2022 20:58:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3263 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuk7A7zrHwaaR9y-PjFZe0NoZVJ0xuoF9YJ5_y8-IfJ39SG2HEGjAl7S3u6zIdKORmhRMiIFbpAcy3LmO-SA0Vv4AbH-em3UWkwnc9i9RaBoFvn9Jitroa-j5PInI1OKxHfL0EAZOhY60bTA7Xv7xjFmztRN2U36SvZrwiYGzaQ9lLEw9bjtKEBGgFDI-pdPI25qqrNaZuAi9xWObLFgAUgGpV40K5NFQtbG0njFxDOMTMPVLtkC4w3Qz-VIdoNV3gX10kL-aVTKfaIm3qq1R4-FLnA2nR9n5IniJzB4ms6zkFBM-mz6E-xcW5uNRzwmNRvQkiPDjkrjRP5gkIMPdOCuJqri9WW6T06bd1mfqGKtRd6q-fTXITe_Rz&sai=AMfl-YTtPf1_znSpbblhEMOq623ENxuFH3SUxWd5HF93TEsq2pG3m0t-JDIm4bsKAs8XLSZWnc2jtavG59sHUur_O_MlAPGhVi8xKGWD0E_75PmewX4b-Zpx77PiESWIC3bkha15&sig=Cg0ArKJSzA9oi7ehhEY-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:58:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Nov 2022 20:58:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E529 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1iXclshspcltNTS24lRK9pprkoXYBiAYs9LKyknZwWLkUJ-al91qSw0w67sEjrf1P8xtFnjD1_w7MjlgbT1gzcgqmWVKybE_iwpBH9eNBKsR2Kx_mA3BbRIVluILEMhDxfaNzIyucjNOjG08Akz_i9UwgulLWsoiTiCiHVHrodOxquza0DF0FingDV06qIGK0S5KBnTntYoMLYkQADgkMHDhICnhcza_hg53dKQYBd7LnlRzvimQyApS75VBDiNlhkNid9_mtNbvYE2hCTufmj8f5D1owPdWKJHRbj9gol64P-WV25V7UaCwxygCNC4Xhkn59YYHtpYfcyOXTCsepTZtHlmFekk79giws5yH2wLvo1JMy--1CWn1f18kqp5gMIr5x&sai=AMfl-YRn85BDbXdqtIDNCRO6TOAa_E09ipRhfpfqeLPDNfNhMtV1ILvOhBnO87p1kYBzLTZ3pTfI3zzwBqUbWluRG0V1_da184L1zquZCSuXY098koLkiYNQPON2cWZac5aT5iUv&sig=Cg0ArKJSzD3dxE1wTSR2EAE&id=lidar2&mcvt=1000&p=366,436,456,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3990941679&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667854703278&rpt=1878&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3263 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvscoouYEpeHGOxwRJoC0Va7e5w6QJL4MlclTULx9bmxg641oeGLViJ9kB5w-bp7fR03nqHctO6MO-pbktq_xOeu-3eVLF0FQ9JQWwpaoroUp8bati3K8OKl-bdpViU_XOCRwVdlqBbG1GCzxkMkbICCAFdCBV3a7Jm3Lah5i_BcpiN6hKc8Ys1MjlIDWa3UQpJnO7_1ON1n5PMaIHCiYGcgfmk_Ku28MbqhManeja2UfnRP5pJGxOuOeCvItHCZ3vfF-pHjJ5eKP5gEGoRj7C7qGKnkwPQIwJ1cjPxSIBfhggTx9YuoDy2dIBWsZ6PwRE0Fm52_w34n__BwdVKCT7LTrdxay8XTmUTgJGcPUqN5wMeixh7QIAFPrj3jquPZh2&sai=AMfl-YR6dwOVmalJT4VHLNzKzaP0RdMkjGBnj-saLfU-6D2PfI-Emj73ie4OL_8Lj-7cwiaMHjynCdKSAjJI07WFqcBXsdsAYxMD3IoE211c7jo1dX1dzPEB2U_NwG3zy8QxF-J_&sig=Cg0ArKJSzApkv6k1e0UIEAE&id=lidar2&mcvt=1005&p=510,1016,760,1316&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2587671236&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667854703282&rpt=1889&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:58:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ 		590 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash
9b26e1999227e48b9acb9c5fbccf80ee08b64e6ba7a93117c5c7faec21a24325

Request headers

accept-language
de-DE,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIA44GIABD5TUHDLF3S/20221107/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=1776fb7988a2355aa1fa9d91315230265ecddba1e38702d7f4d3634f45180cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
31a3383bff7fc4d8bdffa6736e473c1d72c23bc37c9703f5f3ba4ab71d7521ee
Referer
https://www.ducksters.com/
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
X-Amz-Date
20221107T205829Z

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Mon, 07 Nov 2022 20:58:29 GMT
x-amzn-RequestId
de1251c6-6ff1-2b0a-85f1-2273a2ce2ae5
Content-Length
590
x-amz-id-2
cgN3bjKf8R+lpOTVD8kbz9Hp+9m8ksPXc5zfF4kWtVesjxM8HkIuxHP7UM/voDPhWqSSYmsg2msYEZtj8fqI0Wl2BKQgYqNF+A4Dnb2WD88=
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.ducksters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Mon, 07 Nov 2022 20:58:29 GMT
x-amzn-RequestId
fe864646-ce7e-99a8-a565-35f303419847

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| tyche object| pageos object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling object| _pwLogger boolean| excludeMoat string| _pwKassandraVer boolean| _pwUserInCA number| _pwFpSampling string| _pwUserCC string| _pwUserContentEncoding object| pwEdgeFlags object| webpackChunkpageos object| __core-js_shared__ object| core object| PageOS object| ramp function| gtag object| dataLayer function| $ function| jQuery object| cookieconsent function| checkSearch object| google_tag_manager function| checkSearchFooter object| google_tag_data string| GoogleAnalyticsObject function| ga string| title_1 string| location_1 function| onYouTubeIframeAPIReady object| gaGlobal object| googletag object| ggeac object| google_js_reporting_queue undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| webpackChunkTyche object| MoatNadoAllJsonpRequest_325375 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| gaplugins object| gaData object| Tyche object| consoleHandler object| kinesis object| _pwBoltAB boolean| boltSampling number| boltSamplingRate boolean| __pwSpotxServerSampleRate string| BoltBaseURL string| __pwPageOSVersion string| __spotxVastVersion number| _pwBoltAdTimeout object| webpackJsonpBolt4 boolean| BoltDebugMode object| pageOSScript object| pageOSLoaded object| Bolt4 function| _xamzrequire object| AWS undefined| google_measure_js_timing object| __pwpbjs__ object| mnet string| nobidVersion object| nobid object| ADAGIO object| pbjs object| __pwhbjs object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| BoltAdBlockDetector boolean| BoltGlobalIsLoading object| ZeusGA object| Bolt object| Zeus object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

13 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: ma7kWl-6c3f9c82efb4a151a9-00c
www.ducksters.com/ Name: usprivacy
Value: 1---
.ducksters.com/ Name: _ga_K9B1TMX9Y2
Value: GS1.1.1667854702.1.0.1667854702.0.0.0
.ducksters.com/ Name: _ga
Value: GA1.2.353593907.1667854702
.ducksters.com/ Name: _gid
Value: GA1.2.1627326978.1667854703
.ducksters.com/ Name: _gat_gtag_UA_714916_2
Value: 1
www.ducksters.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.ducksters.com/ Name: playwirePageViews
Value: 1
.ducksters.com/ Name: __gpi
Value: UID=00000b7e63d5cf8f:T=1667854702:RT=1667854702:S=ALNI_MZNeetN8J-cCgxNpZlcukPJENaE1A
.doubleclick.net/ Name: IDE
Value: AHWqTUmVjz8y41EnBqFyT7fqwHAuhBCvBA1AU_aIUEFOgxWA8T4KIpNeGZ4U8DeUfok
.ducksters.com/ Name: __gads
Value: ID=7fd6b9cc88c123a4:T=1667854702:S=ALNI_MYSsC-8jX1m5VPWwh048weF3RlXmQ
www.ducksters.com/ Name: pwUID
Value: 741755315749085
.doubleclick.net/ Name: DSID
Value: NO_DATA

2 Console Messages

Source Level URL
Text
other warning URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.21/7.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

736000da45de757114be94c00d592f0b.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
bit.ly
cdn.ampproject.org
cdn.intergi.com
cdn.intergient.com
cdn.playwire.com
cdnjs.cloudflare.com
code.createjs.com
config.playwire.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kinesis.us-east-1.amazonaws.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
region1.google-analytics.com
s0.2mdn.net
search.spotxchange.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ducksters.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
142.250.185.70
18.132.134.118
185.94.180.124
2001:4860:4802:34::36
2001:4860:4802:38::178
2600:9000:223c:6800:1a:1459:5cc0:93a1
2600:9000:223d:d200:14:2602:6e80:93a1
2600:9000:2250:4600:12:4abd:d340:93a1
2600:9000:2250:4e00:13:7c50:cec0:93a1
2606:4700:20::681a:c86
2606:4700::6811:190e
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:26f0:780::5f65:36c3
3.91.171.243
67.199.248.10
88.221.169.143
092566589bd8db5eebfed9e0e4ef75778b493b74bf519f5c283f375971625b88
0f36125ff55f3f506abf6d4c43601d285cf2959c239e8fe78d669aea00400e6d
1123650f8cf392e1e2a3d8717f73d445d9b5fa88f5a654cf04548d6cd4326232
119337ba98d01f0033ccbcc0be41fa06009f9c57fbdb5de8b3e6e6deb42a0a02
1426aa92da8c8a252f5cfe2b95bcb7a74e57a20bb28d0aaf710d1b963676f1a5
14dd5bdcaf1f7582bf9104f89e77e2b31895bdb8f9dc55d669cc8136715c500f
15baf364503744256e4f75cd5094462e4e91a462176367dc9d372932d3c8691d
1b5839ccf8b2a8013f74f4010170cef575f7112c19e791f7b71405d90687d065
1e9514f96a8af95ff9bc0f59e6ffe6d03f1b34e23a934fa6f4eaf3749c73754b
21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c
23b9cb236050bdd3ee0ca83fd60c9b25eed708678b9f75e7e0fc6a913063cc2d
245ae03a84417c41044c077166f31e56243f8a79a8deba2ab8b8430dc5d28467
272b9948716c2d3274e41beaf32ba844e9277382560b7f109e9486069f922104
2ba94955ea222644f145ce564f4a5cd15731039aceacceae73d4f2eeb4a49980
2ff9c3d7b9b17b42ea0d92d9e0aa3c2f8c97f5f07603ec9ccf53f28207797092
3879fa3a78d83ff59f850398e0860645388db1bc52fc0266266457f4d28c911b
38b88d35ff7abc2f1614745b704a2995714660452baa4719737545b05c7e6f81
3a561d6a331390487462ea9e43cd172e5232eb4c2eb8ae0cf38e700ce31717eb
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
446c2273da5a402c2e7ce9ab0ec9fc4fd317216aefb9971c47f18de0f2ce922c
4547a3e2e7545a504b3a1cdcc817a6219c904c94f79c3b98744a264652d3bcd3
45ea8ad150982ead3c41af377077eb5027cbe2e3d630807b0e46cff45c93e6bd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f7af4fdab4124697338b245e17a0b2134c761887e2f944f6fa27d6eaedc4da
48027641b9b68fc4c935af1c09f60855127855d88d6db82cbc0636c051964377
4a0fbf8080c07e60ae91b9ab6ef235cac37d61db575dfce463aee4cfa591e8e3
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4f63a771e9e7e24a13a4ad3c8ac554db96c34874c3863b2b809f7f4e7e7b7db1
50fd5d973a98af11fc4f1006ed701aefc2ea80aa2c5edc525a12e7cd28448e74
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56474eb6c4c632455860249e0d511eb15b834b09966a6af3601bcbf5c6e9a5fc
5651133b0392ce80a91d2e057fcfaf0b227307b35f32f11060e65c6e494c0a94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62137946b19688b6b7ec717d57b0fe4f9225f6069fb67117e11ede2718322636
6238a8b841a0fb0e4ae27812f8a3fddda3884a077ec0ef575c45630461426887
6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2
6990779a580ea08b1c549619a748dbbcd5c0782176f5987a1e9df45da5cc30ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
725c59437154130ffaecf8d148c147d836758271df0d9369f725834aa4e9baa0
725d1edb01d4673a22b6b7c66348ab19f0be4467b2f17e364db97d500b8efd68
764967ec3fafdf24ba32cd771c93bdcaaf9dc2261c70c03b5eba64058d291bfd
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7b821d080d60f13e78c18bfbb4d279dcfc5beb587e00a49621a8dcfd58f2356d
7d35f6fea1baeb9c05c09142d598cfe1df59342ed8962a45db1ee14ca49b412b
7fbe4f3a945bb4673c78ff1af46f86172a35dbe87b66114968fb6e56a353a9e1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81ed06a494a4df5b01e5e1a30a7d30e882623021cd5674ab96955ada1ac437d4
863464bdb0be03b7fa837a403ad6f4b24d61bc47577da0843ad82e167f4ff211
907902f4a83d41281598d3eaffdadc0fcb4e9d55873725e521f734c80dc02cac
90c97a1759c2654ce113f741e1f5b0f274c47c2bf5e368e039e17ad6edccffc0
91fb73240f6c4d14842b31b056a2a77919b7438588c62ab880d9f4d90cbf2e0b
9360300038f9074b20174e339768a318cb04b32b2df3a2b84f73aee0f18da2d7
9402bc2b0e7582ba423b88f71ad383cb6b859f61f916be5c4c073f1a9c66122c
965e081a452ce56d394fff49dd911560f9d4e2b157c395f648358f1181a4a87d
96cddb2c4c259ad698ef12685f75b8bea7f844ed81013835c46513d482e5bf10
99e3c588cc419ab189db73839b09f41688ad87e3e3531345780f05a202261208
9b26e1999227e48b9acb9c5fbccf80ee08b64e6ba7a93117c5c7faec21a24325
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9c88fe77d0bb423a2815479f8f06a39d4a2f47f7ee3c800b2792d217e063576f
a0c21790fd53e3b78fe935dd04be28160b7a39f95e0067a134dedffc0a2d2314
a12f71a382952ff23588015d79da35f9c35a44df276c57a0e08ba3a210faf308
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab406f0695e83d323522dd203dabb01cbf4d584e7034639bb01a772509eff23d
ae726193112d41052e35118aa67d5f832d40aa9e53c2594466e0ee5df73caab6
aeaa3012886bc059c89fdc67fb020bad93d5d53bae3e7c1b33a2af3e1f76635a
b081ffb446bac14a786e4bd7ea03280a8ba2b0b449025d7a9732eba07c0437eb
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8d60547bf0911a0b8d019e651e59df64237a4b4c6790dc0797311aaa1cdff53
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c3fef29529678ff5e018e5d2db4a897390044b92e9105cf7adae070f76f8dbe1
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c894793d9b331314c3685497f5de1cba181be0b1b9ec6c3751503758c88ea833
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
ca2b7196f2eaeae017bc1baa557971a331db7b46087d31e1f2c27e1af7f2d5d4
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cc6b3654648a3c72901bc3261e6b3d758e1646a42cf0df9250e90a54a5e5f485
cc9eeb80974445442ab4d832e38c0f20339dd04e28cc2a655c8895bc596d93dc
cd391b3b9114b484d4c3e0e11220893e9808f969618ab5b627a55b69d5bbcd09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1e44b8a37396d89c2ffb7e51c7d122e46e8aca57d0d992b222cff3698dd48e4
d2dac5c0c4230274cee88a5ea0ae8aaca2fdc43a0274e6b43f728de8194f6b79
d833c06dd1b91530e21f68566ed1b70d3851904b0428ebb4244deed953a282ea
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
db6e9b9c4a8d198b13039b61e72982d72bfd88e5faf9069da73156e0b9674894
dee2e849bab24063ea7d3c9edb43cc9e01ca74d587e306acd83567860d7adefa
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
e00726d9d18bf05a4201ea4052a7ed05dddabecf1f478fb91193a4a7cc1c182a
e16652291a62f034f08b5d1df0a0a99833551751f9620acee04da8b08362b751
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7a10f925dd37510a0e010f4ce2cce8db6fe645eee57fd29b72c84ba86814614
e7df963cef9d9197e8c29f009d428d7a684cbe74ea4dbe8caeb34f6f114f44d8
e955aab15203411de06fa389830ed78bad40edd529e4d5124a2c0e964968fe1f
ea5bfe8d3f07e7e6bc856b373bed2212ed68374fdf3d62f509920583feeca317
ee25114153e04f79c799378353879da2d0d18f5f9e3142de9abe72cb30a8dd6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09eda7c191ec696d120b99d161f71d4cb94dc703acc599468776b6fa0ee3e67
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f55bd17bfbb20f0a89a29218851bc7cb8637155ff0840e76fade6d98abb6029e
f769b00cf1f9c0eba5cc9b7e3d45db499b491a8d00c4918548455d57468b40ae
f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524
f8fb069896030634c590e0b2a793953e4bcce8ce4a6fab454130890c344b593b
fbc09180edc4472ceaeab8aec3074499a990a9c3f32580463195eca2d8b9462a
fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d
fdf69f26e5b329be7d3948b1a064301f6dcfc8b9bbb47041b629ec647345540b
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76