goducks.com Open in urlscan Pro
74.205.81.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://goducks.com/
Effective URL:
https://goducks.com/
Submission: On October 27 via api (October 27th 2023, 5:21:31 am UTC) from US — Scanned from DE

Summary HTTP 179 Redirects Links 108 Behaviour Indicators

Summary

This website contacted 55 IPs in 4 countries across 35 domains to perform 179 HTTP transactions. The main IP is 74.205.81.135, located in United States and belongs to RMH-14, US. The main domain is goducks.com. The Cisco Umbrella rank of the primary domain is 418652.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on September 7th 2023. Valid for: a year.

This is the only time goducks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 16	74.205.81.135 74.205.81.135	33070 (RMH-14) (RMH-14)
4	13.32.121.126 13.32.121.126	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223f:1c00:4:cc99:4000:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 14	13.32.23.210 13.32.23.210	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
25	18.66.137.76 18.66.137.76	16509 (AMAZON-02) (AMAZON-02)
4	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:225... 2600:9000:2250:8c00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.103 18.66.122.103	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:e800:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 7	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	174.143.40.29 174.143.40.29	33070 (RMH-14) (RMH-14)
2	151.101.0.68 151.101.0.68	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	206.225.81.54 206.225.81.54	18501 (CODERO-DFW) (CODERO-DFW)
7	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	54.231.195.81 54.231.195.81	16509 (AMAZON-02) (AMAZON-02)
1	18.66.107.155 18.66.107.155	16509 (AMAZON-02) (AMAZON-02)
1 2	3.120.0.219 3.120.0.219	16509 (AMAZON-02) (AMAZON-02)
1 12	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.23.129 13.32.23.129	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.78 108.138.7.78	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.75.204.82 54.75.204.82	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
179	55

16 74.205.81.135 (United States) 8 redirects

ASN33070 (RMH-14, US)

goducks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-126.fra60.r.cloudfront.net

dbukjj6eu5tsf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:1c00:4:cc99:4000:93a1 (United States)

ASN16509 (AMAZON-02, US)

fonts.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.32.23.210 (United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-210.fra56.r.cloudfront.net

do2ufdrk7dzyk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.66.137.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-76.fra60.r.cloudfront.net

dxbhsrqyrr690.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:8c00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-103.fra60.r.cloudfront.net

images.sidearmdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:e800:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.134 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

5995852.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9590786.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.143.40.29 (United States)

ASN33070 (RMH-14, US)

statcollector.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.68 (United States)

ASN54113 (FASTLY, US)

api.pac-12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.225.81.54 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 206-225-81-54.dedicated.codero.net

static.goducks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.195.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

sidearm-syndication.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-155.fra56.r.cloudfront.net

dff2h0hbfv6w4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.0.219 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-0-219.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-129.fra56.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-78.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.204.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-204-82.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	cloudfront.net 12 redirects dbukjj6eu5tsf.cloudfront.net do2ufdrk7dzyk.cloudfront.net dxbhsrqyrr690.cloudfront.net dff2h0hbfv6w4.cloudfront.net dnn506yrbagrg.cloudfront.net	7 MB
23	doubleclick.net 4 redirects 5995852.fls.doubleclick.net — Cisco Umbrella Rank: 244287 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 9590786.fls.doubleclick.net — Cisco Umbrella Rank: 837056 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401	274 KB
18	googlesyndication.com 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	111 KB
17	goducks.com 8 redirects goducks.com — Cisco Umbrella Rank: 418652 static.goducks.com	333 KB
11	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	89 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	23 KB
7	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	249 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	517 KB
6	gstatic.com fonts.gstatic.com	163 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	73 KB
5	sidearmsports.com fonts.sidearmsports.com — Cisco Umbrella Rank: 20469 statcollector.sidearmsports.com — Cisco Umbrella Rank: 21531	46 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5366	134 KB
4	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	5 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	613 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1601 a.ad.gt — Cisco Umbrella Rank: 1844	4 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	118 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	w55c.net 1 redirects tags.w55c.net — Cisco Umbrella Rank: 4016	1 KB
2	amazonaws.com sidearm-syndication.s3.amazonaws.com — Cisco Umbrella Rank: 30128	56 KB
2	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 6862 adservice.google.de — Cisco Umbrella Rank: 14376	998 B
2	pac-12.com api.pac-12.com — Cisco Umbrella Rank: 180876	31 KB
2	rlcdn.com di.rlcdn.com — Cisco Umbrella Rank: 2566 ats.rlcdn.com — Cisco Umbrella Rank: 3275	37 KB
2	sidearmdev.com images.sidearmdev.com — Cisco Umbrella Rank: 19856	8 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	271 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1825	609 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1779	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155	17 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 584	149 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 921	538 B
1	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 3794	438 B
1	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4008	231 B
179	35

	Domain	Requested by
25	dxbhsrqyrr690.cloudfront.net	goducks.com do2ufdrk7dzyk.cloudfront.net
16	goducks.com	8 redirects cdnjs.cloudflare.com cdn.transcend.io
14	do2ufdrk7dzyk.cloudfront.net	12 redirects goducks.com
11	cdnjs.cloudflare.com	goducks.com cdnjs.cloudflare.com
9	tpc.googlesyndication.com	0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com goducks.com tpc.googlesyndication.com
7	i.ytimg.com	goducks.com
7	www.googletagmanager.com	goducks.com www.googletagmanager.com www.google-analytics.com
6	pagead2.googlesyndication.com	goducks.com tpc.googlesyndication.com www.googletagservices.com
6	securepubads.g.doubleclick.net	1 redirects cdn.transcend.io
6	fonts.gstatic.com	fonts.googleapis.com
6	www.google-analytics.com	goducks.com www.google-analytics.com
4	googleads.g.doubleclick.net	goducks.com 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
4	9590786.fls.doubleclick.net	2 redirects cdnjs.cloudflare.com
4	www.google.com	1 redirects goducks.com 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
4	cdn.transcend.io	goducks.com cdn.transcend.io
4	sb.scorecardresearch.com	goducks.com
4	dbukjj6eu5tsf.cloudfront.net	goducks.com cdnjs.cloudflare.com
3	s0.2mdn.net	0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
3	0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com	cdn.transcend.io
3	c.amazon-adsystem.com	cdn.transcend.io
3	region1.google-analytics.com	www.googletagmanager.com
3	adservice.google.com	5995852.fls.doubleclick.net 9590786.fls.doubleclick.net
3	stats.g.doubleclick.net	www.google-analytics.com
3	5995852.fls.doubleclick.net	1 redirects goducks.com adservice.google.com
3	fonts.sidearmsports.com	goducks.com fonts.sidearmsports.com
2	www.googleadservices.com	goducks.com
2	googleads4.g.doubleclick.net	goducks.com
2	www.googletagservices.com	0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com goducks.com
2	id.hadron.ad.gt	cdn.transcend.io
2	tags.w55c.net	1 redirects 5995852.fls.doubleclick.net
2	sidearm-syndication.s3.amazonaws.com	goducks.com cdn.transcend.io
2	api.pac-12.com	cdnjs.cloudflare.com
2	statcollector.sidearmsports.com	dbukjj6eu5tsf.cloudfront.net statcollector.sidearmsports.com
2	images.sidearmdev.com	goducks.com
2	fonts.googleapis.com	goducks.com cdn.transcend.io
1	pubads.g.doubleclick.net	cdn.transcend.io
1	aax.amazon-adsystem.com	cdn.transcend.io
1	id5-sync.com	cdn.transcend.io
1	lb.eu-1-id5-sync.com	cdn.transcend.io
1	a.ad.gt	cdn.transcend.io
1	geo.privacymanager.io	cdn.transcend.io
1	bcp.crwdcntrl.net	cdn.transcend.io
1	cdn.id5-sync.com	cdn.transcend.io
1	cdn.hadronid.net	cdn.transcend.io
1	tags.crwdcntrl.net	cdn.transcend.io
1	secure.cdn.fastclick.net	cdn.transcend.io
1	ats.rlcdn.com	cdn.transcend.io
1	config.aps.amazon-adsystem.com	cdn.transcend.io
1	insight.adsrvr.org	9590786.fls.doubleclick.net
1	stags.bluekai.com	5995852.fls.doubleclick.net
1	dnn506yrbagrg.cloudfront.net	cdn.transcend.io
1	dff2h0hbfv6w4.cloudfront.net	cdn.transcend.io
1	cdn.krxd.net	goducks.com
1	static.goducks.com	goducks.com
1	adservice.google.de	1 redirects
1	www.google.de	goducks.com
1	di.rlcdn.com	goducks.com
1	cdn.attn.tv	goducks.com
179	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
am.ticketmaster.com
www.ticketmaster.com
www.youtube.com
pac-12.com
tunein.com
duckfunder.uoregon.edu
hayward.uoregon.edu
www.tailgatepal.com
offer.fevo.com
shop.goducks.com
www.panoramas.com
www.matthewknightarena.com
ssa.uoregon.edu
duckathleticfund.net
static.goducks.com
www.uoalumni.com
uoregon.edu
kwva.uoregon.edu
www.statbroadcast.com
pntfo.trackscoreboard.com
www.foxsports.com
thevarsitynetwork.com
www.goducks.com
www.watchespn.com
statb.us
www.ncaa.com
www.hoophall.com
ncaa.com
lgbtsportsafe.com
sidearmsports.com
www.learfield.com
www.sidearmsports.com

Subject Issuer	Validity	Valid
lb04.sidearmsports.com Starfield Secure Certificate Authority - G2	`2023-09-07` - `2024-10-08`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.sidearmsports.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-04`	10 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-05-02` - `2024-05-29`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.pac-12.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-12` - `2024-08-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
static.goducks.com R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-09`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://goducks.com/
Frame ID: 577D1DF971626A2AE7CC8BCA79B16716
Requests: 130 HTTP requests in this frame

Frame: https://5995852.fls.doubleclick.net/activityi;dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309
Frame ID: A361E2B171C3A774B072E0852F20E60A
Requests: 1 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=uoregon&cbs_site_code=ore&content_id=null&sect=frontpage&sid=3b9323fe-8c99-4240-8ad9-8a0b0d63f98a&uid=9c3ea858-92e9-47c8-9515-471f2c812a03&count=goducks_com.pageview%7Call.pageview&events=&traits=&r=goducks.com&server_name=1115364-LB10&path_and_query=%2F&_=1698384081987
Frame ID: 0B682C9F41038D14B08EF7C37EB5B841
Requests: 2 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=uoregon&cbs_site_code=ore&content_id=null&sect=frontpage&sid=3b9323fe-8c99-4240-8ad9-8a0b0d63f98a&uid=9c3ea858-92e9-47c8-9515-471f2c812a03&count=goducks_com.active%7Call.active&events=&traits=&r=goducks.com&server_name=1115364-LB10&path_and_query=%2F&_=1698384082002
Frame ID: 86C67107E015EE91B954F8D524EB8146
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/
Frame ID: 85275C31B12C1441FF796624AA2323F3
Requests: 1 HTTP requests in this frame

Frame: https://5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/
Frame ID: 0299D93E0009DCF89E71FD6079A2A8A4
Requests: 2 HTTP requests in this frame

Frame: https://9590786.fls.doubleclick.net/activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799
Frame ID: C6C4B50953789321CC5D33E29E70529B
Requests: 3 HTTP requests in this frame

Frame: https://9590786.fls.doubleclick.net/activityi;dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456
Frame ID: D6A75567F09CAF8D3959D94E4F0787CD
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/41198?ret=html&limit=10&phint=pctx%3Doreg
Frame ID: B4787579FAEB0681C61EDB5AD4A6C8DA
Requests: 1 HTTP requests in this frame

Frame: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ED1F6E04AD6B7BAE3D731C30C5D9F00C
Requests: 1 HTTP requests in this frame

Frame: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC9A0031E7FC07B35F2E3096CA116102
Requests: 13 HTTP requests in this frame

Frame: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 912CE982F6F398C5A9A348C60524E9D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGN67r_sBMAE&v=APEucNX_a-vgfcV6rH0wa9mXN20kKBklzHMY4a_koXFYVm5bYhQakWZl8kd_jPkwQokqvKGhD0SIGdOQ8mDIQwvioyh0kdixSw
Frame ID: 50473E9F12433B8E2D34498FE3B1A690
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js
Frame ID: BCF25F08627D0E6072B736455E99D243
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 30B651BBB6B21BE4F0AF22C71A51011D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0FA624B9B5F0F67128BBB4210FEA7800
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

University of Oregon Athletics - Official Athletics Website

Page URL History Show full URLs

http://goducks.com/ HTTP 301
https://goducks.com/ Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

179
Requests

87 %
HTTPS

45 %
IPv6

35
Domains

58
Subdomains

55
IPs

4
Countries

9664 kB
Transfer

14228 kB
Size

21
Cookies

108 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/UOBaseball
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonBaseball
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonMBB
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonMBB
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonTF
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonTF
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/OregonTF
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/oregonfootball
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/oregonfootball
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonMensGolf
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonMGolf
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonMensTennis
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonMTennis
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/oregontf
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/oregontf
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/oregonacrotumb
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/oregonacrotumb
Title: Twitter

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/oregonducks/buy
Title: Tickets

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonWBB
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonWBB
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonWomensGolf
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonWGolf
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonLacrosse
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonWLax
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.ticketmaster.com/promo/tp06v8/
Title: Tickets

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonDuckSoccer
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonSoccer
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonSoftball
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonSB
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonWomensTennis
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonWTennis
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OregonVolleyball
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OregonVB
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/oregonvb
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GoDucksdotcom
Title: YouTube Channel

Search URL Search Domain Scan URL

URL: http://pac-12.com/videos?school=ORE
Title: Pac-12 Networks VOD

Search URL Search Domain Scan URL

URL: http://pac-12.com/content/pac-12-now-web-ios-android-apps
Title: Pac-12 Now App

Search URL Search Domain Scan URL

URL: https://tunein.com/radio/Oregon-Football-s206509/
Title: TuneIn Radio

Search URL Search Domain Scan URL

URL: http://pac-12.com/live/university-oregon
Title: UO Live Stream - Channel 1

Search URL Search Domain Scan URL

URL: http://pac-12.com/live/university-oregon-2
Title: UO Live Stream - Channel 2

Search URL Search Domain Scan URL

URL: http://pac-12.com/live/university-oregon-3
Title: UO Live Stream - Channel 3

Search URL Search Domain Scan URL

URL: http://pac-12.com/live
Title: Pac-12 Networks Online

Search URL Search Domain Scan URL

URL: http://pac-12.com/getpac-12networks
Title: Pac-12 Channel Finder

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/oregonducks/#/
Title: Account Sign In (Non-Student)

Search URL Search Domain Scan URL

URL: https://am.ticketmaster.com/uostudent/buy#/
Title: Student Account Sign In

Search URL Search Domain Scan URL

URL: https://duckfunder.uoregon.edu/g/oregonathletics
Title: Donate

Search URL Search Domain Scan URL

URL: https://hayward.uoregon.edu/
Title: Hayward Field

Search URL Search Domain Scan URL

URL: http://www.tailgatepal.com/?HQ_E=el&HQ_L=15&HQ_M=955370&HQ_V=6d1e6c461f
Title: Tailgate Alley

Search URL Search Domain Scan URL

URL: https://offer.fevo.com/junior-duck-tqrvpyg-4747b99?fevoUri=junior-duck-tqrvpyg-4747b99%2F
Title: Jr. Duck Club

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/?_s=bm-ducksathleticsite&utm_medium=referral
Title: Shop.GoDucks.com

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks_Mens/?_s=bm-ducksathleticsite&utm_medium=referral
Title: Men's Duck Gear

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks_Ladies/?_s=bm-ducksathleticsite&utm_medium=referral
Title: Women's Duck Gear

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks_Kids/?_s=bm-ducksathleticsite&utm_medium=referral
Title: Kids' Duck Gear

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks_Jerseys/?_s=bm-ducksathleticsite&utm_medium=referral
Title: Jerseys

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks_Sweatshirts_and_Fleece/?_s=bm-ducksathleticsite&utm_medium=referral
Title: Sweatshirts

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks_T-shirts/?_s=bm-ducksathleticsite&utm_medium=referral
Title: T-Shirts

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks_Collectibles
Title: Collectibles

Search URL Search Domain Scan URL

URL: http://shop.goducks.com/Oregon_Ducks/?_s=bm-ducksathleticsite&utm_medium=referral
Title: View All

Search URL Search Domain Scan URL

URL: http://www.panoramas.com/university-of-oregon-uor-ducks-panoramic-pictures-and-posters/#a_aid=3HkVGx85g5ec9
Title: Panoramic Stadium Images

Search URL Search Domain Scan URL

URL: http://www.matthewknightarena.com/
Title: Concert/Event Tickets

Search URL Search Domain Scan URL

URL: https://ssa.uoregon.edu/
Title: Student-Athlete Academic Services

Search URL Search Domain Scan URL

URL: https://duckathleticfund.net/women-in-flight/
Title: Women In Flight

Search URL Search Domain Scan URL

URL: https://static.goducks.com/custompages/pages/bhm/groundbreakers.html
Title: Groundbreakers

Search URL Search Domain Scan URL

URL: http://www.uoalumni.com/s/1540/uoaa/start.aspx?gid=3&pgid=61
Title: Alumni Association

Search URL Search Domain Scan URL

URL: http://uoregon.edu/
Title: University of Oregon

Search URL Search Domain Scan URL

URL: http://pac-12.com/network/pac-12-washington
Title: Watch

Search URL Search Domain Scan URL

URL: https://kwva.uoregon.edu/listen-live/
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.statbroadcast.com/events/statmonitr.php?gid=ore
Title: Stats

Search URL Search Domain Scan URL

URL: https://pac-12.com/cross-country/event/2023/10/27/pac-12-championships
Title: Watch

Search URL Search Domain Scan URL

URL: https://pntfo.trackscoreboard.com/meets/20231027/events
Title: Stats

Search URL Search Domain Scan URL

URL: https://pac-12.com/womens-volleyball/event/2023/10/27/oregon-washington-state
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.foxsports.com/live
Title: Watch

Search URL Search Domain Scan URL

URL: https://thevarsitynetwork.com/audioapplink/source/oas-1170/content/uoregon:allaccess-Live-17799
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.goducks.com/Radio
Title: Oregon Sports Network

Search URL Search Domain Scan URL

URL: http://www.watchespn.com/
Title: Watch

Search URL Search Domain Scan URL

URL: https://thevarsitynetwork.com/audioapplink/source/oas-1170/content/uoregon:allaccess-Live-17807
Title: Listen

Search URL Search Domain Scan URL

URL: http://statb.us/b/495101
Title: Stats

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/oregon-ducks-volleyball-vs-utah-womens-eugene-oregon-11-03-2023/event/0F005EEDD40A4ED2?CAMEFROM=CFC_OWA22_WEB_SCHEDULE_2023VOLLEYBALL&_ga=2.179782436.1640505450.1698384082-1255101797.1698384082
Title: Tickets

Search URL Search Domain Scan URL

URL: http://pac-12.com/network/pac-12-oregon
Title: Watch

Search URL Search Domain Scan URL

URL: https://pac-12.com/football/event/2023/11/04/california-oregon
Title: Watch

Search URL Search Domain Scan URL

URL: https://thevarsitynetwork.com/audioapplink/source/oas-1170/content/uoregon:allaccess-Live-17806
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/oregon-ducks-volleyball-vs-university-of-eugene-oregon-11-05-2023/event/0F005EEDD40D4F1F?CAMEFROM=CFC_OWA22_WEB_SCHEDULE_2023VOLLEYBALL&_ga=2.179782436.1640505450.1698384082-1255101797.1698384082
Title: Tickets

Search URL Search Domain Scan URL

URL: https://pac-12.com/womens-volleyball/event/2023/11/05/colorado-oregon
Title: Watch

Search URL Search Domain Scan URL

URL: http://www.ncaa.com/march-madness-live/
Title: Watch

Search URL Search Domain Scan URL

URL: https://thevarsitynetwork.com/audioapplink/source/oas-1170/content/uoregon:allaccess-Live-17785
Title: Listen

Search URL Search Domain Scan URL

URL: https://www.hoophall.com/events/hall-of-fame-series-las-vegas
Title: Tickets

Search URL Search Domain Scan URL

URL: http://statb.us/b/492226
Title: Stats

Search URL Search Domain Scan URL

URL: https://shop.goducks.com/c-1764?_s=bm-sideline&utm_source=oreg&utm_medium=referral&utm_term=email

Search URL Search Domain Scan URL

URL: http://www.goducks.com/sports/2014/12/2/209804017.aspx
Title: Explore The Combinations

Search URL Search Domain Scan URL

URL: https://pac-12.com/oregon/schedule/network/televised/
Title: Full TV Schedule

Search URL Search Domain Scan URL

URL: https://pac-12.com/getpac-12networks
Title: Get Pac-12 Network

Search URL Search Domain Scan URL

URL: https://pac-12.com/live/CEN15002
Title: Watch

Search URL Search Domain Scan URL

URL: http://pac-12.com/network/pac-12-los-angeles
Title: Pac-12 Los Angeles

Search URL Search Domain Scan URL

URL: http://pac-12.com/network/pac-12-arizona
Title: Pac-12 Arizona

Search URL Search Domain Scan URL

URL: https://pac-12.com/live/WBK15071
Title: Watch

Search URL Search Domain Scan URL

URL: https://pac-12.com/live/TOP15001
Title: Watch

Search URL Search Domain Scan URL

URL: http://pac-12.com/network/pac-12-network
Title: Pac-12 Network

Search URL Search Domain Scan URL

URL: https://uoregon.edu/

Search URL Search Domain Scan URL

URL: https://ncaa.com/

Search URL Search Domain Scan URL

URL: https://pac-12.com/

Search URL Search Domain Scan URL

URL: http://www.uoalumni.com//

Search URL Search Domain Scan URL

URL: http://lgbtsportsafe.com/

Search URL Search Domain Scan URL

URL: http://sidearmsports.com/terms-of-service
Title: Terms of Service, opens in new window

Search URL Search Domain Scan URL

URL: http://sidearmsports.com/privacypolicy
Title: Privacy Policy, opens in new window

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.learfield.com/

Search URL Search Domain Scan URL

URL: https://www.sidearmsports.com/

Search URL Search Domain Scan URL

URL: http://www.sidearmsports.com/blockers
Title: Learn More About Ad Blockers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://goducks.com/ HTTP 301
https://goducks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://goducks.com/images/uoregon_logo.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/uoregon_logo.png

Request Chain 13

https://do2ufdrk7dzyk.cloudfront.net/images/pac12_nav.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/pac12_nav.png

Request Chain 14

https://do2ufdrk7dzyk.cloudfront.net/images/ducks_pac12_tv.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ducks_pac12_tv.png

Request Chain 15

https://do2ufdrk7dzyk.cloudfront.net/images/goducks_logo.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png

Request Chain 16

https://goducks.com/images/footer_uoforegon.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_uoforegon.png

Request Chain 17

https://goducks.com/images/footer_ncaa.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_ncaa.png

Request Chain 18

https://goducks.com/images/footer_pac12.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_pac12.png

Request Chain 19

https://goducks.com/images/footer_oalumni.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_oalumni.png

Request Chain 20

https://goducks.com/images/footer_lgbtsafe.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_lgbtsafe.png

Request Chain 22

https://do2ufdrk7dzyk.cloudfront.net/images/logos/site/site.png?width=48 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png

Request Chain 26

https://5995852.fls.doubleclick.net/activityi;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309 HTTP 302
https://5995852.fls.doubleclick.net/activityi;dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309

Request Chain 38

https://do2ufdrk7dzyk.cloudfront.net/images/shop_bkg.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/shop_bkg.png

Request Chain 74

https://do2ufdrk7dzyk.cloudfront.net/images/goducks_logo.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png

Request Chain 75

https://do2ufdrk7dzyk.cloudfront.net/images/mainstory.jpg?width=120 HTTP 302
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2fmainstory.jpg&width=120&type=jpeg

Request Chain 77

https://adservice.google.de/ddm/fls/i/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/ HTTP 302
https://5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/

Request Chain 78

https://goducks.com/images/2023/9/25/SidelineGear_Desktop.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/9/25/SidelineGear_Desktop.png

Request Chain 80

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/26/10.17.23_MTennisPractice-35.jpg HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.17.23_MTennisPractice-35.jpg

Request Chain 82

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/26/10.20.2023.MAM.VB.vsCal-146.jpg HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.20.2023.MAM.VB.vsCal-146.jpg

Request Chain 83

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/24/Snyder_Texas_SB5_Nanfn.jpg HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/24/Snyder_Texas_SB5_Nanfn.jpg

Request Chain 84

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/25/GoDucksWebsiteThumbnail.jpg HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/25/GoDucksWebsiteThumbnail.jpg

Request Chain 85

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/17/MKA_OSU_SM_1.JPG HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/17/MKA_OSU_SM_1.JPG

Request Chain 99

https://9590786.fls.doubleclick.net/activityi;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799 HTTP 302
https://9590786.fls.doubleclick.net/activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799

Request Chain 100

https://9590786.fls.doubleclick.net/activityi;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456 HTTP 302
https://9590786.fls.doubleclick.net/activityi;dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456

Request Chain 106

https://tags.w55c.net/rs?id=956c8fbb5190467080213cb259edaa49&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=a7842d3b-7842-325e-8bdd-d4486fb0caed&scc=1&id=956c8fbb5190467080213cb259edaa49&t=marketing

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://securepubads.g.doubleclick.net/pagead/adview?ai=CGdWO1kg7ZdnsE_rS7_UP0NCrWK-fqsZzyfeKydURzOSupudAEAEgueCneWCV4pCCoAegAc32gp4oyAEGqQK00IIZf7mxPqgDAaoEmwJP0F6DKuZLMYZd-oKewW_LJHmPuq9IbONghxjYUuR1SyD49SnZccAxVz-3GRx0ET2Ei7UwakfEYJ8OIlwTKvSriRpDHCDnT8C2jO8yIKSN7rP3ihoVmcEnzTChVFFqeSPUSoSW3T2exGj8N1GLgXRz40oo0uWt9z-MD-XcUNxQ8hMhmjG1CShWFBTEAXiRPb7uCjfbLFc8pVHlwnND5NXHmz7Rs9Ld_n12T4oPdUFJY5fvqlLEHuj3ejpUVcuL9bUIN9GdK_Ak20JD0lJms0U86icb4qzw6CxfA_F3uNcDNwxw3R2sCrMnmAQK_BsIm3G8w97JdaHbEIOxUb-wZc5JRtPnD7Wzv0P8h5BcPILCJnH30pUpbAaiCaczwATgztmV2QTgBAOIBf7ooflMkgULCCIQARgBSLXkowGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB82u0_0CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ96QIGN2W2PoB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJjwFodHRwczovL3d3dy5kdW5sb3AuZXUvZGVfZGUvY29uc3VtZXIvd2h5LWR1bmxvcC93aW50ZXItc3BvcnQtNS5odG1sP3V0bV9zb3VyY2U9aHBoJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249JWVleGNpZCEmdXRtX2NvbnRlbnQ9MF8wXzBfMIAKA8gLAeINEwjElaDhvZWCAxV66bsIHVDoCguwE_2mlBXIE5q83eMD0BMA2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTg0ODU4NDQ0MzcxMjAzNTUY3Mxs&sigh=G3ZPWEqh2Ow&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNVoapeGRJN9Ufe4X4gAUjhAv7nqu1d01_fCxVh0tiVr0NUk1qQgHwVwQusx-w7UHoKilwRDFTJxgB&template_id=509&vt=10&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216955236417940727065%22,%22debug_reporting%22:true,%22destination%22:%22https://dunlop.eu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210800380749%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217039075372065185905%22}&andc=true

179 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
goducks.com/
Redirect Chain

http://goducks.com/
https://goducks.com/

481 KB
39 KB

529ms
143ms

Document
text/html

74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

de62772d1bc8fe32bc280dd794b1c36a8737bbbfe699a0ca8c4f4ac77d9a198b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=1546
Content-Encoding: br
Content-Length: 39071
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Oct 2023 05:21:20 GMT
Expires: Fri, 27 Oct 2023 05:47:08 GMT
Last-Modified: Fri, 27 Oct 2023 05:17:08 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=0;
Vary: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Content-Length: 0
Date: Fri, 27 Oct 2023 05:21:19 GMT
Location: https://goducks.com/
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=0;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 main.1694573839378.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 116 KB
25 KB 73ms
22ms Script
application/javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/main.1694573839378.js
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-126.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e1d0ff198e698a3ce33beca07a80709575ccf267e2c37669f581864be5e435a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:24:45 GMT
content-encoding: gzip
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-version-id: OFI3oIgta92MgAlox4fXXdCnbQS4cEW2
x-amz-cf-pop: FRA60-P1
age: 3318997
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25523
last-modified: Wed, 13 Sep 2023 02:57:22 GMT
server: AmazonS3
etag: "092e5e1290481420dae2f76ace50a664"
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: chP_mdHzrDcmTe7Pyu82eRhYCQCU5T6_JrY5-f83vIY2HojR51dETw==
expires: Sat, 13 Sep 2025 02:57:19 GMT

GET
H2 200 sidearm_font_v2.css
fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/ 14 KB
14 KB 75ms
9ms Stylesheet
text/css 2600:9000:223f:1c00:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/2023-10-24-755003/sidearm_font_v2.css
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1c00:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4ef7ec47986932b8fa1d84cc6aa4a202d47e0c18775901831b161101a9c8ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 09:34:31 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 18:04:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 71213
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 24 Oct 2023 18:04:01 GMT
etag: "5af3f5d324d47a8fea3943de78fd5ffb"
content-type: text/css
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 13842
x-amz-cf-id: NllKywaVfGMJmWeuv6Asv0Z8LxcXMziHG-zjeX7PgHKccDcTigMHgA==

GET
H2 200 sidearm_font.css
fonts.sidearmsports.com/sidearm/2020-05-12-535576/ 11 KB
3 KB 462ms
395ms Stylesheet
text/css 2600:9000:223f:1c00:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1c00:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified: Tue, 12 May 2020 20:42:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "1ad82ee377693ace7a947b0c66052a4d"
x-cache: RefreshHit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2670
x-amz-cf-id: tD5NOFfiAqQJzHPPJm3RkrdCnuyxdIUhkGiL0gQ7PrX4ge5CwvyL_Q==
expires: Thu, 12 May 2022 20:42:52 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 90 KB
29 KB 41ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 22416843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29363
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-169d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qHMlF9a6NeXb%2ByNFWPGnmWIXWkwtquZ4NLXPy7yFZG%2BIfphxp2z6CVigPsZOfhfVefIlbD7COVRLMqNadOTfNB4xEdhbvB%2FemNKvoAskSicxUHp1TW59MpUn%2BDAI7UcqRzPCRAUn%2FYVbwRKpJAulPzr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ebd0fd6900d-FRA
expires: Wed, 16 Oct 2024 05:21:21 GMT

GET
H2 200 require.min.js Show response
cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/ 25 KB
7 KB 40ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3157801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7122
last-modified: Mon, 04 May 2020 16:15:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbf-653e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8wLbEuuSPWGmvD1jiDdTHgrGRGiYHh8o9X5sbavCLY4NnUvtt5n9HiB0MHUTKOXj%2BWKmpg9O%2FYhgt924ob%2B1FfISfVddnDifl1GwFsY6FJGLeMGbULYWSAeycpQphcR45s5dS6Lh7HeiLBhl66%2B%2BNkd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ebd0fd8900d-FRA
expires: Wed, 16 Oct 2024 05:21:21 GMT

GET
H2 200 bundle.1693919720915.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 471 KB
135 KB 58ms
8ms Script
application/javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1693919720915.js
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-126.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f1950abc6e6c61b21446666705924af293529ca8f79655c6f1fb57d3331e898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 19:56:14 GMT
content-encoding: gzip
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-version-id: U2Kzy7BCoe6VZI8BI8D8wTyJM6awSn..
x-amz-cf-pop: FRA60-P1
age: 984308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 138102
last-modified: Tue, 05 Sep 2023 13:15:26 GMT
server: AmazonS3
etag: "fa28b7d158d986a5ea574e4bb2a30773"
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: sAiCjv_h0RsMlepOr5e2oufkAAhPzncsK5EuWsa3W3UyIZAwO5Fm6Q==
expires: Fri, 05 Sep 2025 13:15:21 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/ 1 KB
1011 B 37ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/slick.min.css

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 823568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 347
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-4fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7DGqIz9WHfpq3kRsX0qTr9xe1z%2FgUyy9UcQUsGWr4S8cvQpsQExyRfPX4niZQPqPgpAsvGOQwETCPbmY1EEqoExhvKD3Ojfa6j3GW8HZFDpnGxulBxBEDbxzpb1Pwrfe9KrpQBHEzG0dYZ9PiGnWbYi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ebd0fd4900d-FRA
expires: Wed, 16 Oct 2024 05:21:21 GMT

GET
H2 200 sidearm-responsive-grid.less
do2ufdrk7dzyk.cloudfront.net/less/ 242 KB
242 KB 411ms
380ms Stylesheet
text/css 13.32.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do2ufdrk7dzyk.cloudfront.net/less/sidearm-responsive-grid.less?_=638339094116581499

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-210.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

1040e27124b00779fabb8555849cb1ef02c0ccccd3e7b5c2ef967e6b0b92c80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=0;
date: Fri, 27 Oct 2023 05:21:21 GMT
x-content-type-options: nosniff
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 247321
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Oct 2023 09:34:30 GMT
server: Microsoft-IIS/10.0
etag: "Bg3jNShvv1jF3VSed0VSGdhqQR3oFT3KkOqNEDt12Zw="
vary: *
content-type: text/css; charset=utf-8
cache-control: public
x-amz-cf-id: m2te1burcfmgDa8VgM93VgW1a10P2f9eEY38pUJ2VU4fURGjRo_72w==
expires: Thu, 02 Nov 2023 09:38:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400italic|Open+Sans:400,700,700italic,400italic&display=swap

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

985ad19913095c1a20df33be2d5314dc9b3bef2ec5f8fb1bbdae3ea6925ab36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 05:21:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 05:21:21 GMT

GET
H2 200 site.less
do2ufdrk7dzyk.cloudfront.net/site/ 78 KB
11 KB 429ms
398ms Stylesheet
text/css 13.32.23.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-210.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

98b2c1b3074bd4c0229001caf7490f2a8c277b78043d4d17a07766669b01fe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 05:21:21 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 10707
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
vary: *
content-type: text/css; charset=utf-8
cache-control: public
x-amz-cf-id: 00OTyEyHYP_IZqaCHmRbW7hiv1AbzNuJkUezqZ6Dbwrm9bUsaf9Oug==
expires: Fri, 03 Nov 2023 05:21:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
90 KB 247ms
163ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z369JCZLY4

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d810808b13284ae0094aed7fc23b85e0770909ba01c32f6cc6b045ad139812b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92319
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 05:21:21 GMT

GET
H2

200

uoregon_logo.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://goducks.com/images/uoregon_logo.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/uoregon_logo.png

4 KB
4 KB

8ms
7ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/uoregon_logo.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23217e7c2b9a4a8f1c0633f2bc097ed8441e22c873c8f3e267a1c79e5853a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 01:33:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 13833
x-amz-server-side-encryption: AES256
etag: "e48057bb46cc1d308668efe52abf7fdd"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3672
x-amz-cf-id: -Hg5qCwcRU3u8CedKmJXXbnE2nrVo4MXrSsLW4bmhtFZQpPdX8p-ZQ==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:20 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/uoregon_logo.png
Content-Length: 225
X-XSS-Protection: 1; mode=block

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 40ms
9ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 06:02:50 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 83912
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 3gY-b6kHPM6ocSSvrade-zkEIATNbzqSsuzJiS-N120PQiIowZrikw==

GET
H2

200

pac12_nav.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/pac12_nav.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/pac12_nav.png

4 KB
4 KB

70ms
7ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/pac12_nav.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1be05e0bb17b8299dc3cc9fc3e289e1c95aa73b91dffe76b4ad5bc188bf2442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:54:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 84421
x-amz-server-side-encryption: AES256
etag: "b937a9951da1ac2b7e7df04d95158021"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3783
x-amz-cf-id: vbCTx3IaZr49ymo0HCzzCG-gf4jdVz_ZJmKih239mJC4j6idNcaYMg==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 17:21:07 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 43214
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/pac12_nav.png
content-length: 222
x-xss-protection: 1; mode=block
x-amz-cf-id: ChNUeI0miH71Gy6aoqBk1pgkH1NzKXDmUM6tUtKc0PqDFkhutJ0dPQ==

GET
H2

200

ducks_pac12_tv.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/ducks_pac12_tv.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ducks_pac12_tv.png

9 KB
9 KB

8ms
8ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ducks_pac12_tv.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eff0f036032ae7061bf0848b966f9fda83d9468fce131910a9065b7a7c8c332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:42:13 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85149
x-amz-server-side-encryption: AES256
etag: "6ce58dff627930094e219f2896afaf4d"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8997
x-amz-cf-id: kIaT7JDw3_xhis8BTunpdLdWoR9GNmq3f9wtNYSNWNpx1rmRjGhSYw==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 06:01:07 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 84013
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ducks_pac12_tv.png
content-length: 227
x-xss-protection: 1; mode=block
x-amz-cf-id: OIsgpJKOlldl_RU_P16gy4eWa8zgJ88Y6VLRPqdKdlCoKEfzrKYBFA==

GET
H2

200

goducks_logo.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/goducks_logo.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png

2 KB
2 KB

20ms
19ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac2eb7a730e21416b8cc390fc7922f36e051d948b08793d9fc84332c206baf31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 924
x-amz-server-side-encryption: AES256
etag: "c4bdc3928bb926280f58ff239165a0f5"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1629
x-amz-cf-id: LoAA3-Sojc8VEALr9OM7rMxRQ8gpW4XZ1stec3pL8ViTeKl7VGwxeQ==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 17:20:49 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 43232
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png
content-length: 225
x-xss-protection: 1; mode=block
x-amz-cf-id: MwocdHHphKdLd8fWi6AE5dtLZ7RawWRXua2nIrMPT1SENo47oMq9cw==

GET
H2

200

footer_uoforegon.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://goducks.com/images/footer_uoforegon.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_uoforegon.png

7 KB
7 KB

8ms
7ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_uoforegon.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f304369c550f03c947022ac1d7d7b2ac99d1a86e64635bc1fd2ca3f6f1cf29f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:36:10 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 6312
x-amz-server-side-encryption: AES256
etag: "c750132a61d7496718034193c8f141ef"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7293
x-amz-cf-id: py6OR6TLE-3fgwqfFon9qjQh-byvwVvHfELDlHjqOvm886PMrw82Ug==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:20 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_uoforegon.png
Content-Length: 229
X-XSS-Protection: 1; mode=block

GET
H2

200

footer_ncaa.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://goducks.com/images/footer_ncaa.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_ncaa.png

4 KB
4 KB

9ms
9ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_ncaa.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 324ac5d2352f7f13c24386798eae9ac98c8a32e69a65ebf0789476bee0bfdfb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 01:33:22 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 13833
x-amz-server-side-encryption: AES256
etag: "a2dbd1152be5e109e2dfffd7a8162cfa"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3783
x-amz-cf-id: FcAAPoCPtjSKQr66tnkIDSNbjhkPGHjtrjQznmKC3FjLZjkLbM6PgQ==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:21 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_ncaa.png
Content-Length: 224
X-XSS-Protection: 1; mode=block

GET
H2

200

footer_pac12.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://goducks.com/images/footer_pac12.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_pac12.png

8 KB
8 KB

8ms
8ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_pac12.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbfeb01ae1cf30eb2dd55d5903cc19d872fd41570b2fe35781aed28618d22261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:54:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 84422
x-amz-server-side-encryption: AES256
etag: "453b427eaf754118015c1f5ac228195e"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8183
x-amz-cf-id: QZCfrfBCYLtI_VfZjDo3LfhaoCZMWUpbSGrTK9mBH_C6gExSlCI7zw==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:21 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_pac12.png
Content-Length: 225
X-XSS-Protection: 1; mode=block

GET
H2

200

footer_oalumni.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://goducks.com/images/footer_oalumni.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_oalumni.png

5 KB
6 KB

10ms
8ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_oalumni.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7860b2f7a448c6a7b3878a6a51fa5696ddeb6aa4cb40faed71645804ff747ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:54:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 84422
x-amz-server-side-encryption: AES256
etag: "0348ccc125025e55f4dd6ffeb14bb076"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5343
x-amz-cf-id: wQMvXUpOt-819vo_jxO8cpBcxxPnLmFhc1luljrNhXwCNJ7UAytWOA==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:21 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_oalumni.png
Content-Length: 227
X-XSS-Protection: 1; mode=block

GET
H2

200

footer_lgbtsafe.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://goducks.com/images/footer_lgbtsafe.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_lgbtsafe.png

7 KB
7 KB

9ms
8ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_lgbtsafe.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6b37de8a736cb282c61dd07fc248f6f4a071c4b09180fb3a7c6c7b1598e7eff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:54:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 84422
x-amz-server-side-encryption: AES256
etag: "f65b495c32c2d79ffba8a9008fd66358"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6912
x-amz-cf-id: jCOL-uVrmW62N_fBMQK9b95hjERH1UwktGPxSHyp-PQuBgA8U7PMkg==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:21 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/footer_lgbtsafe.png
Content-Length: 228
X-XSS-Protection: 1; mode=block

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 147 KB
49 KB 79ms
8ms Script
application/javascript 2600:9000:2250:8c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b6493004383769e5f6cd3b7679c4765df4ebcf65331b1c59874468d61db81f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: _Ggs8ITffdmJsEzx9QEvhD9lhbpv36Z3eaVW7UhKfZuVmWxol9kpTg==
x-xss-protection: 1; mode=block

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/logos/site/site.png?width=48
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png

3 KB
3 KB

54ms
8ms

Image
image/png

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

5d899346b8df4a2d4f7c2e18a1a350bfeb08c2666483ededb908cc5dcf05af5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:59:50 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 728491
x-cache: Hit from cloudfront
content-length: 3005
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 99
x-frame-options: SAMEORIGIN
content-type: image/png
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: lLvoSqcyKeeMZEqsFYHLJ2sTPMv-xxeVe-0VCOzlsnxE7Cgkdmv6CA==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 17:21:06 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 43214
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2flogos%2fsite%2fsite.png&width=48&type=png
content-length: 313
x-xss-protection: 1; mode=block
x-amz-cf-id: Sx513Ap7rZlyhNXB2GdQvsXtYdAlnRRIhv98wqXf8ycmRs9lDSiE5A==

GET
H2 204 dtag.js Show response
cdn.attn.tv/goducks.com/ 0
231 B 919ms
872ms Script
text/plain 2600:9000:21f3:e800:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/goducks.com/dtag.js
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e800:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
cache-control: public, max-age=120
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: pDVI7SK9bcT8MeGk9VD15G5sLu3pKlebubl3_I-SsAbrwZy2gdoK0w==
x-cache: Miss from cloudfront

GET
H2 404 segment
di.rlcdn.com/api/ 0
0 65ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/api/segment?pid=712104&pdata=source%3D502%2Ceventtype%3D1001%2CdivisionID%3D769
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 90 KB
29 KB 16ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 22416843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29363
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-169d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJn8AFTupVIrPWxhqlgqa8FzIZGnI7PxCNREiC3TV5yHcZI8YcLS%2B8VR7xxpDQ3VXaIc1GfrblcG%2FNHyNtJYgihhgBi%2BTXDEZbffapJX%2BqXVc3jq%2Fvs112qW6Zmtts7LBEiHDK83w5Kj%2BYou0Bir8t8H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ebfd9e7900d-FRA
expires: Wed, 16 Oct 2024 05:21:21 GMT

GET
H2

200

activityi;dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309 Show response
5995852.fls.doubleclick.net/ Frame A361
Redirect Chain

https://5995852.fls.doubleclick.net/activityi;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309?
https://5995852.fls.doubleclick.net/activityi;dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309?

483 B
425 B

85ms
83ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5995852.fls.doubleclick.net/activityi;dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309?

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

b02b105f4759592e324361810f8cd07867c05885968392752fb09d02bc744b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5995852.fls.doubleclick.net/activityi;dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 37ms
8ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 06:02:50 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 83912
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: YFemtK-y-QEt4uBf06uhkiT0TkILjUS5WKyCSJo6Hk0Hff1uqOdEig==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
48 KB 65ms
54ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-VR64

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

778cf4230d8a07c6a1792db5d272b0e533ca1879f4c332241aaa4f7f84c1332a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48710
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 05:21:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
74 KB 135ms
125ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3TH4CC

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e3cbe80de505ee48764f5057a6e43938322d0bf51754b035c5104e4627aa32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75205
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 05:21:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
52 KB 101ms
101ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW6R675

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40357ee400decbdbcb1942fa64c41a2ae6755ce90443cad431a9dadcd997f6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52983
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 05:21:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 03:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5500
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 27 Oct 2023 05:49:42 GMT

GET
H2 200 topnav_left.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ 20 KB
20 KB 10ms
9ms Image
image/png 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/topnav_left.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc5202424ea0547c7e8e2a1a0629ccac7f5c0446e862727a17d3820bad68ab77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 07:08:18 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 79984
x-amz-server-side-encryption: AES256
etag: "7c35c16179e4612ea04ebbc7834f1826"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 20525
x-amz-cf-id: KyIY2k0nIh5BmW58F12CaXSIeqR9d78ZJTdZ4uDW3UMkGlnQA_FuyQ==

GET
H2 200 topnav_right.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ 19 KB
19 KB 12ms
12ms Image
image/png 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/topnav_right.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a7c4d1e52064ef50a71f570c9d763e3dd5b4b915635d4b12b0113a646eca2aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 07:08:18 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 79984
x-amz-server-side-encryption: AES256
etag: "b6cadf584c66b3bfd61e153ad11555eb"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 19339
x-amz-cf-id: APIH8Z2uCd71QtMngkXkCn4-5zsA8ev4JXA9mZS2JZSwIlH6MGFF7w==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 124ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400italic|Open+Sans:400,700,700italic,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 39809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:53 GMT

GET
H2 200 knockout-fast-foreach.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 7 KB
3 KB 221ms
220ms Script
application/x-javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/knockout-fast-foreach.min.js?bust=638080426280865064
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-126.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-amz-version-id: lKr3ANDj088p2nhHUmVOIYlNf8.eSZsC
content-encoding: br
last-modified: Tue, 27 Nov 2018 22:42:47 GMT
server: AmazonS3
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"7d4c22c0f7e7c7eff721fadb17e18645"
x-amz-meta-cb-modifiedtime: Tue, 16 May 2017 21:35:03 GMT
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/x-javascript
x-amz-cf-id: ZJAIuzmK740SpKWdpwVgS2tib5dz3PRYjuQQNyNwQ4A2Xr2fsKdf4w==
expires: Thu Nov 11 2021 00:00:00 GMT

GET
H3 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 22952962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5303
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnloYl0VeNUZw8Kn70YsVAvLOUHNAyCD7E%2F%2FHH%2F7MlI4e5ONDkhLAiZdPzL9JgZ2LQ%2ByRBiBU89a3mfGQIuSxpx9oHJEU3zpm4PQ9ZRfvLwFCAAIhJRDwsNAg3gM1fdtR4mkE8ghoOUoLgYXv4VUey0C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ec03fee691b-FRA
expires: Wed, 16 Oct 2024 05:21:21 GMT

GET
H2 200 blockquote_img.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ 382 KB
383 KB 11ms
9ms Image
image/png 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/blockquote_img.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a66d60b778782c5e78eff99247766b1ff3d56f138d8a5e5eae1403e0985c8fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:42:13 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85149
x-amz-server-side-encryption: AES256
etag: "ea26af9032dec9775a6123c450ec25b6"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: INTELLIGENT_TIERING
accept-ranges: bytes
content-length: 391137
x-amz-cf-id: i7zm97hTL5nB-bRtcqyrkoEbA1e2iqGYn1lHawSZvngrqdH3LO62fw==

GET
H2

200

shop_bkg.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/shop_bkg.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/shop_bkg.png

80 KB
80 KB

28ms
27ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/shop_bkg.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea7b9001cf3615ed551e9b11b91ee31ba4288b746da33807c5335f8c41133a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:54:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 84421
x-amz-server-side-encryption: AES256
etag: "68f3b4443650a3fe14d98dac29f62325"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 81846
x-amz-cf-id: muT8qR-nk3zex6eYJ0ftqjxPEy6zNvmV-7nuSQf7uQK9deUZSicVRw==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 20:15:25 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 32755
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/shop_bkg.png
content-length: 221
x-xss-protection: 1; mode=block
x-amz-cf-id: xqt9mn7lgxmStj7JRIarKWFXeMHXvonlIySnbRSQLG0xhfwUFPGRSg==

GET
H2 200 force_fashion.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ 92 KB
93 KB 28ms
25ms Image
image/png 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/force_fashion.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36716b54b91b63cee454c98d006bbb80ddcf6526d112fe0d2743ae60d0d2dac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:42:14 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85148
x-amz-server-side-encryption: AES256
etag: "a7acf7205cb9d7339a4f598eea20f12b"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 94410
x-amz-cf-id: gjS51J6eIu14fu1QsoyNp2nuhoE-1uGlSdKwyLmwy24nHQURLg4uiw==

GET
H2 200 facilities_bkg.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ 681 KB
683 KB 32ms
29ms Image
image/png 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/facilities_bkg.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 800dfe37b71056c7dc05daaa19fda89f0de81d304721412dde451e9a0e954482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:42:14 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85148
x-amz-server-side-encryption: AES256
etag: "b3a99be9780107dccda25a1785ddc86f"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: INTELLIGENT_TIERING
accept-ranges: bytes
content-length: 697849
x-amz-cf-id: AjIPDD41VxiTwNBimh0U_bE9C1MkyFAjgwqPcmwnEJAzYgRRYgrKzA==

GET
H2 200 quackcave_bkg.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ 932 KB
934 KB 35ms
32ms Image
image/png 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/quackcave_bkg.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a174fdc35bf7ff77b43310385a6daa775769839a865fe9e8135dcddd85a03ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:42:15 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85147
x-amz-server-side-encryption: AES256
etag: "d72fa5127e812ce8e446c7bed26f7e09"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: INTELLIGENT_TIERING
accept-ranges: bytes
content-length: 954431
x-amz-cf-id: QXdUPe2FOZ5-IQFBze2K4PUkzH8YstN6_nD8WnqPgjVmTVpKamXVsA==

GET
H2 200 antonio-bold-webfont.woff2
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/site/fonts/ 19 KB
19 KB 26ms
10ms Font
font/woff2 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/site/fonts/antonio-bold-webfont.woff2
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7c7c439ac99a9b55bc2210b067ab6d443705f2c2e22cfa9fa21ef065af7e075

Request headers

Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:42:13 GMT
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 85149
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Fri, 01 Apr 2016 13:49:09 GMT
x-cache: Hit from cloudfront
content-length: 19020
last-modified: Thu, 19 Jan 2023 15:45:57 GMT
server: AmazonS3
etag: "25cbf5dde44074cfce3d121a53f6d310"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: Vq5Aprel0C1cI15Egkboe7DKJznz3ZhwJh0WNsOsEtA8ATVBFJ2SOw==

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v36/ 49 KB
49 KB 132ms
89ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400italic|Open+Sans:400,700,700italic,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:18:58 GMT
x-content-type-options: nosniff
age: 39744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50368
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:18:58 GMT

GET
H2 200 sidearm_font.woff2
fonts.sidearmsports.com/sidearm/2020-05-12-535576/ 25 KB
26 KB 498ms
481ms Font
font/woff2 2600:9000:223f:1c00:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.woff2?1790541
Requested by: Host: fonts.sidearmsports.com
URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1c00:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 444963e1e31f8fc85c130de4b47ac44c1fbbb895af2ce037d60e0fa33536f5f6

Request headers

Referer: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
content-length: 25877
last-modified: Tue, 12 May 2020 20:42:55 GMT
server: AmazonS3
etag: "e2106beae2f5fdf4d1252ab2ab4b43a3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: QiuJJ_HcKN-bd39P-sIyrKAL5jOiyy49l236PvCJribJkCRCc4iKlQ==
expires: Thu, 12 May 2022 20:42:52 GMT

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame 0B68 7 KB
2 KB 658ms
308ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=uoregon&cbs_site_code=ore&content_id=null&sect=frontpage&sid=3b9323fe-8c99-4240-8ad9-8a0b0d63f98a&uid=9c3ea858-92e9-47c8-9515-471f2c812a03&count=goducks_com.pageview%7Call.pageview&events=&traits=&r=goducks.com&server_name=1115364-LB10&path_and_query=%2F&_=1698384081987
Requested by: Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1693919720915.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-length: 1782
content-type: text/html
date: Fri, 27 Oct 2023 05:21:21 GMT
etag: "0568a3ac67d41:0"
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame 86C6 7 KB
2 KB 591ms
244ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=uoregon&cbs_site_code=ore&content_id=null&sect=frontpage&sid=3b9323fe-8c99-4240-8ad9-8a0b0d63f98a&uid=9c3ea858-92e9-47c8-9515-471f2c812a03&count=goducks_com.active%7Call.active&events=&traits=&r=goducks.com&server_name=1115364-LB10&path_and_query=%2F&_=1698384082002
Requested by: Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1693919720915.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-encoding: br
content-length: 1782
content-type: text/html
date: Fri, 27 Oct 2023 05:21:21 GMT
etag: "0568a3ac67d41:0"
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding

GET
H3 200 lazysizes-umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/ 7 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/lazysizes-umd.min.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6173213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2848
last-modified: Thu, 22 Jun 2023 11:06:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b38-b20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lb7W27trk%2BtpfdvCVGhSpLnkNPLZKIjLyICgfQIE3cTW7IxIUNTebAqkgiAxSPxurZ1%2BJe2%2BF0rAASiq7MCvI8BcqWk7pVJGo9fqeCIHkc3hRyGnUY1uqXy9%2Fssc%2FW0AJ3NNunhrvbi1coz8O1%2BS07y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ec0e877691b-FRA
expires: Wed, 16 Oct 2024 05:21:22 GMT

GET
H3 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 544049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKc%2B7VR24TtmBi%2FV%2FvByiMR95ncX9HlCI6teAYmywDpZOdwT%2FIAH8yKYEX48YZlNny%2BPQ0jQsWSy35jE8BjzAkaglgUiS3ENqIHweWn1ulNCxlFEwQZeTB3MpV8RquPy250q84jI7iZYQxLkHDqTGMGI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ec0e879691b-FRA
expires: Wed, 16 Oct 2024 05:21:22 GMT

GET
H2 200 sidearm.showcaseplayerembed.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 927 B
863 B 213ms
212ms Script
application/javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/sidearm.showcaseplayerembed.min.js?bust=638080426280865064
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-126.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
content-encoding: gzip
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-version-id: 0Xdf3vz0Gb9nfHFZTni0S4qUG5cVpsyc
last-modified: Fri, 19 Jul 2019 14:48:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "888c63df665817774a9931f08fcde5ef"
vary: Origin
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 465
x-amz-cf-id: NmfGw8FtGVNPntAXqoY9q8TBGevSz7F1JFJFuChDIX1OnbTjrkpDsw==

GET
H3 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/ 7 KB
3 KB 23ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/imagesloaded.pkgd.min.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 12912588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2101
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNBQTbKwPAIxaHepel%2FWSVbM8YCIwjb%2Fw58CrWAlIquUqq6GZxgIlkIq9aJLVYr3c8060VK65VUp4fRfi8WkeDaLhI38o0jdL7lwwADq7vnDMuvV4aWdFBZkAcTVVGIh7i7Oo4mSOVdJlKUIEwrN0fJm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ec0e87a691b-FRA
expires: Wed, 16 Oct 2024 05:21:22 GMT

GET
H/1.1 200
OK networks Show response
api.pac-12.com/v3/ 412 KB
21 KB 65ms
11ms XHR
application/json 151.101.0.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pac-12.com/v3/networks

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.68 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2dc53fa38136344304f1bcb5877cec11aa83057131ac60280c46eb6f3f8f29f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 05:21:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: varnish, 1.1 varnish, 1.1 varnish
Age: 58
X-Cache: MISS, HIT, HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 20924
X-Request-ID: v-87809dd6-7488-11ee-ab65-671aebff1e30
X-Served-By: cache-sjc1000132-SJC, cache-fra-eddf8230022-FRA
Server: nginx
X-Timer: S1698384082.124764,VS0,VE1
ETag: "286214c25758bc5815cb007d6efec7eb"
X-Frame-Options: SAMEORIGIN
Vary: X-UA-Device,Accept-Encoding
Content-language: en
Content-Type: application/json
X-Generator: Drupal 10 (https://www.drupal.org)
Access-Control-Expose-Headers: Date
Cache-Control: max-age=300, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Drupal-Cache: MISS
X-Cache-Hits: 3, 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 10ms
9ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698384082091&ns_c=UTF-8&c7=https%3A%2F%2Fgoducks.com%2F&c8=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&c9=
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Zen0iPhPJ3zTrc07xr982rnKvAGQUX9WgPuQLP0XeA-gyP_PdIm_QA==
x-cache: Miss from cloudfront

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 9ms
9ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=19291688&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698384082091&ns_c=UTF-8&c7=https%3A%2F%2Fgoducks.com%2F&c8=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&c9=
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: HWlvgOHeE1RE-YM1lXxCUipW2pjrrWWQMG6Le194YA9KnZLiMY7wLg==
x-cache: Miss from cloudfront

GET
H3 200 headroom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/ 4 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/headroom.min.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7159b1e57dc6cfa8abd3a69a3ae0c6de500aad6566d820b9c2588ee653333cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 23607566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1339
last-modified: Mon, 04 May 2020 16:10:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e76-10dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il1MjQZAB6F%2F9cBZpBnneThbZoSK36wLzBvxF4Ndh7sK4QRC%2FohbyrMSD0PLA8kUv7CHGIMlfMkAt2SnVTxfAO33gfDHFdkYS1zXjhxkvLocPcWiB6uBKdiNp03yTBwKDutWf1y5qTOyJiLOzAT0dXw3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ec118aa691b-FRA
expires: Wed, 16 Oct 2024 05:21:22 GMT

GET
H/1.1 200
OK sports Show response
api.pac-12.com/v3/ 62 KB
10 KB 14ms
7ms XHR
application/json 151.101.0.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pac-12.com/v3/sports

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.68 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e535e80fc61102c80da82b16460959095afb4ef8dda790d9daaf5afeaea0ac0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 05:21:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: varnish, 1.1 varnish, 1.1 varnish
Age: 32045
X-Cache: MISS, HIT, HIT
Connection: keep-alive
X-AH-Environment: prod
Content-Length: 9319
X-Request-ID: v-0e929518-743e-11ee-a9bc-83de01c0895b
X-Served-By: cache-sjc10049-SJC, cache-fra-eddf8230022-FRA
Server: nginx
X-Timer: S1698384082.159280,VS0,VE1
ETag: "9f9496ca0783d85040f59627d4be7d19"
X-Frame-Options: SAMEORIGIN
Vary: X-UA-Device,Accept-Encoding
Content-language: en
Content-Type: application/json
X-Generator: Drupal 10 (https://www.drupal.org)
Access-Control-Expose-Headers: Date
Cache-Control: max-age=43200, public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Drupal-Cache: MISS
X-Cache-Hits: 111, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
90 KB 64ms
62ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z369JCZLY4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-VR64

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c045e372bd0736e245d914a2fd9208ac97ba5c2a0fcd521030839d1d09c96b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 05:21:22 GMT

GET
H3 200 jQuery.headroom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/ 547 B
891 B 16ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/jQuery.headroom.min.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c602b6dc9a9a0796f3301b161df700920336416bef6c5f01e6f3fbfa02f2b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3152469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 279
last-modified: Mon, 04 May 2020 16:10:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e76-223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opByr%2F6VnJJ23pV9ugao5JEMvD%2BmRhPUUbrIt3BodaSMqgFW2q%2FexapMbVbYUSxvZ9xQxj95ZeRIeKjVWs6yC0WTC16ZyhXNN%2F26J99pR7wSIzhAlHUk8udGv6%2FUnq%2FZtp6kyhTWwBdyaozu0Gfgnv0C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ec188e3691b-FRA
expires: Wed, 16 Oct 2024 05:21:22 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Oct 2023 06:16:58 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
219 B 57ms
44ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1954418878&t=pageview&_s=1&dl=https%3A%2F%2Fgoducks.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIhAAAAACACI~&jid=37145651&gjid=1510907992&cid=1255101797.1698384082&tid=UA-8512810-1&_gid=1640505450.1698384082&_r=1&_slc=1&z=1111058136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b26e29ca0cea08db83b399715875a39a6abe6f7150d19fbe8ca4305defaf3596

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
81 B 49ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1954418878&t=pageview&_s=1&dl=https%3A%2F%2Fgoducks.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEIhAAAAACACIAC~&jid=1515033473&gjid=197705963&cid=1255101797.1698384082&tid=UA-75418555-4&_gid=1640505450.1698384082&_r=1&_slc=1&z=1834202008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

debeeb9b8a661171d29ef4ea1e0a68d79167787f17740582019f6f6af14ad4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pac12networks2.json Show response
goducks.com/site/ 9 KB
2 KB 129ms
128ms XHR
application/json 74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/site/pac12networks2.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

09072486ed93dfa3d9ac016e048e68975c74e559cfcc738bbd66f068a3caad88

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://goducks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 21 Nov 2017 16:00:51 GMT
Server: Microsoft-IIS/10.0
Date: Fri, 27 Oct 2023 05:21:21 GMT
ETag: "803b34e7e162d31:0"
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 1254
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 45ms
45ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1954418878&t=pageview&_s=1&dl=https%3A%2F%2Fgoducks.com%2F&ul=en-us&de=UTF-8&dt=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEIhAAAAACAGKAC~&jid=2088387708&gjid=1774659155&cid=1255101797.1698384082&tid=UA-180624321-31&_gid=1640505450.1698384082&_r=1&_slc=1&gtm=45He3ap0n81TW6R675&cd1=2023-10-27T07%3A21%3A21%2B02%3A00&cd20=Oregon%2C%20%20University%20of&cd21=DI&cd22=Pac-12&cd23=1170&cd24=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=1&cd27=LFIMGC&cd28=1&cd29=0&cd35=1&cd37=0&cd49=UA-180624321-31&cd50=uoregon&cd53=frontpage&cd54=ticketmaster&cd55=west&gcd=11l1l1l1l1&cd5=1255101797.1698384082&z=508365243

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1954418878&t=pageview&_s=1&dl=https%3A%2F%2Fgoducks.com%2F&ul=en-us&de=UTF-8&dt=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEIhAAAAACAGKAC~&jid=389523519&gjid=1362386521&cid=1255101797.1698384082&tid=UA-180696617-1&_gid=1640505450.1698384082&_r=1&_slc=1&gtm=45He3ap0n81K3TH4CCv833217870&cd1=2023-10-27T07%3A21%3A21%2B02%3A00&cd20=Oregon%2C%20%20University%20of&cd21=DI&cd22=Pac-12&cd23=1170&cd24=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=1&cd27=LFIMGC&cd28=1&cd29=0&cd35=1&cd37=0&cd49=UA-180624321-31&cd50=uoregon&cd53=frontpage&cd54=ticketmaster&cd55=west&gcd=11l1l1l1l1&cd5=1255101797.1698384082&cd56=SIDEARM&z=590109063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 71ms
18ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8512810-1&cid=1255101797.1698384082&jid=37145651&gjid=1510907992&_gid=1640505450.1698384082&_u=IEBAAEIgAAAAACACI~&z=1049489357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
83 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HJBB2WFF1V&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb25d49daa9c5d72c36760709a04c40b580015d2b8ef752d43d5a6978fb202df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 05:21:22 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/ Frame 8527 482 B
624 B 190ms
80ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/

Requested by

Host: 5995852.fls.doubleclick.net
URL: https://5995852.fls.doubleclick.net/activityi;dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7b1ecffcf1b89cf63a23e51c88b884a1c81be6add284522bd06cdc8c07fad7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5995852.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 250
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 60ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z369JCZLY4&gtm=45je3ap0v9123499318&_p=1954418878&gcd=11l1l1l1l1&cid=1255101797.1698384082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698384082&sct=1&seg=0&dl=https%3A%2F%2Fgoducks.com%2F&dt=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z369JCZLY4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 44ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75418555-4&cid=1255101797.1698384082&jid=1515033473&gjid=197705963&_gid=1640505450.1698384082&_u=IEDAAEIhAAAAACACIAC~&z=2114204766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2DSVCG2VFW&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5dcdc44f22d8eef8a86540553f2dfe4c2ab28d241628b30f00560d61a35718b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82440
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 05:21:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 26ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-180696617-1&cid=1255101797.1698384082&jid=389523519&gjid=1362386521&_gid=1640505450.1698384082&_u=aEDAAEIhAAAAACAGKAC~&z=220573078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 145ms
49ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180696617-1&cid=1255101797.1698384082&jid=389523519&_u=aEDAAEIhAAAAACAGKAC~&z=653552629

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 143ms
49ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180696617-1&cid=1255101797.1698384082&jid=389523519&_u=aEDAAEIhAAAAACAGKAC~&z=653552629

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HJBB2WFF1V&gtm=45je3ap0v9125726079&_p=1954418878&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1255101797.1698384082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fgoducks.com%2F&dp=%2F&dt=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&sid=1698384082&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HJBB2WFF1V&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

goducks_logo.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/goducks_logo.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png

2 KB
2 KB

14ms
14ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac2eb7a730e21416b8cc390fc7922f36e051d948b08793d9fc84332c206baf31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:21 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 925
x-amz-server-side-encryption: AES256
etag: "c4bdc3928bb926280f58ff239165a0f5"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1629
x-amz-cf-id: 0_1_jKcndBRQoIWlY9Ph_Ovb5IG3W7pS79QAUrf8ttnL-2J1_eF5Fg==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 17:20:49 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 43233
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/goducks_logo.png
content-length: 225
x-xss-protection: 1; mode=block
x-amz-cf-id: SXPH51qA44-ByeVkIp0Xy31Q4GGa54sKDWb-EGt9xXDmRh43x6iHAg==

GET
H2

200

resize
images.sidearmdev.com/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/mainstory.jpg?width=120
https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2fmainstory.jpg&width=120&type=jpeg

4 KB
4 KB

15ms
15ms

Image
image/jpeg

18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2fmainstory.jpg&width=120&type=jpeg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

a5c6bc4e378da01c442658af8420573c95d889142e058e7dd3e5d643fa5a6608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:09:02 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 1354340
x-cache: Hit from cloudfront
content-length: 4087
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/jpeg
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: mSkqi3YAGaf9OVvrJKs_8EFX2lGmlFerrYIFk4rv_6t7EPQ8XFVu_w==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 22:43:11 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 23890
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://images.sidearmdev.com/resize?url=https%3a%2f%2fdxbhsrqyrr690.cloudfront.net%2fsidearm.nextgen.sites%2fuoregon.sidearmsports.com%2fimages%2fmainstory.jpg&width=120&type=jpeg
content-length: 305
x-xss-protection: 1; mode=block
x-amz-cf-id: cBQY64g6ZfQsqQXTyFvaPWc-einxByDjuRK67K6Yr_agLSZSndi1fQ==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2DSVCG2VFW&gtm=45je3ap0v9125267068&_p=1954418878&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1255101797.1698384082&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgoducks.com%2F&dp=%2F&dt=University%20of%20Oregon%20Athletics%20-%20Official%20Athletics%20Website&sid=1698384082&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2DSVCG2VFW&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goducks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/ Show response
5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://god... Frame 0299
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://god...
https://5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=htt...

504 B
254 B

83ms
82ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

28de15b0da1a7553e6da9fd7574daa4b371fd6ec6137bbe36730926e54e61472

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 229
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:23 GMT
expires: Fri, 27 Oct 2023 05:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

SidelineGear_Desktop.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/9/25/
Redirect Chain

https://goducks.com/images/2023/9/25/SidelineGear_Desktop.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/9/25/SidelineGear_Desktop.png

455 KB
456 KB

9ms
9ms

Image
image/png

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/9/25/SidelineGear_Desktop.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ea1df866004ee1a2925469c55c5e88cb47f614129975ecdef0b867c9d2b5c6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 05:42:16 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Tue, 26 Sep 2023 04:00:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 85148
x-amz-server-side-encryption: AES256
etag: "c33f61f60aac71f3daae3b1f6e8c5397"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 466083
x-amz-cf-id: GULYb8s6eS-e9zodj52Lgqkhk52fW_OY8secm07O2T7uUOS4twfNSg==

Redirect headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:22 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Content-Type: text/html; charset=utf-8
Location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/9/25/SidelineGear_Desktop.png
Content-Length: 243
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fb.png
static.goducks.com/custompages/pages/uniforms/ 279 KB
279 KB 1840ms
1288ms Image
image/png 206.225.81.54
CODERO-DFW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.goducks.com/custompages/pages/uniforms/fb.png
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.225.81.54 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS: 206-225-81-54.dedicated.codero.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 008b1ae2c318aa82a22e4ef16417939de40d67db86c7572028c482e8bfb74bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 05:21:21 GMT
Last-Modified: Thu, 07 Dec 2017 18:07:40 GMT
Server: Microsoft-IIS/8.5
ETag: "27716445866fd31:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 285439

GET
H2

200

10.17.23_MTennisPractice-35.jpg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/26/10.17.23_MTennisPractice-35.jpg
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.17.23_MTennisPractice-35.jpg

1 MB
1 MB

10ms
10ms

Image
image/jpeg

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.17.23_MTennisPractice-35.jpg
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0485700fb7fc45432e105703c197bb4819b23717957dfb13fd3223340835b027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 17:30:54 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 17:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 42629
etag: "a7c94b9e1480e28aa96f68b7f2c91133"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 1106875
x-amz-cf-id: OezwxwdGXg1jZuNstB_3QzpUcydK6ngyDyPG8IfwgF1cEEOx012pOg==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 17:30:52 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 42629
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.17.23_MTennisPractice-35.jpg
content-length: 251
x-xss-protection: 1; mode=block
x-amz-cf-id: tAlMRBRqQWdkxlCFWk8SxoPORTDKlt74mFgdeIEDivexeccU0PMD0A==

GET
H2 200 bg_v1_0.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/ 0
348 B 9ms
8ms Image
image/png 18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/bg_v1_0.png
Requested by: Host: do2ufdrk7dzyk.cloudfront.net
URL: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://do2ufdrk7dzyk.cloudfront.net/site/site.less?_=638138950723803902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 07:06:59 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 15:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 80064
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 0
x-amz-cf-id: KfGAHaB0XIvRLOvGvXBz2RjwvRNjZTwGSzQnceFMOOav2ETf_uD6KA==

GET
H2

200

10.20.2023.MAM.VB.vsCal-146.jpg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/26/10.20.2023.MAM.VB.vsCal-146.jpg
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.20.2023.MAM.VB.vsCal-146.jpg

520 KB
521 KB

70ms
70ms

Image
image/jpeg

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.20.2023.MAM.VB.vsCal-146.jpg
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b4143ffb5c0bc7b8f5a18b20778a329d085e2c745c221eb43a2a20bcb3c2ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:00:03 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 04:43:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1279
etag: "9827242edb087b5ffe8f2648f59b8381"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 532178
x-amz-cf-id: lKmbUhbG7uuE-g96lVgPtYaDyU0h0u9Big7THLU7obScLQZFeiiGNA==

Redirect headers

strict-transport-security: max-age=0;
date: Fri, 27 Oct 2023 05:00:01 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 1280
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/26/10.20.2023.MAM.VB.vsCal-146.jpg
content-length: 251
x-xss-protection: 1; mode=block
x-amz-cf-id: YsT3zeJk0FDneo5TxnLLNVW0TmYqI7J4okVR3fK5rMEzyYnT82lbUA==

GET
H2

200

Snyder_Texas_SB5_Nanfn.jpg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/24/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/24/Snyder_Texas_SB5_Nanfn.jpg
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/24/Snyder_Texas_SB5_Nanfn.jpg

369 KB
370 KB

23ms
22ms

Image
image/jpeg

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/24/Snyder_Texas_SB5_Nanfn.jpg
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abf22f7e122cc1cffd612eba9f5968190ab611627e28f7fb269d96df4c1396d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 22:54:02 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 22:16:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 23241
x-amz-server-side-encryption: AES256
etag: "4550738168aa344e547a45245d06192f"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 377713
x-amz-cf-id: fbhOTzmbrUgGtouMfrhQaLkA0i8JHlae8XVwkTh4VyinFOrluoiYhg==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 22:54:00 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 23241
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/24/Snyder_Texas_SB5_Nanfn.jpg
content-length: 246
x-xss-protection: 1; mode=block
x-amz-cf-id: cEvr46-SpWdlgLBJqe5SVpM2S7_gGUiKzIFEFFz2BRspl-QstjW5yg==

GET
H2

200

GoDucksWebsiteThumbnail.jpg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/25/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/25/GoDucksWebsiteThumbnail.jpg
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/25/GoDucksWebsiteThumbnail.jpg

652 KB
653 KB

33ms
32ms

Image
image/jpeg

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/25/GoDucksWebsiteThumbnail.jpg
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21390776c3d299d656aaaafacdb51021198fb5685edd43058a1f22318100d313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 00:08:01 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Wed, 25 Oct 2023 23:50:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 18802
x-amz-server-side-encryption: AES256
etag: "5a54025ff0393e325c87c96f48ff2a86"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 667599
x-amz-cf-id: 2bzqVUHEN9L_09SC-_KhcCJX9M6aClPStaQPeCGTrGzkMIAcH_1Eag==

Redirect headers

strict-transport-security: max-age=0;
date: Fri, 27 Oct 2023 00:07:59 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 18802
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/25/GoDucksWebsiteThumbnail.jpg
content-length: 247
x-xss-protection: 1; mode=block
x-amz-cf-id: FrfgSxBQSWHAU1jN5V9oO_QjWve0UjMns3rMdhdS7Jw3K9Iygd9roA==

GET
H2

200

MKA_OSU_SM_1.JPG
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/17/
Redirect Chain

https://do2ufdrk7dzyk.cloudfront.net/images/2023/10/17/MKA_OSU_SM_1.JPG
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/17/MKA_OSU_SM_1.JPG

919 KB
920 KB

28ms
28ms

Image
image/jpeg

18.66.137.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/17/MKA_OSU_SM_1.JPG
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Server: 18.66.137.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-76.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f675b08dbfb7f4c53ab4ad636bb6e4c7769db0043e36b30c292f92577b698d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 07:06:59 GMT
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 18:52:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 80064
etag: "591a75ef80f801e8eef24b297a645d58"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 941091
x-amz-cf-id: koUIWV5QhSpdBwfCcRlB3iLx-0n-3TeYkIuOPXRG19VCp7fqRhbBUA==

Redirect headers

strict-transport-security: max-age=0;
date: Thu, 26 Oct 2023 07:06:57 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
age: 80065
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/uoregon.sidearmsports.com/images/2023/10/17/MKA_OSU_SM_1.JPG
content-length: 236
x-xss-protection: 1; mode=block
x-amz-cf-id: utP7FSxtcmVGf6JRj07BaBpXBIG0NvmL6crmfCGAJrEdv7GzmnU0_w==

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400italic|Open+Sans:400,700,700italic,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 05:05:11 GMT
x-content-type-options: nosniff
age: 519371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 05:05:11 GMT

GET
H/1.1 200
OK livestats.ashx Show response
goducks.com/services/ 12 B
402 B 145ms
136ms XHR
application/json 74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/services/livestats.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://goducks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Fri, 27 Oct 2023 05:21:22 GMT
ETag: F24602A3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: private
Content-Length: 16
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sportnames.ashx Show response
goducks.com/services/ 9 KB
2 KB 132ms
131ms XHR
application/json 74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/services/sportnames.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0a0215137ce700afa1dc58f7a691fe65f40225a0d6679f8073d2fa717315f970

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://goducks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Fri, 27 Oct 2023 05:21:22 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: private
Content-Length: 1189
X-XSS-Protection: 1; mode=block

GET
H2 200 mqdefault_live.jpg
i.ytimg.com/vi/ep7oJnZycOE/ 22 KB
22 KB 283ms
121ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ep7oJnZycOE/mqdefault_live.jpg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2926ac85491d8f89ae129ce1318a99b51d0991557811c68472279e2130a34784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22396
x-xss-protection: 0
server: sffe
etag: "1698343491"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 05:26:23 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/kkvSY5u2-rQ/ 10 KB
11 KB 210ms
48ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/kkvSY5u2-rQ/mqdefault.jpg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d3bbe472a011fc109c43776914c4a8b69b541ca7aea925ef921a3dd3d4390e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10565
x-xss-protection: 0
server: sffe
etag: "1698279641"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 05:26:23 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/FwwEeKl0fUM/ 22 KB
22 KB 248ms
86ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/FwwEeKl0fUM/mqdefault.jpg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2926ac85491d8f89ae129ce1318a99b51d0991557811c68472279e2130a34784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22396
x-xss-protection: 0
server: sffe
etag: "1698256719"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 05:26:23 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/6HGcgAlfPVM/ 14 KB
14 KB 217ms
56ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6HGcgAlfPVM/mqdefault.jpg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9211aaa931a79cdf3beb4777235e2148c80547ed12ba403f5a4c932a89962ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14173
x-xss-protection: 0
server: sffe
etag: "1698275103"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 05:26:23 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/3vSZNLVwTCg/ 10 KB
10 KB 263ms
102ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/3vSZNLVwTCg/mqdefault.jpg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5d45b212d6fe7e611a6a1c8d62cf09a4f0d1a99d9094fbedc56ed8c932d0bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9932
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 05:26:23 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/2imMsFPeEsI/ 10 KB
10 KB 281ms
120ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/2imMsFPeEsI/mqdefault.jpg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c924aa28cba571e086a80fa40acc863fab4a5cb182331b24275123b356cf1f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10536
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 05:26:23 GMT

GET
H/1.1 200
OK evergreen.js Show response
goducks.com/components/js/components/ 11 KB
3 KB 144ms
136ms Script
application/javascript 74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/components/js/components/evergreen.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7e69d105cb0e7119238aeafae1416ea52065a799c507adc9ae953b2463a30812

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 26 Oct 2023 09:30:10 GMT
Server: Microsoft-IIS/10.0
Date: Fri, 27 Oct 2023 05:21:22 GMT
ETag: "03d9c3ef7da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 2990
X-XSS-Protection: 1; mode=block

GET
H3 200 perfect-scrollbar.jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.perfect-scrollbar/0.6.10/js/min/ 25 KB
6 KB 19ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.perfect-scrollbar/0.6.10/js/min/perfect-scrollbar.jquery.min.js?bust=638080426280865064

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e47cd3ff928b0d1f5eb4a226b82d820c3e2c18783d3b90ce17f5f5f29893e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3154637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5677
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-6425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3oL%2BP9B2%2Fv3DTWGF%2BRIan%2F2myYY%2BAzjE9YXe90D%2B3OQhKGDiVy7oEYPVfKbfO%2Fn6bhkB%2BLTlWcgZoJf6GPFixlLn9bVIUy7R98klaJCoWnh7nte4wywMN6el9w3iSxrFyhXpocUhKvwvJN5uLppx7iS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81c87ec71ce5691b-FRA
expires: Wed, 16 Oct 2024 05:21:23 GMT

GET pixel.ashx
statcollector.sidearmsports.com/services/ Frame 86C6 0
0

GET pixel.ashx
statcollector.sidearmsports.com/services/ Frame 0B68 0
0

GET
H3

200

activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799 Show response
9590786.fls.doubleclick.net/ Frame C6C4
Redirect Chain

https://9590786.fls.doubleclick.net/activityi;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799?
https://9590786.fls.doubleclick.net/activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799?

529 B
310 B

91ms
84ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9590786.fls.doubleclick.net/activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799?

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

facdb1cb5e5599d37848f70623ef7ff7fb9c4178dd72031668bbf31435992fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:23 GMT
expires: Fri, 27 Oct 2023 05:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9590786.fls.doubleclick.net/activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456 Show response
9590786.fls.doubleclick.net/ Frame D6A7
Redirect Chain

https://9590786.fls.doubleclick.net/activityi;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456?
https://9590786.fls.doubleclick.net/activityi;dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456?

394 B
238 B

84ms
77ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9590786.fls.doubleclick.net/activityi;dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456?

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

d0c48e87065b92363073c8482b79c74a59cf418c786ebba66bd5ed598d58dad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:23 GMT
expires: Fri, 27 Oct 2023 05:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9590786.fls.doubleclick.net/activityi;dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 so4l4yxm2.js Show response
cdn.krxd.net/controltag/ 2 B
438 B 76ms
6ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 27 Oct 2023 05:21:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 176
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 22
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000020-IAD, cache-fra-eddf8230051-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1698384083.239663,VS0,VE1
etag: "bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 67069, 1

GET
H/1.1 200
OK web-push.bundle.js Show response
sidearm-syndication.s3.amazonaws.com/prod/ 176 KB
54 KB 423ms
135ms Script
application/javascript 54.231.195.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sidearm-syndication.s3.amazonaws.com/prod/web-push.bundle.js?_=1698384083167
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 041df148c8e60b129f3394dd0e4cad28e85f7f73521a6aaa7e3816a2feca78b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 05:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 14:56:12 GMT
Server: AmazonS3
x-amz-request-id: C2QYR9HVSK4Q8K5K
ETag: "1dac3fcb69c3cc2e58348a874277451f"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 54809
x-amz-id-2: 9fZw385FzCTVj8BUXN/jVxnYeVT1dXurlvJNP6QoIZHFxZc61PTQtpuIsOsAMMV3fST6Lo8Ij+A=

GET
H2 200 ui.js Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 300 KB
79 KB 47ms
9ms Script
text/javascript 2600:9000:2250:8c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f6de66b647795dab1a3ffe62f5f27d63495b7d6a09e99cb4de0b1d05f716e6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goducks.com/
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: lKSmazHYXxrn3lBiXv0N3FVQoNLMyhk6
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
date: Thu, 26 Oct 2023 11:46:50 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 63275
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 11:46:41 GMT
server: AmazonS3
etag: W/"15f252e06c00b51ec8bf2b80948c1ffd-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 4uKqyIanCqW7duXWEzLoD3vO6Ko--im63cG6D4GAngRhI32wAWmt2Q==

HEAD
H/1.1 200
OK analytics.js Show response
goducks.com/components/js/ 0
417 B 132ms
129ms XHR
application/javascript 74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/components/js/analytics.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://goducks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:22 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 26 Oct 2023 09:12:59 GMT
Server: Microsoft-IIS/10.0
ETag: "fd5259dec7da1:0"
Content-Type: application/javascript
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loader.js Show response
dff2h0hbfv6w4.cloudfront.net/scripts/ 3 KB
2 KB 91ms
8ms Script
application/javascript 18.66.107.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dff2h0hbfv6w4.cloudfront.net/scripts/loader.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-107-155.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1686a7de306c844af5cbe78bc404917d8eef6f2cda6a22ab173796868470555e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: YNK2d4dAiq3ZW3JoHu4EHFvjePXsx8yx
Content-Encoding: gzip
Via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
Date: Thu, 26 Oct 2023 07:29:03 GMT
Last-Modified: Fri, 02 Oct 2020 18:12:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P5
Age: 78796
ETag: W/"30000a8707eef6bcf539a52d790a88df"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: -sKqoTWl6dRejrr_-ehCwynnXNHabbu8ebLzADe1ZVsMGjWdhn0XqQ==

GET
H/1.1

200

rs
tags.w55c.net/ Frame 0299
Redirect Chain

https://tags.w55c.net/rs?id=956c8fbb5190467080213cb259edaa49&t=marketing
https://tags.w55c.net/rs?sccid=a7842d3b-7842-325e-8bdd-d4486fb0caed&scc=1&id=956c8fbb5190467080213cb259edaa49&t=marketing

42 B
580 B

8ms
8ms

Image
image/gif

3.120.0.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=a7842d3b-7842-325e-8bdd-d4486fb0caed&scc=1&id=956c8fbb5190467080213cb259edaa49&t=marketing

Requested by

Host: 5995852.fls.doubleclick.net
URL: https://5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/

Protocol

HTTP/1.1

Server

3.120.0.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-0-219.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-791-gff05a1f#rel-ec2-master i-0e375bc7960f51888@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5995852.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Oct 2023 05:21:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-791-gff05a1f#rel-ec2-master i-0e375bc7960f51888@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 Oct 2023 05:21:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-791-gff05a1f#rel-ec2-master i-0237fe7a9d585a71c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://tags.w55c.net/rs?sccid=a7842d3b-7842-325e-8bdd-d4486fb0caed&scc=1&id=956c8fbb5190467080213cb259edaa49&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cbs-surround.js Show response
goducks.com/common/ts/dist/ 9 KB
3 KB 133ms
128ms Script
application/javascript 74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/common/ts/dist/cbs-surround.js?bust=638080426280865064

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e2835d80b6411495935bae8411e0b879708edfdd4fc8534e3dc73a6ded9243ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 26 Oct 2023 09:12:27 GMT
Server: Microsoft-IIS/10.0
Date: Fri, 27 Oct 2023 05:21:22 GMT
ETag: "804f38aec7da1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 2280
X-XSS-Protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 188ms
84ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js?bust=638080426280865064

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6d53290e4dba8e1e9a6c5163e47cddd9a42a75986028983f6a21e4d7407db80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29462
x-xss-protection: 0
server: cafe
etag: 396 / 19657 / 31079073 / config-hash: 13942866851986637457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 05:21:23 GMT

GET
H/1.1 200
OK header-bidding-wrapper.bundle.js Show response
sidearm-syndication.s3.amazonaws.com/prod/ 4 KB
2 KB 333ms
116ms Script
application/javascript 54.231.195.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sidearm-syndication.s3.amazonaws.com/prod/header-bidding-wrapper.bundle.js?bust=638080426280865064
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00c3154f069d899f00bf44b191222e979d09d0620850336181f9c48b30bf3440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 05:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 14:56:12 GMT
Server: AmazonS3
x-amz-request-id: C2QR7SJNX1GCZMZM
ETag: "dd4cb39376d9c0687d8a66de6ca90ded"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1815
x-amz-id-2: KxY8HMQx5inp9bxniZXMjdv3yqXNvOHVctDMgKndRLACighqOReXf2OzjxMVSlqreMQqa7q5Ul0=

GET
H/1.1 403
Forbidden 3692.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0013/ 0
0 442ms
388ms Script
application/xml 13.32.23.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0013/3692.js?471773
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-129.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 41198 Show response
stags.bluekai.com/site/ Frame B478 71 B
538 B 239ms
160ms Document
text/html 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/41198?ret=html&limit=10&phint=pctx%3Doreg
Requested by: Host: 5995852.fls.doubleclick.net
URL: https://5995852.fls.doubleclick.net/ddm/fls/r/dc_pre=CKTAnt-9lYIDFRTEGQodZgsHPg;src=5995852;type=orego0;cat=orego0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5068471494867.309;~oref=https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://5995852.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

bk-server: ad02
content-length: 71
content-type: text/html
date: Fri, 27 Oct 2023 05:21:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 cm.css
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 16 KB
4 KB 8ms
7ms Stylesheet
text/css 2600:9000:2250:8c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d71bc81d106f54252eda85c7fbad979d6fb208a906286e2b6235accc9bc1dc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: RpSolWVcUqjFr_mTns2bPSGkjIbYHbw3
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
date: Thu, 26 Oct 2023 11:46:50 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 63274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 11:46:41 GMT
server: AmazonS3
etag: W/"8a8521b427e2b76618ce0a795c3a4c23-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: eW16LjrEDmLJ7vY9SVqvFb7I7v8r3yHgBxw1DXFSRCzMhZmqI5mSmg==

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame C6C4 70 B
149 B 531ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=5i12avh&ct=0:zqz6ig2&fmt=3
Requested by: Host: 9590786.fls.doubleclick.net
URL: https://9590786.fls.doubleclick.net/activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9590786.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799
adservice.google.com/ddm/fls/z/ Frame C6C4 42 B
107 B 79ms
78ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799

Requested by

Host: 9590786.fls.doubleclick.net
URL: https://9590786.fls.doubleclick.net/activityi;dc_pre=CI2J4d-9lYIDFRBSGQodTu0CBg;src=9590786;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6063135628987.799?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9590786.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456
adservice.google.com/ddm/fls/z/ Frame D6A7 42 B
118 B 77ms
77ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456

Requested by

Host: 9590786.fls.doubleclick.net
URL: https://9590786.fls.doubleclick.net/activityi;dc_pre=CLHU4t-9lYIDFcVewgod-0cAHw;src=9590786;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=6754518398502.456?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9590786.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dfp-component-template.html Show response
goducks.com/common/templates/dfp/ 2 KB
2 KB 136ms
134ms XHR
text/html 74.205.81.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://goducks.com/common/templates/dfp/dfp-component-template.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

038c56ae564e1c946764a09cb3cf56ae853f3972044fc4ce74fb533f38eefdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://goducks.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Date: Fri, 27 Oct 2023 05:21:22 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 26 Oct 2023 09:12:57 GMT
Server: Microsoft-IIS/10.0
ETag: "cebb5c9cec7da1:0"
Content-Type: text/html
Cache-Control: max-age=15552000
Accept-Ranges: bytes
Content-Length: 1551
X-XSS-Protection: 1; mode=block

GET
H2 200 en.json Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/ 11 KB
3 KB 227ms
225ms Fetch
application/json 2600:9000:2250:8c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72841a7806e932e2d3fac53878a79305b61b1f3f3dd7183f909fa7ba11495a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: JbQlP3zuwFtK.dESTfo5RJgtNfoLaphU
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
date: Thu, 26 Oct 2023 11:46:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 63274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 11:46:41 GMT
server: AmazonS3
etag: W/"5aa05f49664497e4590021a55cd03d0e-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 39cSGQd0Nm2jHl4gEq_1qx45n_sNFBUMyz231iEjj3CCdxDwTGeY5w==

GET
H2 200 maxresdefault_live.jpg
i.ytimg.com/vi/ep7oJnZycOE/ 160 KB
160 KB 84ms
84ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ep7oJnZycOE/maxresdefault_live.jpg

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5c7db96208faa00e366cfbc7ba95c32cac944af9952f03ba80db22ea1354abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164159
x-xss-protection: 0
server: sffe
etag: "1698343491"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 05:26:23 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 421 KB
132 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 08:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76003
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135211
x-xss-protection: 0
server: cafe
etag: 17495413759700775962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 25 Oct 2024 08:14:40 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d1ff09a09c642b7488350956725baac5812f8d0183f603e633c5bb98a06a9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29464
x-xss-protection: 0
server: cafe
etag: 600 / 19657 / 31079133 / config-hash: 13942866851986637457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 05:21:23 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 264 KB
65 KB 210ms
8ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:35:21 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 21:00:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2763
x-amz-server-side-encryption: AES256
etag: W/"f90f24d20b0a1f80ef986c97a9726a2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: sJ3sBZsKO2mdYvufM9yvAznHiqeXt9XW-6mEvfCxovOhKcAhShACfw==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
827 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400%7Csans-serif

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

318973af5e8789fd568c1f126dd7996bd61cec6af9f5dac02dd83fe94513c33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 05:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 05:21:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 05:21:23 GMT

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400%7Csans-serif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 05:27:12 GMT
x-content-type-options: nosniff
age: 518051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 05:27:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400%7Csans-serif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 568708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 15:22:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400%7Csans-serif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goducks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 4471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H2 200 49d1d053-156d-46ed-9d18-8370d1d949e8 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
803 B 47ms
14ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/49d1d053-156d-46ed-9d18-8370d1d949e8
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 14d97a68fcca1239d7c8d704e7d64858f856c12975f069300d2de8639ef007f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:31:58 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2966
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: Psj8lYEQh7NVo2DD2L3tOduqyklxzk-A_dQ2RKkHzS5aUQwNFe5eaA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 9ms
8ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgoducks.com&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 4f189adefe2d93c9e2a696025a78cb29e4dc4da578617387cc263233401be773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 01:28:54 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 13950
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://goducks.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3200
x-amz-cf-id: GpA2GKAPDnyPVimR88X3JElg8wzKc1yxaoTlVur0ngZX5MnCX_ttIg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 37ms
17ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Fri, 27 Oct 2023 05:21:24 GMT
x-amz-cf-pop: FRA56-P6
age: 7656
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: cIWjLmiEVaAeGBTHf2vXVfCpr6_wCnFpr5zJO0AI8RRALcjkHpRVjQ==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 60ms
8ms Script
text/javascript 108.138.7.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: gzip
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
date: Fri, 27 Oct 2023 02:59:59 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 8486
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: P28Ah9CqJ_wrbcmwhDYWnMf5btbdHmRYRqWRKmEgAourtQfFoj1ryA==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 60ms
9ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:24 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 27 Oct 2023 05:36:24 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 58ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 02:03:18 GMT
content-encoding: gzip
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 11887
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: VMJuZD5K-VFDkqJz4HkvPL0AKCu22qFWwotrNtvaaq4go8IRJ9tyYg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 84ms
34ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgoducks.com%2F&ref=&_it=amazon&partner_id=550
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:24 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Sep 2023 17:31:32 GMT
server: cloudflare
x-amz-request-id: 907Z07N0H4YQRTZE
age: 5977
etag: W/"8bbf05f440008747d4df642e30fc4ddc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 81c87ecd7cf5364f-FRA
x-amz-id-2: FTX4uTVOoCJnlfZvtg3cS2GHfBFAI/wkwGXMvvfwDzP+hX8bS7Tqr3U+IhvV3h140Zc4iKtAHTg=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 142 KB
30 KB 68ms
18ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: A8435E874714G1PZ
age: 3294
etag: W/"f782ea030d6823bac929128fb89f783a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81c87ecd7c075d75-FRA
x-amz-id-2: jboHQ2ldbCbSxFqaeoJsBTjEgfqxPxWCNjNhzCNqmHNZDKL/Wa4o7tG7X8W2aTzc/xnGqwHn+cQ=

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 115ms
29ms XHR
application/json 54.75.204.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.204.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-204-82.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 08bb3dc8ae75efc5ca18f010f39df67b9f40ab316a9c325da9729ea7cf9c7bee

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://goducks.com
cache-control: no-cache
x-server: 10.45.1.106
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
609 B 52ms
7ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 00:59:45 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront), 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 15699
x-amzn-requestid: 75ae87d7-8138-402c-9787-31fb3634fce2
x-amzn-trace-id: Root=1-653b0b81-4a5b299e41e3670549563f50;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Nb68TEa_DoEEW1g=
content-length: 30
x-amz-cf-id: 8dvOIR6oDO36-FV7oYDvUQYoSdmSd55XkFRqgt1303dUQHrZyloGiw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 96 B
286 B 106ms
105ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=550&sync=0&domain=goducks.com&url=https://goducks.com/
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf3849ac43adfcc220b71352d979a5c464b396f051a9c46d475e0eb30077474

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Oct 2023 05:21:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 81c87ecf4a782bcb-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 169ms
106ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=550&sync=0&domain=goducks.com&url=https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://goducks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 81c87ece99a22bcb-FRA
content-length: 0
content-type: application/json
date: Fri, 27 Oct 2023 05:21:24 GMT
debug: OPTIONS block
expires: Sat, 26 Oct 2024 05:21:24 GMT
server: cloudflare

GET
H2 200 550 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 84ms
27ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/550?_it=amazon
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f69154f1d404781877a9fdd29120b9572fa5ee18b79ef752e85d9b39a068ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 05:17:53 GMT
server: cloudflare
age: 211
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 81c87ed04fff372d-FRA

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
271 B 59ms
13ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

cf89cb6711f71ab5de878704b51adf8ecab55e6909c682d3cf4e0c096e173ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: https://goducks.com
date: Fri, 27 Oct 2023 05:21:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v2 Show response
id5-sync.com/gm/ 276 B
553 B 97ms
27ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

d9e785f3874e20e4e7593f8f82539f4496daee04cd3743e9430d0129531859fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://goducks.com
date: Fri, 27 Oct 2023 05:21:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 75ms
52ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgoducks.com%2F&pid=JlMheydLccIoP&cb=0&ws=1600x1200&v=23.1020.1619&t=2000&slots=%5B%7B%22sd%22%3A%22main-page---wide-promotion-dfp-0907b40%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21708449227%2FORE%22%7D%2C%7B%22sd%22%3A%22sticky-dfp-ad-1-836c530%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F21708449227%2FORE%22%7D%5D&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 52B9R41P5F16GCJXG9RD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://goducks.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Q4Y8vL6INqku-TOIb1tgIBgYi5QB8j8_RO6XXpTCVDTCAc6RMbRYSA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 226 KB
80 KB 503ms
503ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=376431512797635&correlator=76921793777436&eid=31079073&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21708449227%2CORE&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x250%2C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698384086263&lmt=1698376628&adxs=1193%2C138&adys=2270%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fgoducks.com%2F&vis=1&psz=300x250%7C1038x-1&msz=300x-1%7C970x-1&fws=0%2C512&ohw=0%2C0&ga_vid=1255101797.1698384082&ga_sid=1698384086&ga_hid=1954418878&ga_fc=true&dlt=1698384081410&idt=2216&prev_scp=pos%3Dbottom%26amznbid%3D2%26amznp%3D2%7Cpos%3Dsticky%26amznbid%3D2%26amznp%3D2&cust_params=env%3Dprod%26firstpg%3D1%26ptype%3Dhome%26session%3Dc%26subses%3D2%26sport%3D0%26vguid%3Dc9dcb84a-9b93-4f57-b186-d8d819083112%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Duoregon%26cbs_site_code%3Dore%26sect%3Dfrontpage&adks=1650920797%2C71150478&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98184d755b529e30005e5f66084b2833d4ce79f47b94bcd7afcb94519c159639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goducks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81482
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://goducks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED1F 6 KB
3 KB 164ms
47ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:26 GMT
expires: Sat, 26 Oct 2024 05:21:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC9A 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:26 GMT
expires: Sat, 26 Oct 2024 05:21:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 912C 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goducks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:26 GMT
expires: Sat, 26 Oct 2024 05:21:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame EC9A 35 KB
14 KB 176ms
86ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c4c61d15a7a34fa8311ed250ab7a4052b4a98d28ee50f76874fb39f73c9c128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
server: cafe
etag: 16568752811255746595
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:28:25 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EC9A 24 KB
7 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 600438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC9A 187 KB
59 KB 142ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 05:21:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame EC9A 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame EC9A 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame EC9A 20 KB
8 KB 130ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EC9A 0
0 46ms
46ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVn-LnzehHHK24SIzQYRTLQv6TlE_zxcI-hIUSAWR4VpvvcdKe0JCYcXez9rEgK4EBrnbC
Requested by: Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5047 0
341 B 138ms
57ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGN67r_sBMAE&v=APEucNX_a-vgfcV6rH0wa9mXN20kKBklzHMY4a_koXFYVm5bYhQakWZl8kd_jPkwQokqvKGhD0SIGdOQ8mDIQwvioyh0kdixSw

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame BCF2 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:17:35 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame BCF2 7 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:19:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BCF2 0
0 186ms
85ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpuqDjbaMGYz0JW-bTKGTCOAI72wjYfDfEKm-BCoD2_yt8vOoXqjjWr8ESHGR5m8yF0Es2om9DXM4EBrgsIUxht4YLaYrAfHgQqwHGHEgbjvo1cp09fflI5hrmcyyws_-ZtiWNCkdBbXcYf1mLophq-n0sntc-HJrBEV5X7_ZkHXV7uqaC8S2C_Q6SkKBMGFtBZf_8K1ewNdSGmNW3XCJk2FlrRot8Mg573anfA_54lvkfReuEniUHR69OvYkiKoeB0aAJg5rIE-xJglkSADAjC4gN3H15JTbv8xz5d1uiy23AQUrXQuT6OuIV34uninuCPqllFExQK-bj66LTPL3S0E9_EQUhUf9fu8eiAqdQ8dzg_Dlf_NmIm2DiXfQ6HyCJWNobi0DI1UzEPFFbvn2rUPiJPTyJkwRoS9wnbFS17qMpwt5FHTXKlGAsngUnVAkDGlVMIylXP-arXOT224tTumMT-NCfI2dzJIQzl89aKOcugd2sargENdh9FY739-4Q18swYKWJZIX40xHYiWZGqJDeJ2n1AWjWkiH2omarhHEqqcTLav4VgAlT_0_T6o2wevVYa01J7P779PQq49c3RnVe7huH267B6io6PkBx2g4jJe3hKu_s5eLHHlWepCnipEmFH0B0w9Dn0fJ3I4FtvxG5G3limUBrrNxAmYpQHs92MkcbiDDJkCpkFUo05pp_nBL0shmGl3CXbVK8GgOES6A7_3Ywy0wFc_99mK8sgVq6lKof2YmH-sC7oIS1D9uCaD_tWhqpdxiubLsCcCvOVzrQEZGueJmsSDqTMWdJVN9PfTdhJBY4MU7hwrX81LHqq8UXwwXZSE8TIPqT8avvYI5xstEFaWt-PsA_nN15w4Fvs-fiTYyAde8de3wOMIcVTgdiO2yxXUjdxOqypVnVsSoBlbFJ8Z3CPycJdfuMfhdjUrt1Px1dtw-UZRc2tzvMnhOcgFVlWVwP5b1XS_BQbDy2cucMN5hKSjtXNuQBnON7OLDYmbzduzNxnMIay35QSWnUqmXi__awnFuKZVVbP2vzSSvMwh0qMcW6uE2z8qyD1Gv8e9jLpeTRxaUJzRKh-uuaFxZTi-CheBNFDvqI8VfB4tlFKUhPHAWjx32IFhtZers6NCv9xfE8OcYpSIFwqV_5-YnpyG9ZECpz5qqmcaWnhT_zBJSvoL-qyr2Md1dZmAPEXNZmig7ebmzMqJFmpHKJkA4ioKbsQOCB77jh02XTJFsM_TY1IRBsjSRXyZEFEfb7lghL7Eix6JjM-_q-IO52lPLlNKkxJOHf-42Om6ibuSfFvlbKA_cVyYu45uJuvDvWXG5CWCoCXTXNooa5ICLcBbqNREfekqAgb8qhlXwCYz7RLJ4JyHGW92szhns0E4QmrFxE1ITyVu4GIc2K&sai=AMfl-YQh_ZNUlXnlizHVkt3Utl4SikUDt6_akHRaTfk0iTFhLPnesd6yO9PF7kkiqWjx3krq9JgLmR6DIsfAfTs-u5zAZZwjVOqXhTWrHyZfLBqBY3k3EBZFIvMdNojSp8G-tTjiTgQ7Jiz6Fc6x9ipkn_uKHVsaytynRiB6vV7Di2TmFy2UKV8kwPBvLaMNstU574yln8yXmPkW8qxi63GOsIDt3t_N6lwkdyqiJS4RxRSfqwJBLr3P9kh5TFBGxdqNPb3rHvbd68T-zIftI_lm7BM7TJZGuNjYRuob5mpxv6_vLxNmkQ2Pxq9fM1CSrzP9pQQOcgn0Oi27geH9BcIHlH5wFbE1zjBjpyBwRP6AczIEQgPfXZHaZFmdWTGHT9NlakHH3UgBNaY7FheVY8HzHiezMkpO&sig=Cg0ArKJSzIwuyjtnlLovEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231025.15406&arae=0&ftch=1&adurl=

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 05:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BCF2 41 KB
14 KB 132ms
77ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 23:31:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame BCF2 3 KB
1 KB 131ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame BCF2 20 KB
8 KB 103ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BCF2 0
0 47ms
46ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn6QFu5F312cBKvMnu7pCVT13G2soorg7VLcNqzbqMzqSchDYGbL8hBdoF_zmi6h2Rzedo
Requested by: Host: goducks.com
URL: https://goducks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCF2 187 KB
59 KB 171ms
117ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 05:21:27 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCF2 42 B
173 B 73ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dzeq8DI9WSW4RjiecNzoDkqiSBHd9IuguqOLoTCzPjcT3fGYfeQvuXwF_oH9UlynCZZBy0nyvQfdIqF3s05KgJNOvD2TV9TUxZomgKmQ5mVuMA9-g

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12285497570312560420
s0.2mdn.net/simgad/ Frame BCF2 56 KB
57 KB 132ms
38ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12285497570312560420

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d848d222c746f104f65042f344ea5c4ad5c691ceb306789fd511e9f10724914b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 10:17:59 GMT
x-content-type-options: nosniff
age: 241408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57347
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 12:22:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 10:17:59 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 30B6 38 KB
13 KB 38ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 87398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 05:04:49 GMT
expires: Fri, 25 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BCF2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2da3c2ebf4242198e5aa77bec1a678bb75b19a702a410667d74045165df481a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11261311508171622025
s0.2mdn.net/simgad/ Frame EC9A 531 KB
531 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11261311508171622025

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ebc5189dc4f5f89ae199f406b14b8dd128a9c5b1d2d3df24a9f6fd47d76c55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 01:10:19 GMT
x-content-type-options: nosniff
age: 15068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 543722
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 14:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 01:10:19 GMT

GET
H2 200 14533039362055873344
s0.2mdn.net/simgad/ Frame EC9A 25 KB
25 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14533039362055873344

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9753865ca3ce48f93da47f024fdd79a560e43bd55c013ae72ca41f6da0105227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 23:47:34 GMT
x-content-type-options: nosniff
age: 20033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25413
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 14:17:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 23:47:34 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FA6 143 B
228 B 36ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 04:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EC9A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5b436b66eff53ba67568df11c78d60a603364fe45831ef7574d8cad6677fc3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BCF2 0
0 77ms
77ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpuqDjbaMGYz0JW-bTKGTCOAI72wjYfDfEKm-BCoD2_yt8vOoXqjjWr8ESHGR5m8yF0Es2om9DXM4EBrgsIUxht4YLaYrAfHgQqwHGHEgbjvo1cp09fflI5hrmcyyws_-ZtiWNCkdBbXcYf1mLophq-n0sntc-HJrBEV5X7_ZkHXV7uqaC8S2C_Q6SkKBMGFtBZf_8K1ewNdSGmNW3XCJk2FlrRot8Mg573anfA_54lvkfReuEniUHR69OvYkiKoeB0aAJg5rIE-xJglkSADAjC4gN3H15JTbv8xz5d1uiy23AQUrXQuT6OuIV34uninuCPqllFExQK-bj66LTPL3S0E9_EQUhUf9fu8eiAqdQ8dzg_Dlf_NmIm2DiXfQ6HyCJWNobi0DI1UzEPFFbvn2rUPiJPTyJkwRoS9wnbFS17qMpwt5FHTXKlGAsngUnVAkDGlVMIylXP-arXOT224tTumMT-NCfI2dzJIQzl89aKOcugd2sargENdh9FY739-4Q18swYKWJZIX40xHYiWZGqJDeJ2n1AWjWkiH2omarhHEqqcTLav4VgAlT_0_T6o2wevVYa01J7P779PQq49c3RnVe7huH267B6io6PkBx2g4jJe3hKu_s5eLHHlWepCnipEmFH0B0w9Dn0fJ3I4FtvxG5G3limUBrrNxAmYpQHs92MkcbiDDJkCpkFUo05pp_nBL0shmGl3CXbVK8GgOES6A7_3Ywy0wFc_99mK8sgVq6lKof2YmH-sC7oIS1D9uCaD_tWhqpdxiubLsCcCvOVzrQEZGueJmsSDqTMWdJVN9PfTdhJBY4MU7hwrX81LHqq8UXwwXZSE8TIPqT8avvYI5xstEFaWt-PsA_nN15w4Fvs-fiTYyAde8de3wOMIcVTgdiO2yxXUjdxOqypVnVsSoBlbFJ8Z3CPycJdfuMfhdjUrt1Px1dtw-UZRc2tzvMnhOcgFVlWVwP5b1XS_BQbDy2cucMN5hKSjtXNuQBnON7OLDYmbzduzNxnMIay35QSWnUqmXi__awnFuKZVVbP2vzSSvMwh0qMcW6uE2z8qyD1Gv8e9jLpeTRxaUJzRKh-uuaFxZTi-CheBNFDvqI8VfB4tlFKUhPHAWjx32IFhtZers6NCv9xfE8OcYpSIFwqV_5-YnpyG9ZECpz5qqmcaWnhT_zBJSvoL-qyr2Md1dZmAPEXNZmig7ebmzMqJFmpHKJkA4ioKbsQOCB77jh02XTJFsM_TY1IRBsjSRXyZEFEfb7lghL7Eix6JjM-_q-IO52lPLlNKkxJOHf-42Om6ibuSfFvlbKA_cVyYu45uJuvDvWXG5CWCoCXTXNooa5ICLcBbqNREfekqAgb8qhlXwCYz7RLJ4JyHGW92szhns0E4QmrFxE1ITyVu4GIc2K&sai=AMfl-YQh_ZNUlXnlizHVkt3Utl4SikUDt6_akHRaTfk0iTFhLPnesd6yO9PF7kkiqWjx3krq9JgLmR6DIsfAfTs-u5zAZZwjVOqXhTWrHyZfLBqBY3k3EBZFIvMdNojSp8G-tTjiTgQ7Jiz6Fc6x9ipkn_uKHVsaytynRiB6vV7Di2TmFy2UKV8kwPBvLaMNstU574yln8yXmPkW8qxi63GOsIDt3t_N6lwkdyqiJS4RxRSfqwJBLr3P9kh5TFBGxdqNPb3rHvbd68T-zIftI_lm7BM7TJZGuNjYRuob5mpxv6_vLxNmkQ2Pxq9fM1CSrzP9pQQOcgn0Oi27geH9BcIHlH5wFbE1zjBjpyBwRP6AczIEQgPfXZHaZFmdWTGHT9NlakHH3UgBNaY7FheVY8HzHiezMkpO&sig=Cg0ArKJSzIwuyjtnlLovEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&vt=11&dtpt=229&dett=2&cstd=0&cisv=r20231025.15406&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 30B6 38 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 16:43:09 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FA6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:27 GMT
expires: Fri, 27 Oct 2023 05:21:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 05:21:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 154ms
73ms Preflight
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CGdWO1kg7ZdnsE_rS7_UP0NCrWK-fqsZzyfeKydURzOSupudAEAEgueCneWCV4pCCoAegAc32gp4oyAEGqQK00IIZf7mxPqgDAaoEmwJP0F6DKuZLMYZd-oKewW_LJHmPuq9IbONghxjYUuR1SyD49SnZccAxVz-3GRx0ET2Ei7UwakfEYJ8OIlwTKvSriRpDHCDnT8C2jO8yIKSN7rP3ihoVmcEnzTChVFFqeSPUSoSW3T2exGj8N1GLgXRz40oo0uWt9z-MD-XcUNxQ8hMhmjG1CShWFBTEAXiRPb7uCjfbLFc8pVHlwnND5NXHmz7Rs9Ld_n12T4oPdUFJY5fvqlLEHuj3ejpUVcuL9bUIN9GdK_Ak20JD0lJms0U86icb4qzw6CxfA_F3uNcDNwxw3R2sCrMnmAQK_BsIm3G8w97JdaHbEIOxUb-wZc5JRtPnD7Wzv0P8h5BcPILCJnH30pUpbAaiCaczwATgztmV2QTgBAOIBf7ooflMkgULCCIQARgBSLXkowGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB82u0_0CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ96QIGN2W2PoB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJjwFodHRwczovL3d3dy5kdW5sb3AuZXUvZGVfZGUvY29uc3VtZXIvd2h5LWR1bmxvcC93aW50ZXItc3BvcnQtNS5odG1sP3V0bV9zb3VyY2U9aHBoJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249JWVleGNpZCEmdXRtX2NvbnRlbnQ9MF8wXzBfMIAKA8gLAeINEwjElaDhvZWCAxV66bsIHVDoCguwE_2mlBXIE5q83eMD0BMA2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTg0ODU4NDQ0MzcxMjAzNTUY3Mxs&sigh=G3ZPWEqh2Ow&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNVoapeGRJN9Ufe4X4gAUjhAv7nqu1d01_fCxVh0tiVr0NUk1qQgHwVwQusx-w7UHoKilwRDFTJxgB&template_id=509&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 05:21:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EC9A
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CGdWO1kg7ZdnsE_rS7_UP0NCrWK-fqsZzyfeKydURzOSupudAEAEgueCneWCV4pCCoAegAc32gp4oyAEGqQK00IIZf7mxPqgDAaoEmwJP0F6DKuZLMYZd-oKewW_LJHmPuq9IbONghxjY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216955236417940727065%22,%22debug_reporting%22:true,%22destination%22:%22https://dunlop.eu%22,%22event_report_window%22:%22...

0
0

154ms
74ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216955236417940727065%22,%22debug_reporting%22:true,%22destination%22:%22https://dunlop.eu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210800380749%22],%224%22:[%2210-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217039075372065185905%22}&andc=true

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16955236417940727065","debug_reporting":true,"destination":"https://dunlop.eu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10800380749"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"17039075372065185905"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 27 Oct 2023 05:21:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 05:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16955236417940727065","debug_reporting":true,"destination":"https://dunlop.eu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10800380749"],"4":["10-27"],"6":["true"]},"priority":"500","source_event_id":"17039075372065185905"}&andc=true
access-control-allow-origin: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame EC9A 42 B
64 B 59ms
59ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BH5kBBhZJSVJ2RI3nBS--yUw-3wc4VG_Rz2zpVXixTq89LwmhQafasl__l_i0-Lni7-jEf_k1uQ7K31OaD59w0iOfFioEDF-WF1BtfnQ_CfFGfny1og8wTiXj5JerOL21c2N00vLS0osUf1IUip9EJIWupug&dbm_d=AKAmf-AoMciXwBj9D35TfsayS4iri-qM2b50QZ01X8aqoC9CxJ5wNAUq8YnUy2cA2USN4pZZUdMuV6V8THpeQl7GIziMnlVRA4eYPhHw_q9_g-kS1T7G8BsdgMJQcQJ6BTOHOrpR9gxK9-hBX5UhRoWxZktxh6g9jrD3srBGJG7prgwcVSJBU568H0g2RzR4pOkMt6FlYFgGaoNDVF6SM7Xz6MTfFdnV2p7zGjtNs2SwQ5qPSCg-QDd-XLlW45-BqquP6dlLZ1oeJAhyDXabOs6ByZbiskpdPGoRqxa2WYC7nk62FbJLGY2JnO55726tvqBovdc1OtysZPqf6ev6zeSPnV_wBQSai77CBr8Fb_PKXVT1cixHt51ZkcTtl_YAXbCDNaqCfJPd2tRzzNagYPTmRAnEXwQxOQPlNk4waGI3DALA4kvNb5lG7QKIGTYIZUeDJ-62hjHnEemZIWNvq2iVBJZiMrNDfu1stcN56wABj99BZCuZ5849jQV0E-v-k3D59k2MWbA2zAmnuw-cEZt4MkvpcwOzay_lZhdIL_S2nTUYlSMSwCSL8vL9TN9X6V11isyvTA0ObeLpoQMwy4HhdswAlGQx53XQcKUknBSj8ipDU5RTmWnZwO1Mx0UML7AKW-EA30szDahud22s8rZLh4UDlq7K-iXfQUZUstGqAbK44B_LWee0I3FquEhPl97_4bgerGjaG30rRYkg5eREMdiH_Qdcu0t2VDvlZ8LMvRAalf4ZuiPEXVpb5tRQkNqLYm6bbqg-Xpbl6ZP4v7sTEKUwdtM_kMqBHCiUh8YmP8MkC1dbtkp79fwWg3E9eljS5treKS15y_DraCkH_DruglBc0MSiht1Li7oWT712FMAvP3xmO46dJWuHxNFCZ30fJXhnVuAXjhSXiy_DRHDbRiOBNDdHUjdNeRF8-ssWp3qB_W5Nl_KUgco9RoQo95oFRSvgrCTRbAAuRJnAnUZQq5OE7GVQOrk2WbTP7H1wQUeszTVpw_3JcL8DSdvmlZ6vgLg_K8QcrZl1ZigEliv2wpEgSZFqgx3bFL8kzi3RrSHzdcGzlPRhN_dAhsIQcDF5kA521XguUOb_3AbrZlmOjDSC8pAM8bxXie5m24zuDtC8wjhNsDPuH1SzGO4tYqYydGAthT2asphS76uYtZlu3hSAzjwVolWWgliCdZVIw3GdP3F-rAeB_T2HHjsTikUX0tSNcb6LzOqo0amn9SOVfq8Ia9ZMALOsIbltDs3VDrpl5tO7ZFh2JnP1bZ9iioaVGyQ1twXMSJgDGPVIoqqJtNMbM4erTuoYTpFyHOzej2N_LD08TbtA1nRRRDvaW_XgPTPQspoEwSbZUnUewvQzE3jFoRVaIei7YhzunHe7Y-X9J142Fr4GJRdimgyrn3ww5FAGvh9Jlm__9EgACI5zoqwYnmjDk4tSDsdaM3OR8ejlXCVLhimD6q17klk97q1Sn8RiINboTXvFT6QrCtSJg5bgnJCZeL5I7AcSFN3yABiDSPzCU4EBqgXmtS6f0dzgHCfSgAk9-Ask1U33HVO71-zSaJpFcgjTM5ccxf-azuAey8OnylmbpsQQ0Loe3jwhIv5LWtL8lEsytBD94kdj7qFMRY2QxCtE6CVkx7HR1HVkpfCc1L1JLcO4UEUPRKakNsqz10Ataap8C790brIiY8cE6b8bIXckMeKk-8wXqDp86C1ujM77wQWy5XFD_3NvhnDMsxs7UT97VnacbUvIJSTVR5FFkJwB14r72DBs1U0-JhHgJue_yM5q7VZ-HmulwLU8TniaYnbPt_xMAt2XffVDZJ9dpKV9rCBS0f_BOV7svmchOuaLgkAgbjsBxu3TpK4dYFyjn9PoftFQU7AqBdq-gSrQNI9dhG62bOVeEvGNaiwLLQZcO2eiPQu3CfBe6AkVd41BjnXvnkdbZKjKveDtkxeSVeq-S8oJ5qEx29EuGThV_iaV4KQrTkuznUvoKayiUDG1ICrDkSjj-xfuo5W-RB9IF8uwMZoSt01Pqmj_2vYXxhvB_kzDF0XqW-T6lyr2e8Dv0AnAKwDRdp69g0YbpteN4egNPd2ajac-CeJMCjLNpWxBzcC8Dx5soJoBWMQ2lsBiUrmEoS_GLcZ83JwCgvhZERruyHXkk9N9dbt7aO-rfSi1Dyk3MkEHnhMo7PI2tOBnMKLZat8US48v2r6DltbdYQ92FJ6sNHZeymJDYS1ly19bZEh2iUf69ibDi7As2NGTECuMTUX_T7pp1qz-dtLRskPmbCvyF8fys_lY4Won4MImA0w1nOxG3Eu9R61U3_5TCBFGXMUuaLDf6Ptw9zlOj3EKgRNpO6_-Ovv9wE5k5pb3TCNBU-oXwCdIiw3SmXyIA1ehmfKRDcec9bRFm7wH7o2wHFNJBqZ1YrN4eFxHsrXyXZVRbSSZ0ss1Cmt8x-hIC_5yHB7-sPl1_WysVz4IfTFLbSC18Guxr2gtIoxpZxJDc8RQLfg_Um3nRwLBsCeOkbKIxbPaK-U3BIh3-mQPN3TlO0Y9MBgXsSDOt0-hDyeX27Y2fKcKUlB65-subm6h4FPZosg5J7vDwrBu0WBd37qUwUwUSlBvaRayVLQfOrkoT9rtqxfZhAPjQjiXQLz2s7r4OWN8ebtlCZjg0QFoL2DVQ-rrllCwj3MbxOHOEeDMYgCavPdRS9W-FTL9u-UyNpM8UhJoZtMmi3D-zf1BzdXtOEZQYXPwq5NOBBjfAP5LcDLxjQWJ3J5dLVi7iKYcmaXGVmZ9VyYYCGRUdFL4fGofOdMv-Dtv7KQbhxULlisZrZcSJtgNJPFF6WMyX7oqZ4JJ8RZ3VV3ob2fkqWR94AM1ZyMX6khukc1Lu4mHhUJs9G8ZArF4BeLO079S0UvyfJHVjaClaiPJpxYtw7v1ymGUBx7bM5PilrR4BnRYrDxGJUXeTawJzd1WM4XNoSWhPvE1htekXqeQi5hezT4No3yup6EUIDix_zo84E8E70x9CzzxCzepSIlw4z7p1or7Pbv4J5PY4Wct-T8RB5oEKIi0hRLgoBE9VRnlmhjUljCvCLsC5EfRFt_XxLTXCprOSDFHMVvIRfoH9iOrfTRUf6TOlBnusi68fV379Cr2FnvygBXyJJMpeY9LomWHdYdJDluajJ3UUZjoXUX5aZMg6-WLz3uCpOboaUhLeeBuVB1BPTQbT1ycwo0eBmvo5jdZLQFZCkH7l9COUc3XLq0P4Jg8viZCgGKs-UQ4d-pAH9IYWNUlvZuOAlGFx0x_0pKmmvfVAYhfPt8nOHw75aLedZZUF_poEqMGYfAwDei1jZSiCeosq_9birn88pIEAeBdqMLx7Rd3N49aR2FsKmgLfu3I4_T0E4VipSAnSzlh8TA77aIoOBw054mI0v3Puu8vYwgMZKdWFTHWe0W0k25no84Du8ByXSpi2Ur8HDFtRFOfl7LxtePZDV-gKLvesH_vZv8pxucBuQZZ6ckQlWdiMBMYwVkif2mrKkyu6FFCRQ3ljZwG5Qi4zRU4yFj54W1eG8YLGtydizecXmIeLsrSqhTCRDz32oh7f9AyKqi7kVrZVUe-jQJdXt0WHROdYP7YigRt7RWuJ0OjWYZic1QEJsBehXqZsIqvY7QFqhQSQlSPKyY5-uAxJ324NKiZy_MmfQxp5_IqW5Q-0nux0r8LvlQ9z05gHNnk9V3_CPbUOzqEPgOngNM9IdHHH-6XkZ-X_ooSvkSctKqODkgfCwtQyqZDkhwpl-CHQQdjPgNUuE8-3EzT-DKPrpuLaqVZusy08xT2zhOZrcQpB-311f6oRvIcseqhTvdwEqX5fsZ4zwzO5aF8LqdhqmkoB3NmQP85RONQ8IUEnw3Zx-Xzn_mt-usk_U1nM36EDUlncHRX1VwrX5elMdtPGA57KRT-HN7xqRcFRTam4bCuEEvF37HtBg&cid=CAQSPADICaaNVoapeGRJN9Ufe4X4gAUjhAv7nqu1d01_fCxVh0tiVr0NUk1qQgHwVwQusx-w7UHoKilwRDFTJxgB&dc_exteid=31329656586803640378074475807449882&dc_pubid=4&cbvp=2

Requested by

Host: 0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
URL: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 0
623 B 179ms
71ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=%2F21708449227%2FORE%2Fout_of_page_default1&ists=1&sz=1x1&cookie=ID%3D9fa781a853e735b4%3AT%3D1698384086%3ART%3D1698384086%3AS%3DALNI_Ma4ArjZhQEHOfKEaBr1a5M9JV7dMg&t=page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Duoregon%26cbs_site_code%3Dore%26content_id%3Dnull%26sect%3Dfrontpage&c=1698384087387

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://goducks.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 05:21:27 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://goducks.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30B6 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHbZ51kg7ZdrsE_rS7_UP0NCrWAAAAAA4AeAEAg&bg=!rK-lr-DNAAbo5yKYyOc7ADQBe5WfOJdNmPG01IyGZLBfIfNyiWJ4JQsnY3BbRN-tIf7SE40m0I_KSxr3cFmAAcA6QzUeAgAAAFxSAAAAAmgBBwoAGiQSbR_D2knefrydWlA83e8OHLSFkQaCRDDLmQNjjtjp4ATPvrYtnQh7ejF7CQn659NBN98s-QfsrYfWonaX4oFEJDIEgwlzHwGMRN2L2tqrdGIKfQXxC525UGoIBLZEaUTmIhgZLrjHOa49mVgkL9yn2zmjHVywS2mLK2fqNE93AEuX0HSLG7pKFdpLDgxRqV5-JzDnADtoeYCzl3F5XaCPJa6pk7GlRJppL2LIh3dlGxjXgpHOaxPrpDatYH3BY4xOXbuVNyxAqUpU6iPlk4dIiD9gEajizG-hIAYxOFNwbS_0Hlo18d8kcFa_V3SSQlEY2tWI4jhadCSBorPRpE8XNDQ1kUyG4UZvU0kphvp_FFIsYikCYGCRR9xgggYEUojmWnCygUuAUFg2YgUNFzW5rfeozzFD-fvCUxM_vd6q_sSD8oUXBqhPwg4ofN282_BlXkKDJqvF8wWCiuN69scyJhh4vigYCF0lXoUWbuYh7oDkb7HtPr2LUTIPY2IjveEONHULKsV4VmD_u76X8f4jeZs5biDDMJBX5c9QENiJJS1At6kAUOxHBRUZhTTZzLjiG1_5mkHjvBssVXgh38qexzs7F0KDw6GyJfbDDXofCt039Ez02gmQXZe6e5g0nMTAs73UZhKgrFyhZjnC0rCRup4tI-Xtau6bW29XQ3OA3ZVQJRmDX6sUHct0Cv2WXQrqbqiyckw42OL6zNzMOr3VmnbEDY0B7YNwGXaeVpo2mCrmw4zsKVMIo0p1APapZDSbS1sFduPDG2aZIS7_qhU260Ugqj_kGqUc-hniiEjnjzOcs7F1qpoESebvHNX0BlhsyEQC0Ie1QQ12LrHKrOORv1iavNGLpTmFEAALfsghPos3JqyK9ctjC6zoNadQDY3OQAuAX1hFblt0Z-x2yksx0-yuwC3nMd8IspK_IHBQ6XQJKbj9qff4bSaYZn21EPtcRSa5NNAyK3JPy5VOoDxCy31T661BfKVLbRh8kRFzIifDO7jM7W7qObFF5w8pj7tU0qLIcft6acPeBDJLVMepDv4YhpQFcaXqzeqLnkrt6K6KsCARbRIt9f0Dke4eJtFkkcOYutvWogInTAtuGLFQ4hQldYrZmsiSML7EoAC_JD8H-LK2r0YoDaLmK-Cl0ob4p0rmW8k-YcxA9aTCeb3ogQvEDZJ46VQtuKkHsKzA

Requested by

Host: goducks.com
URL: https://goducks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 162ms
72ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 05:21:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCF2 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIQvocAE_XytZNA3ERBnhDFmNzkPMLhJd9nu0IqdlXqvt8BS1Sgnqh3dI9ScwGdv2pW1TE9tuA4H-WyjwyKkcx2MA9tUbAw2lk996rdKyfdNHK_McehmiD8VqmY8WilndPReYuz6vzaqgg&sai=AMfl-YSd7NgTmGldkxcAg9RkGAqQkCYbqHjgBeWrq-mWrWBpT4_OlxsWS9zwz8LpXmOfYosLIsj6neBkAaFWrcS_T5pqyT1wm_xejLU5V2X2gwHStQ5G-9IuX8YWDcCz&sig=Cg0ArKJSzOjyTR6kQehwEAE&cid=CAQSPADICaaNVoapeGRJN9Ufe4X4gAUjhAv7nqu1d01_fCxVh0tiVr0NUk1qQgHwVwQusx-w7UHoKilwRDFTJxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=71150478&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698384086914&rpt=304&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 05:21:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=uoregon&cbs_site_code=ore&content_id=null&sect=frontpage&r=goducks.com&server_name=1115364-LB10&path_and_query=%2F&_=1698384082002&user_id=9c3ea858-92e9-47c8-9515-471f2c812a03&session_id=3b9323fe-8c99-4240-8ad9-8a0b0d63f98a&pv_id=&traits=&count=goducks_com.active%7Call.active&_=1698384083074

Domain: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=uoregon&cbs_site_code=ore&content_id=null&sect=frontpage&r=goducks.com&server_name=1115364-LB10&path_and_query=%2F&_=1698384081987&user_id=9c3ea858-92e9-47c8-9515-471f2c812a03&session_id=3b9323fe-8c99-4240-8ad9-8a0b0d63f98a&pv_id=&traits=&count=goducks_com.pageview%7Call.pageview&_=1698384083082

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
goducks.com/common/templates/dfp	1969-12-31 23:59:59	Name: f5_cspm Value: 1234
.goducks.com/	1970-01-20 15:47:50	Name: _gid Value: GA1.2.1640505450.1698384082
.goducks.com/	1970-01-20 15:46:24	Name: _gat_tracker0 Value: 1
.goducks.com/	1970-01-20 15:46:24	Name: _gat_tracker1 Value: 1
.goducks.com/	1970-01-20 15:46:24	Name: _gat_UA-180624321-31 Value: 1
.goducks.com/	1970-01-20 15:46:24	Name: _gat_UA-180696617-1 Value: 1
.goducks.com/	1970-01-21 01:22:24	Name: _ga_Z369JCZLY4 Value: GS1.1.1698384082.1.0.1698384082.0.0.0
.goducks.com/	1970-01-21 01:22:24	Name: _ga Value: GA1.1.1255101797.1698384082
.goducks.com/	1970-01-21 01:22:24	Name: _ga_HJBB2WFF1V Value: GS1.2.1698384082.1.0.1698384082.0.0.0
.goducks.com/	1970-01-21 01:22:24	Name: _ga_2DSVCG2VFW Value: GS1.2.1698384082.1.0.1698384082.0.0.0
.doubleclick.net/	1970-01-21 01:08:00	Name: IDE Value: AHWqTUk4S4lacl23UeAJweRZ1xIbG7OUcRsMis33tNXAsk2EK8eMNV6TqYQp1jL61Fs
.w55c.net/	1970-01-21 01:15:48	Name: wfivefivec Value: YRZwD5LW1QWfhF2
.bluekai.com/	1970-01-20 20:05:36	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 20:05:36	Name: bkpa Value: KJpEnXTLu5Dl1Eu6+n9FuithpuMJpPcn0zpBnnWNBa9g01M1vfW+uYboDePt0u2vExz95cAxY9==
.bluekai.com/	1970-01-20 20:05:36	Name: bku Value: f3999BB/mtVCK16G
goducks.com/	1970-01-20 15:47:50	Name: _lr_geo_location Value: DE
.goducks.com/	1970-01-21 01:08:00	Name: __gads Value: ID=9fa781a853e735b4:T=1698384086:RT=1698384086:S=ALNI_Ma4ArjZhQEHOfKEaBr1a5M9JV7dMg
.goducks.com/	1970-01-21 01:08:00	Name: __gpi Value: UID=00000caa066a044b:T=1698384086:RT=1698384086:S=ALNI_MZZSWoLFjuuT0MSjQ7seW2jtfVFfw
.doubleclick.net/	1970-01-20 20:05:36	Name: APC Value: AfxxVi5jnSAiFq9SonIUKGTEDJI3OpSuw3VLj-RinFpe_ujMxqc6dA
.doubleclick.net/	1970-01-20 15:46:27	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:56:00	Name: ar_debug Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://di.rlcdn.com/api/segment?pid=712104&pdata=source%3D502%2Ceventtype%3D1001%2CdivisionID%3D769 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0013/3692.js?471773 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ca682ab5f86434c79919aa9c9bdb0ce.safeframe.googlesyndication.com
5995852.fls.doubleclick.net
9590786.fls.doubleclick.net
a.ad.gt
aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
api.pac-12.com
ats.rlcdn.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.attn.tv
cdn.hadronid.net
cdn.id5-sync.com
cdn.krxd.net
cdn.transcend.io
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
dbukjj6eu5tsf.cloudfront.net
dff2h0hbfv6w4.cloudfront.net
di.rlcdn.com
dnn506yrbagrg.cloudfront.net
do2ufdrk7dzyk.cloudfront.net
dxbhsrqyrr690.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fonts.sidearmsports.com
geo.privacymanager.io
goducks.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
id.hadron.ad.gt
id5-sync.com
images.sidearmdev.com
insight.adsrvr.org
lb.eu-1-id5-sync.com
pagead2.googlesyndication.com
pubads.g.doubleclick.net
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sidearm-syndication.s3.amazonaws.com
stags.bluekai.com
statcollector.sidearmsports.com
static.goducks.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tags.w55c.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
statcollector.sidearmsports.com
108.138.1.25
108.138.7.78
108.138.9.235
13.32.121.126
13.32.23.129
13.32.23.210
13.32.99.105
13.32.99.122
142.250.184.194
142.250.185.134
15.197.193.217
151.101.0.68
151.101.130.133
162.19.138.116
162.19.138.82
174.143.40.29
18.66.107.155
18.66.122.103
18.66.137.76
184.30.211.26
2001:4860:4802:34::36
206.225.81.54
216.58.212.162
2600:9000:21f3:e800:1c:9484:cec0:93a1
2600:9000:223f:1c00:4:cc99:4000:93a1
2600:9000:2250:8c00:2:8531:afc0:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700::6811:180e
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9b
3.120.0.219
35.244.174.68
54.231.195.81
54.75.204.82
65.9.66.97
69.192.160.219
74.205.81.135
99.86.4.128
008b1ae2c318aa82a22e4ef16417939de40d67db86c7572028c482e8bfb74bb2
00c3154f069d899f00bf44b191222e979d09d0620850336181f9c48b30bf3440
02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c
038c56ae564e1c946764a09cb3cf56ae853f3972044fc4ce74fb533f38eefdb6
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8
041df148c8e60b129f3394dd0e4cad28e85f7f73521a6aaa7e3816a2feca78b6
0485700fb7fc45432e105703c197bb4819b23717957dfb13fd3223340835b027
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08bb3dc8ae75efc5ca18f010f39df67b9f40ab316a9c325da9729ea7cf9c7bee
09072486ed93dfa3d9ac016e048e68975c74e559cfcc738bbd66f068a3caad88
0a0215137ce700afa1dc58f7a691fe65f40225a0d6679f8073d2fa717315f970
0e1d0ff198e698a3ce33beca07a80709575ccf267e2c37669f581864be5e435a
0ea1df866004ee1a2925469c55c5e88cb47f614129975ecdef0b867c9d2b5c6b
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1040e27124b00779fabb8555849cb1ef02c0ccccd3e7b5c2ef967e6b0b92c80e
14d97a68fcca1239d7c8d704e7d64858f856c12975f069300d2de8639ef007f4
1686a7de306c844af5cbe78bc404917d8eef6f2cda6a22ab173796868470555e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cf3849ac43adfcc220b71352d979a5c464b396f051a9c46d475e0eb30077474
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d810808b13284ae0094aed7fc23b85e0770909ba01c32f6cc6b045ad139812b
1ebc5189dc4f5f89ae199f406b14b8dd128a9c5b1d2d3df24a9f6fd47d76c55d
1f69154f1d404781877a9fdd29120b9572fa5ee18b79ef752e85d9b39a068ebe
21390776c3d299d656aaaafacdb51021198fb5685edd43058a1f22318100d313
23217e7c2b9a4a8f1c0633f2bc097ed8441e22c873c8f3e267a1c79e5853a611
28de15b0da1a7553e6da9fd7574daa4b371fd6ec6137bbe36730926e54e61472
2926ac85491d8f89ae129ce1318a99b51d0991557811c68472279e2130a34784
2b4143ffb5c0bc7b8f5a18b20778a329d085e2c745c221eb43a2a20bcb3c2ee7
2da3c2ebf4242198e5aa77bec1a678bb75b19a702a410667d74045165df481a6
2dc53fa38136344304f1bcb5877cec11aa83057131ac60280c46eb6f3f8f29f7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318973af5e8789fd568c1f126dd7996bd61cec6af9f5dac02dd83fe94513c33e
324ac5d2352f7f13c24386798eae9ac98c8a32e69a65ebf0789476bee0bfdfb8
36716b54b91b63cee454c98d006bbb80ddcf6526d112fe0d2743ae60d0d2dac6
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7
3eff0f036032ae7061bf0848b966f9fda83d9468fce131910a9065b7a7c8c332
40357ee400decbdbcb1942fa64c41a2ae6755ce90443cad431a9dadcd997f6bd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444963e1e31f8fc85c130de4b47ac44c1fbbb895af2ce037d60e0fa33536f5f6
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4a7c4d1e52064ef50a71f570c9d763e3dd5b4b915635d4b12b0113a646eca2aa
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4f189adefe2d93c9e2a696025a78cb29e4dc4da578617387cc263233401be773
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5c4c61d15a7a34fa8311ed250ab7a4052b4a98d28ee50f76874fb39f73c9c128
5d899346b8df4a2d4f7c2e18a1a350bfeb08c2666483ededb908cc5dcf05af5e
62d3bbe472a011fc109c43776914c4a8b69b541ca7aea925ef921a3dd3d4390e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
7159b1e57dc6cfa8abd3a69a3ae0c6de500aad6566d820b9c2588ee653333cdc
72841a7806e932e2d3fac53878a79305b61b1f3f3dd7183f909fa7ba11495a49
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
778cf4230d8a07c6a1792db5d272b0e533ca1879f4c332241aaa4f7f84c1332a
7860b2f7a448c6a7b3878a6a51fa5696ddeb6aa4cb40faed71645804ff747ef6
7e3cbe80de505ee48764f5057a6e43938322d0bf51754b035c5104e4627aa32e
7e69d105cb0e7119238aeafae1416ea52065a799c507adc9ae953b2463a30812
7f1950abc6e6c61b21446666705924af293529ca8f79655c6f1fb57d3331e898
800dfe37b71056c7dc05daaa19fda89f0de81d304721412dde451e9a0e954482
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9211aaa931a79cdf3beb4777235e2148c80547ed12ba403f5a4c932a89962ddd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9753865ca3ce48f93da47f024fdd79a560e43bd55c013ae72ca41f6da0105227
98184d755b529e30005e5f66084b2833d4ce79f47b94bcd7afcb94519c159639
985ad19913095c1a20df33be2d5314dc9b3bef2ec5f8fb1bbdae3ea6925ab36c
98b2c1b3074bd4c0229001caf7490f2a8c277b78043d4d17a07766669b01fe77
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9
9d1ff09a09c642b7488350956725baac5812f8d0183f603e633c5bb98a06a9e6
a174fdc35bf7ff77b43310385a6daa775769839a865fe9e8135dcddd85a03ef4
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1be05e0bb17b8299dc3cc9fc3e289e1c95aa73b91dffe76b4ad5bc188bf2442
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a5c6bc4e378da01c442658af8420573c95d889142e058e7dd3e5d643fa5a6608
a5dcdc44f22d8eef8a86540553f2dfe4c2ab28d241628b30f00560d61a35718b
a66d60b778782c5e78eff99247766b1ff3d56f138d8a5e5eae1403e0985c8fb9
abf22f7e122cc1cffd612eba9f5968190ab611627e28f7fb269d96df4c1396d2
ac2eb7a730e21416b8cc390fc7922f36e051d948b08793d9fc84332c206baf31
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b02b105f4759592e324361810f8cd07867c05885968392752fb09d02bc744b75
b26e29ca0cea08db83b399715875a39a6abe6f7150d19fbe8ca4305defaf3596
b5d45b212d6fe7e611a6a1c8d62cf09a4f0d1a99d9094fbedc56ed8c932d0bc8
b6493004383769e5f6cd3b7679c4765df4ebcf65331b1c59874468d61db81f49
b6d53290e4dba8e1e9a6c5163e47cddd9a42a75986028983f6a21e4d7407db80
b7c7c439ac99a9b55bc2210b067ab6d443705f2c2e22cfa9fa21ef065af7e075
b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b
bbfeb01ae1cf30eb2dd55d5903cc19d872fd41570b2fe35781aed28618d22261
c045e372bd0736e245d914a2fd9208ac97ba5c2a0fcd521030839d1d09c96b24
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4e47cd3ff928b0d1f5eb4a226b82d820c3e2c18783d3b90ce17f5f5f29893e2
c4ef7ec47986932b8fa1d84cc6aa4a202d47e0c18775901831b161101a9c8ada
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
c5c7db96208faa00e366cfbc7ba95c32cac944af9952f03ba80db22ea1354abc
c602b6dc9a9a0796f3301b161df700920336416bef6c5f01e6f3fbfa02f2b8e6
c7b1ecffcf1b89cf63a23e51c88b884a1c81be6add284522bd06cdc8c07fad7b
c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec
c924aa28cba571e086a80fa40acc863fab4a5cb182331b24275123b356cf1f9d
cb25d49daa9c5d72c36760709a04c40b580015d2b8ef752d43d5a6978fb202df
cf89cb6711f71ab5de878704b51adf8ecab55e6909c682d3cf4e0c096e173ad7
d0c48e87065b92363073c8482b79c74a59cf418c786ebba66bd5ed598d58dad7
d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135
d71bc81d106f54252eda85c7fbad979d6fb208a906286e2b6235accc9bc1dc62
d848d222c746f104f65042f344ea5c4ad5c691ceb306789fd511e9f10724914b
d9e785f3874e20e4e7593f8f82539f4496daee04cd3743e9430d0129531859fb
dc5202424ea0547c7e8e2a1a0629ccac7f5c0446e862727a17d3820bad68ab77
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de62772d1bc8fe32bc280dd794b1c36a8737bbbfe699a0ca8c4f4ac77d9a198b
debeeb9b8a661171d29ef4ea1e0a68d79167787f17740582019f6f6af14ad4da
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2835d80b6411495935bae8411e0b879708edfdd4fc8534e3dc73a6ded9243ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e535e80fc61102c80da82b16460959095afb4ef8dda790d9daaf5afeaea0ac0a
e5b436b66eff53ba67568df11c78d60a603364fe45831ef7574d8cad6677fc3b
e6b37de8a736cb282c61dd07fc248f6f4a071c4b09180fb3a7c6c7b1598e7eff
ea7b9001cf3615ed551e9b11b91ee31ba4288b746da33807c5335f8c41133a10
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f304369c550f03c947022ac1d7d7b2ac99d1a86e64635bc1fd2ca3f6f1cf29f3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f675b08dbfb7f4c53ab4ad636bb6e4c7769db0043e36b30c292f92577b698d40
f6de66b647795dab1a3ffe62f5f27d63495b7d6a09e99cb4de0b1d05f716e6b3
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
facdb1cb5e5599d37848f70623ef7ff7fb9c4178dd72031668bbf31435992fad

goducks.com Open in urlscan Pro 74.205.81.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

87 %HTTPS

45 %IPv6

35 Domains

58 Subdomains

55 IPs

4 Countries

9664 kBTransfer

14228 kBSize

21 Cookies

108 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

goducks.com Open in urlscan Pro
74.205.81.135 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

87 %
HTTPS

45 %
IPv6

35
Domains

58
Subdomains

55
IPs

4
Countries

9664 kB
Transfer

14228 kB
Size

21
Cookies

179 HTTP transactions
2 data transactions