www.ducksters.com Open in urlscan Pro
2606:4700:20::681a:c86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ducksters.com/
Effective URL:
https://www.ducksters.com/
Submission: On September 29 via manual (September 29th 2022, 11:19:24 am UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 96 HTTP transactions. The main IP is 2606:4700:20::681a:c86, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ducksters.com. The Cisco Umbrella rank of the primary domain is 41878.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.

This is the only time www.ducksters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:20:... 2606:4700:20::681a:c86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2600:9000:211... 2600:9000:211a:b400:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:c6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:9000:236... 2600:9000:236e:3600:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:5200:1a:1459:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
16	2600:9000:249... 2600:9000:2490:1000:13:7c50:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	52.215.141.21 52.215.141.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
6	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	3.91.171.237 3.91.171.237	() ()
96	21

14 2606:4700:20::681a:c86 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ducksters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ducksters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:211a:b400:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c6f (United States)

ASN13335 (CLOUDFLARENET, US)

www.kidsafeseal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:236e:3600:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:5200:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

config.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2490:1000:13:7c50:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.141.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-141-21.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.91.171.237 (None, )

ASN- ()

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	playwire.com config.playwire.com — Cisco Umbrella Rank: 4196 cdn.playwire.com — Cisco Umbrella Rank: 11711	176 KB
15	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 4002	107 KB
14	ducksters.com 1 redirects ducksters.com — Cisco Umbrella Rank: 41811 www.ducksters.com — Cisco Umbrella Rank: 41878	152 KB
11	googlesyndication.com 8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 143 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	91 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 385 mb.moatads.com — Cisco Umbrella Rank: 642 px.moatads.com — Cisco Umbrella Rank: 447	184 KB
7	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 4444	79 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180	176 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28 region1.google-analytics.com — Cisco Umbrella Rank: 2852	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	8 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	116 KB
1	amazonaws.com kinesis.us-east-1.amazonaws.com Failed
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	44 KB
1	spotxchange.com search.spotxchange.com — Cisco Umbrella Rank: 504	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8962	792 B
1	kidsafeseal.com www.kidsafeseal.com — Cisco Umbrella Rank: 9145	19 KB
96	16

	Domain	Requested by
16	cdn.playwire.com	cdn.intergient.com cdn.playwire.com
15	cdn.intergi.com	www.ducksters.com cdn.intergi.com
13	www.ducksters.com	www.ducksters.com
7	cdn.intergient.com	cdn.intergi.com cdn.intergient.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	px.moatads.com	www.ducksters.com
6	securepubads.g.doubleclick.net	cdn.intergi.com securepubads.g.doubleclick.net www.ducksters.com www.googletagservices.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
2	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	z.moatads.com	cdn.intergi.com securepubads.g.doubleclick.net
2	config.playwire.com	cdn.intergi.com cdn.playwire.com
2	cdnjs.cloudflare.com	www.ducksters.com
2	www.googletagmanager.com	www.ducksters.com www.googletagmanager.com
1	kinesis.us-east-1.amazonaws.com	cdn.intergient.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	search.spotxchange.com	cdn.playwire.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	mb.moatads.com	z.moatads.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.kidsafeseal.com	www.ducksters.com
1	ducksters.com	1 redirects
0	8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
96	24

This site contains links to these domains. Also see Links.

Domain
www.kidsafeseal.com
www.playwire.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-07`	a year	crt.sh
cdn.intergi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
cdn.intergient.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.playwire.com Amazon	`2022-03-13` - `2023-04-11`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon	`2021-12-29` - `2022-12-08`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.ducksters.com/
Frame ID: 003CCEA2BEBB104F4FEC8C62BD93E530
Requests: 63 HTTP requests in this frame

Frame: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
Frame ID: 8AFE0042B8937AD663D9867CEEE93F35
Requests: 14 HTTP requests in this frame

Frame: https://8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FBF81144F00E22F16B4DDD28172D7DD7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJYiY1mGS5g6KlfRsaTFYvaoW36D-sKVpLJ-yR0njq4sizv_B2aRrbKvjZkxIO--AEIteFVrpeKnKz9tPUZ7wV7m7QnY4c3lEJy2jPx3mngbPrp6O3Fvn98vAJnODg9Kkkm0lG1-qWgL2SNWn18bjsgcXDBspKQOk9PnLDTpFvPFUO0IGUEw91pMR4r32MWZXpThZNoTzae5X7aE080AW9jFy9HLx6SvWI0AAV_I-rYmbivdNX0zwAH2FuYwy2tc3ArpuyHJY7JmD51iiXv6GGFvlj-mo4ztTnsFWyFRmQB040Ze9ReJuLro49Va-Dtb6A04G-iFc1CGIZsVenZPtJmqy0SZoB1y3JrGk9IBkk-kwDCwMmRBc0Xz0yd8ZRiReN64UZXzv_wWoXkzAbx-gjjKqXu0cmQks&sai=AMfl-YRBHET3nybbenZMxiEYky0CgbRsn6_Rz3phaZy2P8jHaZqAGzLKFif1_4c6Is0t0dFsigV-EnpKiGZIw-iet9GYl7kuGa7xpYCyDvxvKwq_kPkzamKB33GSMUz2UVI5Z4eKrA&sig=Cg0ArKJSzItkQAov8MXpEAE&uach_m=[UACH]&adurl=
Frame ID: 010A4D035C16BB0A575D1264F38FDCE9
Requests: 10 HTTP requests in this frame

Frame: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Frame ID: 064862DD647E971E43003BFD143A1415
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F1630C2731D03AD9816CF32E2D6B079F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F2C69B9C36C01604414F4DA644A9022
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ducksters

Page URL History Show full URLs

http://ducksters.com/ HTTP 301
https://www.ducksters.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

98 %
HTTPS

80 %
IPv6

16
Domains

24
Subdomains

21
IPs

4
Countries

1174 kB
Transfer

3340 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kidsafeseal.com/certifiedproducts/ducksters.html

Search URL Search Domain Scan URL

URL: https://www.playwire.com/kids-club/
Title: Playwire

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ducksters.com/ HTTP 301
https://www.ducksters.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

96 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ducksters.com/
Redirect Chain

http://ducksters.com/
https://www.ducksters.com/

19 KB
5 KB

96ms
58ms

Document
text/html

2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a4c49f3f3ff370f9fb53adcbcd1b1a37c7bc8fdb74089a8a22455babf02bf4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1058974
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 752452b26cb68fd6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 11:19:18 GMT
expires: Mon, 17 Oct 2022 05:09:44 GMT
last-modified: Sat, 17 Sep 2022 05:09:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXuifiqndBLANs0p7YsmoZAEJwb20NPGo%2B9lnhAYs5rQMuJU4oliSlllY%2BFF7Qm0zUZ6SRaEUQKZ4O%2BHG%2FNGNaWKzCWwgGqgY53LI7Hx50nPPRrHiVHIJ9ODLvlMNfKaEzNk2UYRqGOEwyCMvv80"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 752452b1f84f9142-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 29 Sep 2022 11:19:18 GMT
Expires: Thu, 29 Sep 2022 12:19:18 GMT
Location: https://www.ducksters.com
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77Nmc2a8TBddG3%2FHtYIps7o27dTR9ZKfX3Zt%2Ft6I8%2Fpc5UMKawJ4w2ZqZzpdF3HGsCjzro0A5D%2FAA9sdNeZbmi2Q33y4qAa9LKGtu8CLkLc5DQUpxqt5ofpY4CHq%2FIU%2Bmu3WDulwUCjZ%2B9M%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/ 153 KB
46 KB 195ms
108ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/tyche.js
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 80797fa8bd60f66bd617579ff02f6f0ab079c5189a34ff7183eef3c90d9ba7a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
vary: Accept-Encoding
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript
x-lambda-function: us-east-1.pageos_production:145
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: xT1f7buEEFm0GXsjOKBQhFiT8TCXWQTHKYKSf4U7tUA5B-ECiavW1w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 192ms
75ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-714916-2

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e86c385f301dc4a46357e568d6158c186bfece30776324bf09090ca6a4c8bea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42388
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Sep 2022 11:19:18 GMT

GET
H2 200 jquery-1.10.1.min.js Show response
www.ducksters.com/ 91 KB
33 KB 31ms
30ms Script
application/javascript 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/jquery-1.10.1.min.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2017 00:44:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1060735
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcLrYcsGkJw87VSs0T3jLs1%2BZC%2Bp9rUm76GzYjPmwpfpHVryj7YOoqhT2VutrZZhluzZpqH0Behi6hWmP9TQXC%2BtGAQZJt1wE4HiRQzkuKPiiEq%2BRnZGf3bUtroYOcrj8lxMKorkegr%2FEF0uzSzA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 752452b2cd778fd6-FRA
expires: Sun, 17 Sep 2023 04:40:22 GMT

GET
H2 200 jquery.sticky-kit.js Show response
www.ducksters.com/ 3 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/jquery.sticky-kit.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

881a8e16a9aa3dde622ecdb17620b378a6f5bfb67609d79a63cd610d6f14a1b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2017 00:54:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1052097
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7duPw2%2Bkp5eFmmaOzVvpxzR3f0g7slMxc4SPhLdYPJ%2BPzFitXCC8HQKnvYJgaqiaT3XDvKrP2mnFHp4BiBjuFu49zNEld3CsCc0LuMLZrITuQz3gYjFN6gm2Ta6JMwjhoMl3MSISzTahMbFkmNj"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 752452b2dd7c8fd6-FRA
expires: Sun, 17 Sep 2023 07:04:21 GMT

GET
H2 200 sticky4.js Show response
www.ducksters.com/ 2 KB
931 B 45ms
44ms Script
application/javascript 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducksters.com/sticky4.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d1d2e6843d61701d00bc1081fdc466940c2f596885124bba67d21a6006d9e68

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 May 2017 15:21:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 521910
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDqIXrk6BkNkaACyG3a3Dv0SRunt2Y8fPj7v3fANPFm%2FGXRSd18POPDSKZEYVMWQ5kDLXiCB0y7FbSeZyUSR2NlxukzDMZvLnrQqOzbURgAg6ujsFsoAo20lSpQIpabJWjcA0%2BWP35JLHDacG5Az"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 752452b2dd7e8fd6-FRA
expires: Sat, 23 Sep 2023 10:20:48 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
1 KB 77ms
44ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 840929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQ0KecFmTz9REDU3xRaf1ME7cHA5FQxhMTNhvyWG5M4xp7PqW9izDzcp1trctwnCmh7S0WfI7vuIbxAdW3tpI39YIFf3seZ3zCahY45ufm2vXnGlQaFner5I%2F2nugFH4QQFUtUR0RrjwMMJAHMsBhoj8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 752452b30e86bb85-FRA
expires: Tue, 19 Sep 2023 11:19:18 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
7 KB 60ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 835854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFs%2Fhp6ghLrlkN99AVahTf%2FCz88ovSS%2BtcNqFTLS6SVMHAo8leKqQc1ZFBk2iHwZcNX9HHCwFrpXsR%2FBBrFhEDYG4196rLoAoPKrHHTqenbfwaTN7HZqyZ5C2c5V5%2B5Uxq9kY%2FrPx6jLt%2Fi398qwjfI0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 752452b30e8bbb85-FRA
expires: Tue, 19 Sep 2023 11:19:18 GMT

GET
H2 200 header.gif
www.ducksters.com/graphics/ 35 KB
36 KB 36ms
35ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/header.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 19:51:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1060735
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7ltpPuDcvWPrEmJ%2FvCSeTyfv9QL9C6%2BiauO0l4W9EIB6odSoN9bJdQ7oYVijsxLykgIeamxCFwgC9ut5boKVKjpiCr5M7C8u3f01J2ruvz47Rp6d%2BMjmkuhnEMrVbAsvKWT9eYKhc9MFgwo7BXa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b428408fd6-FRA
content-length: 36185
expires: Sun, 17 Sep 2023 04:40:22 GMT

GET
H2 200 mobile.gif
www.ducksters.com/graphics/ 6 KB
6 KB 22ms
20ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/mobile.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Jan 2021 19:51:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1060736
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzHo2zGQwoyDlOqVcFPtf6RgoLV3ELDAgvOdAwKLxdL1BayCTvckj%2Brfhm98teXnyy06x0ljkZp%2FaeDb5mBEQLy2onTUePvnP1iybJr4QHeWEN8fR2422EUWBqCRbCXYZDlFXlCT2eo17XpzCHMs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b458928fd6-FRA
content-length: 5904
expires: Sun, 17 Sep 2023 04:40:22 GMT

GET
H2 200 home_duck_history.gif
www.ducksters.com/graphics/ 8 KB
9 KB 25ms
23ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_history.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5533851b7d67db230189fe9c85796763ee84ac2ff6f9e60c8849a036fcda9040

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 792061
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ewGj6n3TuXCLwk8Bx98eukyCOxkFCaU8ZKy2iQA7DlFtaFBE%2FonOqZeKkZcg6bqE21aX6GiHAhHhZY%2FAOmTPaP%2BNXZCng3su1RrQNBzMLSEDMidcqJzuv3LEz7Rjp%2Fl8%2FTGsco2L20xN5fbCeed"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b458948fd6-FRA
content-length: 8382
expires: Wed, 20 Sep 2023 07:18:17 GMT

GET
H2 200 home_duck_bio.gif
www.ducksters.com/graphics/ 10 KB
10 KB 30ms
27ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_bio.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edac2e92c551951830e96916a9e5b3c5fe48237eb6436ae85fbefd037a766c46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 521910
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCGAUT6gcLPDUGrNPYn1V6Od%2FuGNHUfqK62PBnt8Fbym6JPyzE1dEp7LaDiyxuI0BrIE8b6jJpj8oQZfN0TR8p0SaQnrnUz87D0aqg12zmP%2Bk0Bs3PL%2F55Sc%2B%2B%2BrUwJ9impFzdVOgSpB7CvJfLxs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b458978fd6-FRA
content-length: 10205
expires: Sat, 23 Sep 2023 10:20:48 GMT

GET
H2 200 home_duck_science.gif
www.ducksters.com/graphics/ 8 KB
8 KB 24ms
22ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_science.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96cc38cfeb78e902e483c17f9ac04f2952a82686542d146a45136421efc7576f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 792061
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFE1v5OFFUbfxelQoGSIONKm9P65BsK96Rfe%2BEzFS8rPyxg4m665jgBE6apQ9h2tX5xAIswAUN%2FRoZxqdaaXly712F9mlDo3rITY5w%2FIVi%2FX4BGuzQkbIidIgRZpWOeqZDsM4uoCNCWWuBPnQq6D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b4589a8fd6-FRA
content-length: 7722
expires: Wed, 20 Sep 2023 07:18:17 GMT

GET
H2 200 home_duck_games.gif
www.ducksters.com/graphics/ 11 KB
11 KB 18ms
16ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_games.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c954a339be44695196534585eaf26e52abd608f43fd6ba1a271a3a800fcc83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Feb 2017 00:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1039953
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYnsebjfdIAbEn7ZIviLt5cpobd0rgmiJEX0Q2r8T4QFnnuUqbrVJ%2F8PGaiGzyolgls8MMhTZ7ybtTEBJ0f1lkXX2InieA7DgCnjjXHCz%2FECk2ynoUwvEsv2i%2F6TmMsB1zQrEtuRQWmtGXBasf8d"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b4589b8fd6-FRA
content-length: 11165
expires: Sun, 17 Sep 2023 10:26:45 GMT

GET
H2 200 home_duck_geography.gif
www.ducksters.com/graphics/ 8 KB
8 KB 59ms
57ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_geography.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cc0025a2b90907913a2586cfc6832fe0da221a7ec01421b69a192a3d4aaed0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1039953
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrtNhSe3qZcv7d8bFrnvgmX6lr1brG5ZWW4jWoS%2FaT4bcGbyL6R966H6%2By6tzfMuyr6dygsNeUUcxBadQe3p4zUyHqHoSYHikxVNHaSo0WQErzLkmboHW%2BAjXqyGkhPTZ%2B3Re1P85FsffbDHchkF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b4589c8fd6-FRA
content-length: 7746
expires: Sun, 17 Sep 2023 10:26:45 GMT

GET
H2 200 home_duck_fun.gif
www.ducksters.com/graphics/ 12 KB
12 KB 31ms
29ms Image
image/gif 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/graphics/home_duck_fun.gif

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c153290495ae00c5254a0ac46197a5c26f141da5ea4c974876b06bf04141284

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2017 21:41:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 521909
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19opSQtgVJrH0Q1lhSRhbZ7m1II9cW6oa5B01sACkMAnL54RVxaJEef%2FLwUrBhmM7DYBZORd8C%2B3vXemmonEbbzrwBOPHU89K%2Brr63bkTkHM%2BDBNmZszlO16RFjSoILTkRvPYRksGWHtcx%2FjA5k7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b4589d8fd6-FRA
content-length: 11928
expires: Sat, 23 Sep 2023 10:20:48 GMT

GET
H2 200 ducksters_large_darktm.png
www.kidsafeseal.com/sealimage/19800482453259065/ 19 KB
19 KB 861ms
27ms Image
image/png 2606:4700:20::681a:c6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidsafeseal.com/sealimage/19800482453259065/ducksters_large_darktm.png
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3202be6a3814ed585b6e36a13b88b2aa5f56c8f8939acd95d2306b9dbe1091a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:19 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Sep 2022 20:03:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 834
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIeXXbzTgsh88oqglyN6GlZd5PP%2BtBXM3KaGaEcD3CLcOoiLMfbM3cMZhP%2BhdLPyLEbAXzvbU1qJnqJarrTWDC2C12YPc9WQQni2C2vGNSHiHqnainWFX%2BU61u1dTRtii%2FXBBUEzy3CjGLuK4PxaUrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 752452b98a1d9b5b-FRA
content-length: 19007

GET
H2 200 kids_club1.png
www.ducksters.com/ 10 KB
10 KB 28ms
26ms Image
image/png 2606:4700:20::681a:c86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducksters.com/kids_club1.png

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60388748b4d1d9dcb193c8f537c293afbd480bc278520224c49e48bd06a425f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
cf-cache-status: HIT
last-modified: Sat, 14 May 2016 15:30:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1039953
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF5hwz9dyUObfbuMPqfIOn6Hh8PN42Rjzx8PtYe1haOugqpcvp%2F1O%2FOI3rZkX6Mq4K%2BX%2FyCSFrvu40hCPa%2BTbp8evw3ItW8Lp%2FJILynfGnGLkClxuvDModZ4K%2BnrnhCrNFFxTX%2FDPZGYxqYhjUbG"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 752452b4589e8fd6-FRA
content-length: 10143
expires: Sun, 17 Sep 2023 10:26:45 GMT

GET
H2 200 videoCard.01fa78e7064a386f48fc.js Show response
cdn.intergient.com/pageos/1.8.17/ 554 B
899 B 845ms
9ms Script
application/javascript 2600:9000:236e:3600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.8.17/videoCard.01fa78e7064a386f48fc.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 03:01:11 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 12:46:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 29889
etag: "ce3cc474e63b7f656de18953fb710c43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 554
x-amz-cf-id: R5WvXlXeEUMTZ0TAGzt3_IPZSsw0hooKZqm4kqBbFmHEoV4qLIY85Q==

GET
H2 200 batchHandler.48b67d8f5be3c2f25514.js Show response
cdn.intergient.com/pageos/1.8.17/ 3 KB
2 KB 846ms
10ms Script
application/javascript 2600:9000:236e:3600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.8.17/batchHandler.48b67d8f5be3c2f25514.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48027641b9b68fc4c935af1c09f60855127855d88d6db82cbc0636c051964377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 07:07:45 GMT
content-encoding: br
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 12:46:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 15095
etag: W/"54fee70c6729768e1d9c151cc2f3f4cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: TpWpgA_u92ZuEL9XlPAR1uG8o2Df9i_CnbO0Lmnbn_JuUQL1i873kw==

GET
H2 200 banner.json Show response
config.playwire.com/1015702/v2/websites/62069/ 39 KB
2 KB 855ms
11ms XHR
application/json 2600:9000:223c:5200:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1015702/v2/websites/62069/banner.json
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5200:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 5be9deba515a89008c96f3f89042a66049601180872c9c3ef8b78507de63d1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:13:02 GMT
via: 1.1 vegur, 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 54376
x-cache: Hit from cloudfront
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
vary: Accept-Encoding
x-amz-cf-id: 0qjZPqQI8SwGrhxLUYN2Xe8Dwmcwr35osefYBUvKEnA_BPKCMrdEPw==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 220 KB
78 KB 860ms
25ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a6a58929d117a189fe01b26b1435b86841b538dbebe633fcdca96407a5aad13a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:19 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 18:30:04 GMT
server: AmazonS3
x-amz-request-id: 1TFXJBEC2TC1WFWC
etag: "3d55f50ac0e6983bbd12434c7c6d418d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=56287
accept-ranges: bytes
content-length: 79076
x-amz-id-2: BhG4yuBA0U8TqMsrEwsvRB4IA6+41JMbl9v0S2kxt8N2anmBzYm+pOqfw6DWFsiu59PJTDDBdzk=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 857ms
48ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714916-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 10:27:32 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3107
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 12:27:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 82ms
80ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K9B1TMX9Y2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714916-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0e8f5ec0f8c3e6859f474326523e60e66bb823e7ae05ba9b75e560c0ea4c1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75473
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 11:19:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 127ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K9B1TMX9Y2&gtm=2oe9q0&_p=882875308&cid=799633180.1664450359&ul=en-us&_z=ccd.v9B&_rdi=1&_geo=1&_s=1&sid=1664450359&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducksters.com%2F&dt=Ducksters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9B1TMX9Y2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:19:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducksters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 88.53d45eac092b4513841f.js Show response
cdn.intergient.com/pageos/1.8.17/ 49 KB
11 KB 10ms
9ms Script
application/javascript 2600:9000:236e:3600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.8.17/88.53d45eac092b4513841f.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 092566589bd8db5eebfed9e0e4ef75778b493b74bf519f5c283f375971625b88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 04:10:17 GMT
content-encoding: br
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 12:46:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 25743
etag: W/"521b8dcb529c1fc9697d2140bc44c4e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bmaWZoYo-gtQO_InYvv4CXKIF4hFUeU0d-_4e4NXfFWmBUMbrXbOFQ==

GET
H2 200 gdpr.4e1970870f85cfc88349.js Show response
cdn.intergient.com/pageos/1.8.17/ 7 KB
3 KB 11ms
10ms Script
application/javascript 2600:9000:236e:3600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.8.17/gdpr.4e1970870f85cfc88349.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11e71b3770865bdcfa90cc18e38aaeef86fe26ecda67190a4557d33f0e911c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 06:38:02 GMT
content-encoding: br
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 12:46:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 16878
etag: W/"c4b5815d4511dc8b47b37f61a0987344"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: W5YnjldCltpaacwHdsrrjwywF1_zfV49n0NKH5CG6reeCyURXPL_Ww==

GET
H2 200 nielsen.b850d86715bcafaea630.js Show response
cdn.intergient.com/pageos/1.8.17/ 2 KB
1 KB 10ms
9ms Script
application/javascript 2600:9000:236e:3600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.8.17/nielsen.b850d86715bcafaea630.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 07:07:45 GMT
content-encoding: br
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 12:46:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 15094
etag: W/"70341af160996aa15aad5fcd74fdda2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: TFVwWr8oSSgakGjlEM8EGpXcoRiMOh-O_uVOd14yq7KmqpxE4JjuXw==

GET
H2 200 trendiVideo.d441aa8e3131ccfbf935.js Show response
cdn.intergient.com/pageos/1.8.17/ 16 KB
4 KB 10ms
10ms Script
application/javascript 2600:9000:236e:3600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.8.17/trendiVideo.d441aa8e3131ccfbf935.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d833c06dd1b91530e21f68566ed1b70d3851904b0428ebb4244deed953a282ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 04:07:54 GMT
content-encoding: gzip
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 12:46:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 25886
etag: W/"3959e1a8e9890ff260ec92020775cd59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bG4s8b2aP7IbFLWeTJ8KYfzlVS7pQQ1ZSgds0KQd_jBFDbrAsxe2FA==

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/releases/4.5.29/ 930 B
1 KB 19ms
18ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2562a065d96888a3b4cdf07400d34dd3748e30161f9a1bd654016f1ffac0601e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:15:13 GMT
x-amz-version-id: 5LMlum4Rp_9Pt5t7D9OqM52HByqWeE2y
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 79447
etag: "f0e4450ef5bcecc387d7c265ac09ac39"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 930
x-amz-cf-id: wfePa3V3VbMCJsMzoddTdtdgEopn69vdswZO9sexCzPbHpxd3Opj6A==

GET
H2 200 aws-sdk-kinesis.min.js.br Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
57 KB 8ms
8ms Script
text/javascript 2600:9000:236e:3600:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.8.17/batchHandler.48b67d8f5be3c2f25514.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 06:56:16 GMT
content-encoding: br
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 19:02:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 20704
etag: "575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 57858
x-amz-cf-id: Cy6ZD2zBsC0v76pd_zhOK3pz1b7i1CycjbPgDoo-9Ii78tmtfduYbg==

GET
H2 200 embed.js Show response
cdn.playwire.com/bolt/js/zeus/ 13 KB
4 KB 143ms
45ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.8.17/trendiVideo.d441aa8e3131ccfbf935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 344e4454d0cfba09328139821288e4e363ef245ee50ff6a1cb56dda0ecab33ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:19 GMT
content-encoding: br
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: W7jgVumTI0D2YQ1GrL2iZxFSDbYeXBCzYfxm9NaXqDKL06giy_YKZw==

GET
H2 200 runtime.e27f74bd096051323955.js Show response
cdn.intergi.com/hera/releases/4.5.29/ 3 KB
2 KB 19ms
17ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/runtime.e27f74bd096051323955.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0bdfd5591bde5f784843f075bdb89b51dbf036c8c15b5d7f88ec25fbe0b843b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:14:56 GMT
x-amz-version-id: lrVuiHSAtzp5CPnWiqrji.YBf9DUqzp5
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"c27a68729f8a2d56c9fb8d7be4c65e72"
age: 79464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: EX3UtF0czjgQanm204w4cotaZTQNu_lkwyl0F4N_AMaUysNLoU9VIQ==

GET
H2 200 npm.core-js.9ecd3933ce7c5b26ca2f.js Show response
cdn.intergi.com/hera/releases/4.5.29/vendor/ 39 KB
15 KB 22ms
20ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/vendor/npm.core-js.9ecd3933ce7c5b26ca2f.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae726193112d41052e35118aa67d5f832d40aa9e53c2594466e0ee5df73caab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:14:56 GMT
x-amz-version-id: 7XUIKacqXhFcdX0QKmki4wvkJ6c3wCel
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"3f84b4e4b73d992c8c2e246edb01f88b"
age: 79464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NyZItTZzCZLaK6cH60BS1L7kivvoNp2ncaB602Rfkeb-QGV7vJ78gg==

GET
H2 200 npm.lodash.39a04a8f1c96ade254ee.js Show response
cdn.intergi.com/hera/releases/4.5.29/vendor/ 3 KB
2 KB 28ms
27ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/vendor/npm.lodash.39a04a8f1c96ade254ee.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 272b9948716c2d3274e41beaf32ba844e9277382560b7f109e9486069f922104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:14:56 GMT
x-amz-version-id: J5OYwXuOnsB.dzNKFYczYRt8DJ9R5I_N
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"51add7edf2782c9ddf9380a9a5d6c529"
age: 79464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8-JkIoTLBFBC0xdJsWU3tVBjzHXAQ-Ogr5al401BjLMOD-h8_wrrZw==

GET
H2 200 npm.babel.816b6b897780bce545f1.js Show response
cdn.intergi.com/hera/releases/4.5.29/vendor/ 2 KB
1 KB 29ms
27ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/vendor/npm.babel.816b6b897780bce545f1.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91fb73240f6c4d14842b31b056a2a77919b7438588c62ab880d9f4d90cbf2e0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:14:56 GMT
x-amz-version-id: Fmoh0q1g3RdEhO4PzTNTWt6DyDRrntRc
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"4c1827dd36989b5b458ebcc0299e2c59"
age: 79464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: K4r486TvjuxGa4I0J1-eud5hBl7uZq_fdOTmIa_tr0rMihiRRwtIjg==

GET
H2 200 npm.intersection-observer.312f6562336e9769b3ec.js Show response
cdn.intergi.com/hera/releases/4.5.29/vendor/ 9 KB
3 KB 29ms
27ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/vendor/npm.intersection-observer.312f6562336e9769b3ec.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4547a3e2e7545a504b3a1cdcc817a6219c904c94f79c3b98744a264652d3bcd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:14:56 GMT
x-amz-version-id: kcIMHKPrAc1n6cWMXkAdx1P7NIihwidt
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"3fbf8b46b12b434ff5936e830c2d66be"
age: 79464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: buahBMAuox-wr0zHs1u2Z3zL2tMimfgf7aDwgvrDOUJ87A47Iuu5qQ==

GET
H2 200 635.c6832658487cc1354cf2.js Show response
cdn.intergi.com/hera/releases/4.5.29/ 1 KB
974 B 29ms
28ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/635.c6832658487cc1354cf2.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db6e9b9c4a8d198b13039b61e72982d72bfd88e5faf9069da73156e0b9674894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:14:56 GMT
x-amz-version-id: nVJ0SyeUGhK.UyfvfW65xaH0zcYiTn5G
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"e6039b016665cb6b7e1f57fea4b52ee1"
age: 79464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7KQG7b1Jl8Iv-haEQ9LXFnOA8ePyxIpbxh4tFz63uDOd6evTsyr9Uw==

GET
H2 200 main.bf37a7dbc80f8d440528.js Show response
cdn.intergi.com/hera/releases/4.5.29/ 113 KB
30 KB 29ms
28ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/main.bf37a7dbc80f8d440528.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2313a8c3a3fcc9cbeab8c3a65bbe495868aa0d766bd38678930ecbea7a26e18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:14:56 GMT
x-amz-version-id: iMtb.2D9OGKOHnkON09ssjwMe_uUY65N
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/"b8e0b05c77a30d63ac32d1660cc1b206"
age: 79464
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Xz66GyHQNUwcvp2iJD6zPc5jha9IHnCwXXzpK-K16Aqs-IIS-vtmqQ==

GET
H2 200 lib.37dee626aab965fa63d6.js Show response
cdn.intergi.com/hera/releases/4.5.29/lib/ 168 B
534 B 30ms
30ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/releases/4.5.29/lib/lib.37dee626aab965fa63d6.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc6b3654648a3c72901bc3261e6b3d758e1646a42cf0df9250e90a54a5e5f485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:15:14 GMT
x-amz-version-id: d0zh4VAd7sul.4n_sp_OgxDPozWn82fr
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 21:04:03 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 79446
etag: "55207ad611091d1e6eb6c264a431a7b5"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 168
x-amz-cf-id: v-V_YPdP8cHU3X9wxsHl48LXcDXqVU-dC7bEGoDvJRjGCx3GlC8cUw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 164ms
68ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=882875308&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ducksters.com%2F&ul=en-us&de=UTF-8&dt=Ducksters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1292432292&gjid=1463988946&cid=799633180.1664450359&tid=UA-714916-2&_gid=2101942766.1664450359&_r=1&gtm=2ou9q0&z=1784412776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ducksters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:19:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducksters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 228ms
88ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/main.bf37a7dbc80f8d440528.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d783b9208cb6c94e77534e9d2b77b6c1e7ab1c3ca6b202d1f226fda92687a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27764
x-xss-protection: 0
server: sffe
etag: "1348 / 622 of 1000 / last-modified: 1664449484"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Sep 2022 11:19:19 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 207 B
381 B 279ms
47ms Script
text/html 52.215.141.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm.JefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Up%2ByR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-6sfEEAlWe0wLgg%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.ducksters.com%2F&pcode=playwireprebidheader597261727146&rx=519116035212&callback=MoatNadoAllJsonpRequest_74491360
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.141.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-141-21.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 2e13f57b484d0149b893944ca1deeaeec784d4f043a8d1a50a67e0440ef13727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:19 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "d98e2a4a2dd21138fa44ef6e10b0f6872d4f59cf"
content-length: 207
content-type: text/html; charset=UTF-8

GET
H2 200 7.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/ 157 KB
43 KB 8ms
8ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/7.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67b141075ff5cb362d3261dde71c0f9467b1efed83ec1c43e811b4f9002051e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:12 GMT
x-amz-version-id: O3YcvFfBcYLNGHJN6P4pEqwBUBjUk1Vz
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"c5d663bc4f84d25feb6672d31d8dc2aa"
age: 79388
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UVYFITfT-xjcZTiAAJ45M2theBN4GQFOxqKrAOl9V_s1osSmzpN2lg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
267 B 72ms
18ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Sep 2022 11:19:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Sep 2022 11:19:19 GMT

GET
H2 200 pre_content.json Show response
config.playwire.com/1015702/v2/ 1 KB
868 B 7ms
7ms XHR
application/json 2600:9000:223c:5200:1a:1459:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1015702/v2/pre_content.json
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5200:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 7ac9e77d2f0f75d7d4e1778b747a963b75bed083c4d882eb4a7eb0e6fe75ea2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:13:03 GMT
via: 1.1 vegur, 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 54375
x-cache: Hit from cloudfront
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: hw-country-code
cache-control: public, max-age=600
hw-country-code: DE
vary: Accept-Encoding
x-amz-cf-id: KNlyqnIccjlKQs84T6sU8f1qXeTcAVPfyUg_Z7Y98ZY0za1mof_n2w==

GET
H3 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 144ms
48ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 11:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Sep 2023 11:02:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 96 B
111 B 166ms
70ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ducksters.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96cddb2c4c259ad698ef12685f75b8bea7f844ed81013835c46513d482e5bf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
x-xss-protection: 0
expires: Thu, 29 Sep 2022 11:19:19 GMT

GET
H2 200 1.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/ 6 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/1.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14dd5bdcaf1f7582bf9104f89e77e2b31895bdb8f9dc55d669cc8136715c500f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:13 GMT
x-amz-version-id: pQM3uzu2xczJGZ.i1zW10FzYE9CqManV
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"b39a3fe80b7e1a4a6a0613134f7175eb"
age: 79387
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: S2OwvyoJlu6n171tabJRrfUSFtuhxDmosgB0BeeTu103onIKO0jQTA==

GET
H2 200 frame.html Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 1 KB
935 B 7ms
7ms Document
text/html 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 586dadb6bdd5844901bc425357bc97eb72f2814abd611bd657d597c7afe5a1d1

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79387
content-encoding: br
content-type: text/html
date: Wed, 28 Sep 2022 13:16:13 GMT
etag: W/"e2544ae34a24f92fa0885b5457b5ae00"
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-id: Vt3thbFnC2WdVLPlMTN741XU4sYR5S0PfMA0LkKjSuC2EXLW_dVldg==
x-amz-cf-pop: FRA56-P6
x-amz-version-id: K4B_XDcEmtUAsfgdsrhq_F6jgch8kRA7
x-cache: Hit from cloudfront

GET
H2 200 zeus_boot.46d2dd396c97c8dfedb7.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 130 KB
33 KB 8ms
7ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37549c985effc158f91c569a0313b5b1533170a476f54b1164bc7f274c8a2c0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:13 GMT
x-amz-version-id: 1fsttHMkUmzyhP_SSfpIycw_uhBXytiW
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"09585a51c7b0d97cf25a90e4d77c9e2c"
age: 79387
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: qoUU9CQWmy6YISS5KQZ9UideW7zh3jgtuRBKqOEEh1aq7-sX37VLhg==

GET
H2 200 frame.cbd1dbdc6ede368c3195.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 138 KB
27 KB 8ms
7ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.cbd1dbdc6ede368c3195.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a12f71a382952ff23588015d79da35f9c35a44df276c57a0e08ba3a210faf308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:14 GMT
x-amz-version-id: goFYhOTq2WRryH8CRLCFkMwzcVCQeYnM
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"310e707bd61cbd9cabfa1fb22f368c4a"
age: 79386
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6vjAU7Vr2jtXPKDtuNZt8D0UFjtgYofHmmsTphHGepvS4PYVCoGWTw==

GET
H2 200 pegasus_theme.25d5d942be4acce443aa.css
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 29 KB
5 KB 7ms
7ms Stylesheet
text/css 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/pegasus_theme.25d5d942be4acce443aa.css
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38b88d35ff7abc2f1614745b704a2995714660452baa4719737545b05c7e6f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:14 GMT
x-amz-version-id: Y0THISrnAeCzl4fnk_iZG9boK81cUhx2
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"e61b0f2eda089b99e0fd60e112bc2916"
age: 79386
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: X5S4YeKqoqk5bKjt8KlUt8ijvYNEJyPYCx80xZl_F4Anqo-DfNnGUA==

GET
H2 200 pegasus_theme.25d5d942be4acce443aa.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 9 KB
2 KB 8ms
8ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/pegasus_theme.25d5d942be4acce443aa.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a0fbf8080c07e60ae91b9ab6ef235cac37d61db575dfce463aee4cfa591e8e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:14 GMT
x-amz-version-id: QK0OIDKq8DFoG1cnk8ylTk1xZtcLWOkL
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"dbfb1dd1512bf9960e5f936e284cff15"
age: 79386
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 5R-EABivlWyjvaDatT2N5KukPN80VpFVS5WTwb3H37lIdJm8XbX8Iw==

GET
H2 200 admgr.4e545cda778e76b00bd5.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 158 KB
35 KB 7ms
7ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/admgr.4e545cda778e76b00bd5.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7518a05d1a06ced2db6784903731965fead63341e5ddaa1163a81d7faed379fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: t.diLTEjmd8MnaAemGJZIGfrYQyW1C1L
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"4ab78ebae047ea94272ad4e731539ea6"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: aNX2V_DBWTD6X3NP6A5uANQmiVZXgsvshcjXTDPFWK1wAMxjqLpSQg==

GET
H2 200 pegasus_appearance_manager.6a9819cc9791c2ecb504.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 6 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/pegasus_appearance_manager.6a9819cc9791c2ecb504.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b5839ccf8b2a8013f74f4010170cef575f7112c19e791f7b71405d90687d065

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: nBrdyCcrK2t2HoFEW9LSlKdW4OGUnF88
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"5f9f7795b6656b5381d86cbdb810bb02"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xDgEV0TyQXjlKyxI2ZzQlJYKDBcz6wnD0nlsC7QH5rGWhNDASJCRTA==

GET
H2 200 pegasus_controlbar~scrubber.1c5b89f03069a8c5f6e5.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 16 KB
5 KB 11ms
10ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/pegasus_controlbar~scrubber.1c5b89f03069a8c5f6e5.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 725d1edb01d4673a22b6b7c66348ab19f0be4467b2f17e364db97d500b8efd68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: fCv4taOsFin.0fvIK18q9O9D3ENYg1bw
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"8bcb4ae00f7f2283363e332614a178c6"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XV54JFLUT01ZZz_GvKKmAIG6Q4xLIjXF3taFsE0GfDe_9R3mMB6U2A==

GET
H2 200 pegasus_controlbar.339779335d2601a9be92.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 14 KB
4 KB 12ms
11ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/pegasus_controlbar.339779335d2601a9be92.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c88fe77d0bb423a2815479f8f06a39d4a2f47f7ee3c800b2792d217e063576f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: DUVy3sjr4COOrQ1f4K5coar254WlzABr
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"886d57da179b44c3dfbf2a8aa8738e14"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: py00yWGjwFmxEwodAlIHzQaTA92aKT9wXh42l9kSWr9oTSXImOX0QQ==

GET
H2 200 zeus_mouseinput.1d0b0f313ed20569d9fb.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 4 KB
2 KB 12ms
11ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_mouseinput.1d0b0f313ed20569d9fb.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23b9cb236050bdd3ee0ca83fd60c9b25eed708678b9f75e7e0fc6a913063cc2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: LmAZuo2reEQYkNqUeGJFv.Rsw7Da2Laq
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"bd3cf493840c23ace725a545e391f20a"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ozRH5Op3Za3rRPLLu7H_5GyytoX5TS-Btmm9UIhD2pxffEehDzwvuQ==

GET
H2 200 pegasus_content.67ca910b79fb2fb571b1.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 10 KB
3 KB 13ms
12ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/pegasus_content.67ca910b79fb2fb571b1.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fbe4f3a945bb4673c78ff1af46f86172a35dbe87b66114968fb6e56a353a9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: tqUzljKD9.E7csBY3w_Xk2YwVIQUHNIQ
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"8c2721a8dc5e0f442f5813a4477b5d31"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: LAzezMWQLrqw5NPOFsbHE4pPn5icgNLl0VhdKoB6-fecG6FWlpOBMQ==

GET
H2 200 scrubber.c2ac515c16312477ae3d.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 9 KB
3 KB 13ms
12ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/scrubber.c2ac515c16312477ae3d.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f63a771e9e7e24a13a4ad3c8ac554db96c34874c3863b2b809f7f4e7e7b7db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: 72fkaOmK0XbXDsqzic6WiiqayZp_AfHd
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"44ccac526aa990d453b909309b32f85a"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XPJY_lJbhjfv3nhO8peB4M2OnfmAvg1PAeBUWRp-XEbVoe0Qqd0vGQ==

GET
H2 200 pegasus_watermark.3be1fa39d001f2206d6f.js Show response
cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/ Frame 8AFE 7 KB
2 KB 13ms
13ms Script
application/javascript 2600:9000:2490:1000:13:7c50:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/pegasus_watermark.3be1fa39d001f2206d6f.js
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3fef29529678ff5e018e5d2db4a897390044b92e9105cf7adae070f76f8dbe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
x-amz-version-id: Y4oBpnG5gtqCCegfUDbaySqyQxPgxsMg
content-encoding: br
last-modified: Tue, 27 Sep 2022 21:04:54 GMT
server: AmazonS3
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"465bc19e6b489a7f9217fc1d7e4ebdba"
age: 79385
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IuOa_tiafCQzP5rXfO8lR82gdbq9-9vKIarcli0wojs69GRfbJyJaQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 219ms
71ms Script
application/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ducksters.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 204ms
71ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ducksters.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
19 KB 135ms
134ms XHR
text/plain 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2563173092799589&correlator=3548316852758330&eid=31068929%2C31069923%2C44773130%2C44769661&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&npa=1&tfcd=1&iu_parts=96780239%3A87674693%2C1015702%2C62069%2C1015702-62069-desktop_leaderboard%2C1015702-62069-desktop_leaderboard-HP%2C1015702-62069-medium_rectangle%2C1015702-62069-medium_rectangle-HP%2C1015702-62069-bottom_rail%2C1015702-62069-bottom_rail-HP%2Cpublisher%3A1015702-website%3A62069-site_skin&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F6%2C%2F0%2F1%2F2%2F7%2F8%2C%2F0%2F1%2F2%2F9&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%2C1x6%7C728x90%7C970x90%2C1x1&ifi=1&adks=440268110%2C293378379%2C3107548512%2C4265023270&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26lld_id%3D1b3d4ddd04ab44f28369f9b391de527650359958%26takeover%3Dtrue%26in_view%3Dtrue%7Cpos%3Datf%26slot_id%3Dmed_rect_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26lld_id%3Db5d09e3106094771bb13c8ac906a65f450359960%26takeover%3Dtrue%26in_view%3Dtrue%7Cpos%3DFIXED%26slot_id%3Dpw-oop-bottom_rail%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DHP%26lld_id%3D2a4d4bc38ae24a8f962a86e5f07ba9da50359961%7Cpos%3DFIXED%26slot_id%3Dpw-oop-site_skin%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3Db8dad59706da4a6fba67adf766fb5fb150359962%26takeover%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26dd%3Draspberry%26di%3Draspberry%26vd%3Draspberry%26vi%3Draspberry%26sitecont_cat%3Dkids%26hour%3D11%26day%3DThursday%26OS%3DWindows%252010%26browser%3DChrome%2520106%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.5.29%26kver%3Dv2%26ab_test%3Dna_A%26page_focus%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1664450359987&lmt=1663391384&dlt=1664450358207&idt=1740&adxs=265%2C818%2C800%2C0&adys=398%2C818%2C1877%2C1877&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ducksters.com%2F&frm=20&vis=1&psz=1070x80%7C488x0%7C1600x1877%7C1600x1877&msz=1070x-1%7C488x-1%7C1600x0%7C1x-1&fws=0%2C4%2C0%2C512&ohw=0%2C524%2C0%2C0&ga_vid=799633180.1664450359&ga_sid=1664450360&ga_hid=882875308&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1643e7fb5fd10356a7afef349411871f5b78d3172bd2590145291e993375ecf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19832
x-xss-protection: 0
google-lineitem-id: -2,4808442854,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138245142300,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducksters.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBF8 0
0

GET
H/1.1 200
OK 231253 Show response
search.spotxchange.com/vast/3.0/ Frame 8AFE 67 B
1 KB 295ms
34ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/3.0/231253?VPAID=js&custom_skin=1&content_page_url=https%3A%2F%2Fwww.ducksters.com%2F&player_width=320&player_height=180&x_source.pchain=playwire.com:fcddfba7adc2d929&pchain=playwire.com:fcddfba7adc2d929&schain=1.0,1!playwire.com,1015702,1&ad_volume=0&custom[campaign_id]=0.0&custom[channel]=231253&custom[content_page_url]=https://www.ducksters.com&custom[page_full_url]=https%3A%2F%2Fwww.ducksters.com%2F&custom[player_height]=180&custom[player_width]=320&custom[adunit]=trendi_video&custom[device_type]=desktop&custom[owning_pub_id]=1015702&custom[player]=tyche_trendi_video&custom[pub_id]=1015702&custom[synd]=false&custom[secure]=true&custom[vid_id]=&custom[vpi]=VPAID_JS,MP4&custom[vid_long_form]=false&custom[after_aborted_request]=false&custom[vid_location]=corner&custom[product]=ads_only&custom[sticky]=true&custom[trendi]=false&custom[refresh_count]=0&custom[hour]=11&custom[day]=Thursday&custom[pagecount]=1&custom[ab_test]=na_A&custom[instream]=true&custom[custom_path]=ROS&custom[custom_path]=ROS&custom[dd]=raspberry&custom[di]=raspberry&custom[vd]=raspberry&custom[vi]=raspberry&custom[ws_id]=62069&custom[cp_placement][]=cp4&custom[sitecont_cat][]=kids&custom[dmp_ids][]=&custom[window_width]=1600&custom[window_height]=1200&custom[abs_dist_top]=1100&custom[abs_dist_left]=1400&custom[rel_dist_bottom]=0&custom[rel_dist_left]=90&custom[daisy_chain_count]=1&gdpr=1&gdpr_consent=0
Requested by: Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/frame/zeus_boot.46d2dd396c97c8dfedb7.js?46d2dd396c97c8dfedb7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.playwire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 11:19:20 GMT
X-SpotX-Timing-SpotMarket-Primary: 0.012910
X-SpotX-Timing-Transform: 0.001592
Content-Encoding: gzip
X-SpotX-Timing-SpotMarket: 0.012910
X-SpotX-Timing-Page-Require: 0.000395
X-fe: 005
Connection: keep-alive
X-SpotX-Timing-Page-Misc: 0.002486
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 79
X-SpotX-Timing-Page: 0.018000
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000341
Last-Modified: Thu, 29 Sep 2022 11:19:20 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://cdn.playwire.com
X-SpotX-Timing-Page-Exception: 0.000001
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-SpotX-Timing-Page-URI: 0.000012
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-Mux: 0.000260
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 010A 0
0 83ms
82ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJYiY1mGS5g6KlfRsaTFYvaoW36D-sKVpLJ-yR0njq4sizv_B2aRrbKvjZkxIO--AEIteFVrpeKnKz9tPUZ7wV7m7QnY4c3lEJy2jPx3mngbPrp6O3Fvn98vAJnODg9Kkkm0lG1-qWgL2SNWn18bjsgcXDBspKQOk9PnLDTpFvPFUO0IGUEw91pMR4r32MWZXpThZNoTzae5X7aE080AW9jFy9HLx6SvWI0AAV_I-rYmbivdNX0zwAH2FuYwy2tc3ArpuyHJY7JmD51iiXv6GGFvlj-mo4ztTnsFWyFRmQB040Ze9ReJuLro49Va-Dtb6A04G-iFc1CGIZsVenZPtJmqy0SZoB1y3JrGk9IBkk-kwDCwMmRBc0Xz0yd8ZRiReN64UZXzv_wWoXkzAbx-gjjKqXu0cmQks&sai=AMfl-YRBHET3nybbenZMxiEYky0CgbRsn6_Rz3phaZy2P8jHaZqAGzLKFif1_4c6Is0t0dFsigV-EnpKiGZIw-iet9GYl7kuGa7xpYCyDvxvKwq_kPkzamKB33GSMUz2UVI5Z4eKrA&sig=Cg0ArKJSzItkQAov8MXpEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ducksters.com
URL: https://www.ducksters.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Sep 2022 11:19:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 010A 23 KB
10 KB 187ms
48ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 11:14:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 010A 3 KB
1 KB 193ms
55ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 10:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 10:47:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 010A 0
0 187ms
66ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOWHaprZ7n5P4OhkoyiosJN-Xg5GM-ZZbdlZSCpPJS_VqIInL0cb_n5x9SXjTRtBTtK3XG
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 010A 140 KB
44 KB 126ms
109ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 11:19:20 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/playwirecoppa987728971971/ Frame 010A 305 KB
104 KB 21ms
20ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwirecoppa987728971971/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: af6d2685e6ed7810b4f1199f79262d9f71ace0ddc2a6e834dcf7169b018ece7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 18:26:45 GMT
server: AmazonS3
x-amz-request-id: 27MAQ79GXAE8CVG8
etag: "f7f8508b08176a5edfacabdf28aed891"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=10339
accept-ranges: bytes
content-length: 106423
x-amz-id-2: qbgvXb9XixtCRgrxRh+Pboq0Gs97gXxa/AFL1KnRfXO3vwIGFpNxpzAgAnbS/2BshaDFgOOJVmQ=

GET
H2 200 3444874916929491762
tpc.googlesyndication.com/simgad/ Frame 010A 42 KB
42 KB 193ms
55ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3444874916929491762

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bce3f639d8c79c53792487efe49a0cb10b9997d57d45a80067de7549f13b6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 09:00:58 GMT
x-content-type-options: nosniff
age: 94702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42607
x-xss-protection: 0
last-modified: Tue, 08 Aug 2017 18:09:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Sep 2023 09:00:58 GMT

GET
H2 200 report_ad_style.css
cdn.intergi.com/tyche-assets/report_ad/ 1 KB
875 B 20ms
19ms Stylesheet
text/css 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/tyche-assets/report_ad/report_ad_style.css
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/main.bf37a7dbc80f8d440528.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5651133b0392ce80a91d2e057fcfaf0b227307b35f32f11060e65c6e494c0a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: yQJG2B2SnzFKKyF.jAa0ZlOr43UtUwUI
content-encoding: br
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
date: Thu, 29 Sep 2022 11:19:20 GMT
last-modified: Tue, 06 Nov 2018 18:42:32 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"5ee185abd03eb7c5f89cfb8cd1c06255"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: no-cache
x-amz-cf-id: eK3uaba3egVVcvlnJGbEClaz8jai1sGQZhCZesx2U5bz6Jd4tROmQg==

GET
H2 200 mail.html Show response
cdn.intergi.com/tyche-assets/report_ad/ Frame 0648 3 KB
1 KB 263ms
263ms Document
text/html 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.29/main.bf37a7dbc80f8d440528.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f36125ff55f3f506abf6d4c43601d285cf2959c239e8fe78d669aea00400e6d

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 29 Sep 2022 11:19:21 GMT
etag: W/"2ba20f85185d14c9c49663bcecacc812"
last-modified: Tue, 06 Nov 2018 18:42:32 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-id: Qnfc8RMD5684MorWmpzBzIL_Vrf24ncj3oJzZcRn1d_sI1z-GH31FQ==
x-amz-cf-pop: VIE50-C2
x-amz-version-id: fntLXTDEEOnH4AHgucUW6yMIXK0FU7Qs
x-cache: Hit from cloudfront

GET
H2 200 close-button.svg
cdn.intergi.com/tyche-assets/report_ad/ 619 B
1019 B 289ms
288ms Image
image/svg+xml 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.intergi.com/tyche-assets/report_ad/close-button.svg
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: xhZoq6wMR.69xI4eIXn8TGqPwvpKTgWa
date: Thu, 29 Sep 2022 11:19:21 GMT
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 18:42:33 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: "3500c4be67d6d8f0469a8d37dd63a832"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 619
x-amz-cf-id: -ZOsChUI7A4LPDYOIkU-LIuHXEabOH-TGAeDmy6A7IjrEA5Lzjppwg==

GET
DATA 200
OK truncated
/ Frame 010A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 256b50a93c6a74002ab90527f1e32ae17ac88d7d1272d7550a0242614c57f808

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
267 B 20ms
19ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PLAYWIRECOPPA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1664450360379&de=798103761347&m=0&ar=220b545db30-clean&iw=e5d70ad&q=3&cb=0&ym=0&cu=1664450360379&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4416228905%3A2114397528%3A4808442854%3A138245142300&zMoatPS=-&zMoatOrigSlicer1=95780359&zMoatOrigSlicer2=21671779184&zMoatDomain=ducksters.com&zMoatSubdomain=ducksters.com&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatAdUnit3=-&zMoatAdUnit4=-&zMoatAdUnit5=-&zGSRC=1&gu=https%3A%2F%2Fwww.ducksters.com%2F&id=1&ii=4&bo=95780359&bd=21671779184&dfp=0%2C1&la=21671779184&gw=playwirecoppa987728971971&fd=1&it=500&ti=0&ih=2&pe=1%3A440%3A440%3A0%3A427&fs=200409&na=681334314&cs=0
Requested by: Host: www.ducksters.com
URL: https://www.ducksters.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Sep 2022 11:19:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Sep 2022 11:19:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 010A 0
0 84ms
84ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuADDkvAJhuxbl75NnaqyFkjbbzHTVQd8SHIJlbk33yFNzVJcxLqlLBw933WGnmmjk-9gJTDssQaNvJ3-0v6GY-yejRPVsrNsyO30LBmfcmU8MMT7a-mdMSvv1Iz3QDw2HB2EiR7ObKSUa8ohKwy3gXg6-AVYVBAsa8Rz0-23HasKphtVjhvc8dI_tf3v2CwFh9xQWf3Gpr7vHCB29mjSAEr-EjRb-lVvQ7ascA4RpC-jC3KHr6IPTx6TbXN-Qe9546AD_G_BjDJrPQ_AfgyFQe7PfoW8sWOqHhxvZr4JqxXq8pjubUe8HdHhKQfN1uTRRERq1eH4yjK2X0bs0X0XXqDK-Gw7gD_DbZf2Wb3QDk9GiqU02gOzbihfBSqK3uJ120UP-eXeP-u0VI4-ixk9y03szUKLiFLrUSkA&sai=AMfl-YQuZDEfiA_UDSmj4LGXcS6PywgjgT1O69NeOc55oVQnDpl3oQOF-d1QCCiKwMGggx-wbMf6H7H31CaFfkKNNcETr2rvoF003CL_aKbGk08IVB6W-gZNyg4YhmUUFvVjh5hilg&sig=Cg0ArKJSzL24QIYo9XW8EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Sep 2022 11:19:20 GMT

GET
H2 200 iframe_style.css
cdn.intergi.com/report_ad/ Frame 0648 2 KB
1 KB 19ms
18ms Stylesheet
text/css 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/report_ad/iframe_style.css
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15baf364503744256e4f75cd5094462e4e91a462176367dc9d372932d3c8691d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: VDq2Qg2rgko8.LPtUG1nXNfJ302sQhBE
content-encoding: br
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
date: Thu, 29 Sep 2022 01:12:08 GMT
last-modified: Thu, 29 Sep 2016 17:32:00 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 36433
etag: W/"010298c08dfdfae4755e881b8392fcf7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: JgfiYs5V67HgxpEQfbNSjtTWu7fTpIkMHcLaF0MyFtonl8ycY_tfNQ==

GET
H2 200 form-handler.js Show response
cdn.intergi.com/report_ad/ Frame 0648 1 KB
900 B 19ms
19ms Script
application/javascript 2600:9000:211a:b400:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/report_ad/form-handler.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ba94955ea222644f145ce564f4a5cd15731039aceacceae73d4f2eeb4a49980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.intergi.com/tyche-assets/report_ad/mail.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: 0o7aIxDU3bLZoxNIEYMDVUCy6JC268h4
content-encoding: br
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
date: Thu, 29 Sep 2022 07:07:53 GMT
last-modified: Thu, 21 Dec 2017 18:27:54 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 15088
etag: W/"e341914b5c3b0d0db8f91f9f8dae6844"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 5sFIymGekntaJKTA-e5jPLp3N_0MPm8JRjLlk8QOqHID4GT1DGZV0A==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 223ms
93ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c64a1508eb1d128c4140b719f25cdb8a6c02b658284ea250eb2db0889355ef04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11041
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
267 B 20ms
19ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=1&kq=1&lo=1&uk=null&pk=0&wk=1&rk=0&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3444874916929491762&i=PLAYWIRECOPPA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm.JefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Up%2ByR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-6sfEEAlWe0wLgg%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.ducksters.com%2F&id=1&ii=4&f=0&j=&t=1664450360379&de=798103761347&cu=1664450360379&m=534&ar=220b545db30-clean&iw=e5d70ad&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2499&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A440%3A440%3A2691%3A427&as=0&ag=60&an=0&gf=60&gg=0&ix=60&ic=60&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=60&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=119&cd=0&ah=119&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4416228905%3A2114397528%3A4808442854%3A138245142300&bo=95780359&bd=21671779184&gw=playwirecoppa987728971971&zMoatOrigSlicer1=95780359&zMoatOrigSlicer2=21671779184&zMoatDomain=ducksters.com&zMoatSubdomain=ducksters.com&dfp=0%2C1&la=21671779184&zMoatPS=-&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatAdUnit3=-&zMoatAdUnit4=-&zMoatAdUnit5=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=200409&na=1008026024&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Sep 2022 11:19:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Sep 2022 11:19:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 233ms
135ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 11:19:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F163 13 KB
5 KB 49ms
47ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 346842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:58:39 GMT
expires: Mon, 25 Sep 2023 10:58:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F2C 783 B
535 B 172ms
71ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

255b7ad9222519026099b54f0cb4a0853b6bd5befcb150e5031cb4f0db254b51

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kniMy61NLFLzyS9E4LMSWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ducksters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kniMy61NLFLzyS9E4LMSWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 11:19:21 GMT
expires: Thu, 29 Sep 2022 11:19:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F163 36 KB
16 KB 148ms
49ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 00:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 00:38:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F2C 0
0 79ms
79ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=2563173092799589&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 010A 42 B
64 B 179ms
82ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5MxIUIGsBw6bPo3XNRgvDypc_pqI93kgJQuLGtpjKJmSoIUG4r6muMmFOrIb4S8TByREeORhAx3zZn_b_u__L4nA_lV7ENocyIlWG0os7CZ8plTFO&sig=Cg0ArKJSzHvG3dMxb22OEAE&id=lidar2&mcvt=1001&p=818,912,1068,1212&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220928&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=293378379&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664450360149&rpt=271&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 11:19:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F163 0
10 B 58ms
51ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gYBw6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:19:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
267 B 19ms
19ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=1&kq=1&lo=1&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=PLAYWIRECOPPA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm.JefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Up%2ByR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-6sfEEAlWe0wLgg%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.ducksters.com%2F&id=1&ii=4&f=0&j=&t=1664450360379&de=798103761347&cu=1664450360379&m=1612&ar=220b545db30-clean&iw=e5d70ad&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2499&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A440%3A440%3A2691%3A427&as=1&ag=1148&an=60&gi=1&gf=1148&gg=60&ix=1148&ic=1148&ez=1&ck=1148&kw=1006&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1148&bx=60&ci=1148&jz=1006&dj=1&aa=1&ad=1048&cn=0&gn=1&gk=1048&gl=0&ik=1048&co=1048&cp=1006&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1006&cd=119&ah=1006&am=119&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4416228905%3A2114397528%3A4808442854%3A138245142300&bo=95780359&bd=21671779184&gw=playwirecoppa987728971971&zMoatOrigSlicer1=95780359&zMoatOrigSlicer2=21671779184&zMoatDomain=ducksters.com&zMoatSubdomain=ducksters.com&dfp=0%2C1&la=21671779184&zMoatPS=-&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatAdUnit3=-&zMoatAdUnit4=-&zMoatAdUnit5=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=200409&na=516227563&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Sep 2022 11:19:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Sep 2022 11:19:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
267 B 20ms
20ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=1&kq=1&lo=1&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=PLAYWIRECOPPA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm.JefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Up%2ByR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-6sfEEAlWe0wLgg%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.ducksters.com%2F&id=1&ii=4&f=0&j=&t=1664450360379&de=798103761347&cu=1664450360379&m=1612&ar=220b545db30-clean&iw=e5d70ad&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2499&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A440%3A440%3A2691%3A427&as=1&ag=1148&an=1148&gi=1&gf=1148&gg=1148&ix=1148&ic=1148&ez=1&ck=1148&kw=1006&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1148&bx=1148&ci=1148&jz=1006&dj=1&aa=1&ad=1048&cn=1048&gn=1&gk=1048&gl=1048&ik=1048&co=1048&cp=1006&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1006&cd=1006&ah=1006&am=1006&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4416228905%3A2114397528%3A4808442854%3A138245142300&bo=95780359&bd=21671779184&gw=playwirecoppa987728971971&zMoatOrigSlicer1=95780359&zMoatOrigSlicer2=21671779184&zMoatDomain=ducksters.com&zMoatSubdomain=ducksters.com&dfp=0%2C1&la=21671779184&zMoatPS=-&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatAdUnit3=-&zMoatAdUnit4=-&zMoatAdUnit5=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=200409&na=1196157469&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Sep 2022 11:19:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Sep 2022 11:19:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
267 B 29ms
29ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=1&kq=1&lo=1&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=PLAYWIRECOPPA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm.JefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Up%2ByR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-6sfEEAlWe0wLgg%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.ducksters.com%2F&id=1&ii=4&f=0&j=&t=1664450360379&de=798103761347&cu=1664450360379&m=1613&ar=220b545db30-clean&iw=e5d70ad&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2499&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A440%3A440%3A2691%3A427&as=1&ag=1148&an=1148&gi=1&gf=1148&gg=1148&ix=1148&ic=1148&ez=1&ck=1148&kw=1006&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1148&bx=1148&ci=1148&jz=1006&dj=1&aa=1&ad=1048&cn=1048&gn=1&gk=1048&gl=1048&ik=1048&co=1048&cp=1006&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1006&cd=1006&ah=1006&am=1006&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4416228905%3A2114397528%3A4808442854%3A138245142300&bo=95780359&bd=21671779184&gw=playwirecoppa987728971971&zMoatOrigSlicer1=95780359&zMoatOrigSlicer2=21671779184&zMoatDomain=ducksters.com&zMoatSubdomain=ducksters.com&dfp=0%2C1&la=21671779184&zMoatPS=-&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatAdUnit3=-&zMoatAdUnit4=-&zMoatAdUnit5=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=200409&na=353109317&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Sep 2022 11:19:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Sep 2022 11:19:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
82ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=2563173092799589&bg=!WVqlWh7NAAYIxsuQKMY7ACkAdvg8Wsfb5zOsS04_xg6fvgl2KcMSX3wo_Y52ER5CPQkpDHt6DANMiwIAAABkUgAAAAJoAQcKABGsT34xkRwVAfNdCzFFofOPIpkCoMjt827WEPq6JDY1Z5ic_wd6oTVQHsR8iCSyrRt4Z4PcpuS-biVa7-Lc5RLnKgkv8q5Q4MtXDJPpkTMRG5l0YB1bcz9yAc28P_Yuay6RCGZZagTzkprCot-u1PQNePuk63Wbj37EMOxWrv_fVgMXUN5CuMSed4hholUeOCRjVji-HXrGJTqsXaUcjRC2xdqO5IiMHIe-6mtpfK-HHp2MOVpIcFKBqCdS0d33wTyZju3ClPIeQAQwJecgEqa-BbKHnDGVqLW_aHEYE1cciVH95BgS7KWlavgaOMbOI3Fhc_ZIdmKqYdl8fFWyPQ_5QcvvcoCwbgUOF0y4q9vs45wsBspz3nxLrlqGcREZy2Edj6OmCQ-MZRiEehE3KN4EujBZ18syjhjhmluVdfUmf2BcmYQCIJjKHx6GcuYxI1cTtqlOghZo25wUnBKQZNDoRHsZsmg05gmXgpZNg8XMcNTOK5Gekqsaj6cM2W8H9-PTysvFdqldxYPRvvjATlWNpHKQLt-xNHNsZuZWFWI6y3kntkJZhl_m82Bha4fqgI-IecaLSCwhcFWZZkPK17ZWscGKRUj1eTDckXLUWdbtMtzxr-wT_elHlRARg7wM2q5JUToLLGS_jiwiUtpPn9xhVfKNTubOjmBh4MxNpL1K8GkMXbgmn5LQrvWtj5IX2du6QA5bNjcH-h5bijtfNdbRahpB26TESSeq8hGwg4uv2e9kFlzC3wxmdSgjzxXAGt4awiMbxoRs6IHnQ3WkuMNnbIGxYJYEaikhGB9vMU0lKAmUtuU327a9rw_bRsfWQ5fzPnYhm_AFfv_d_PkTyLcIQ-UhoB0bMaBKS_C7hJyr3lxXpZ3o4smzuiS-x3SqLdL-Zoq5k9VYeBu77qhMh4nEZbMxlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducksters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

POST /
kinesis.us-east-1.amazonaws.com/ 0
0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 322ms
101ms Preflight 3.91.171.237

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://www.ducksters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Thu, 29 Sep 2022 11:19:24 GMT
x-amzn-RequestId: d51afe9f-01f2-66a6-8eb5-7fe305272f8d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com
URL: https://8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: kinesis.us-east-1.amazonaws.com
URL: https://kinesis.us-east-1.amazonaws.com/

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ducksters.com/	1970-01-20 15:56:50	Name: _ga_K9B1TMX9Y2 Value: GS1.1.1664450359.1.0.1664450359.0.0.0
www.ducksters.com/	1970-01-20 15:42:26	Name: usprivacy Value: 1---
.ducksters.com/	1970-01-20 15:56:50	Name: _ga Value: GA1.2.799633180.1664450359
.ducksters.com/	1970-01-20 06:22:16	Name: _gid Value: GA1.2.2101942766.1664450359
.ducksters.com/	1970-01-20 06:20:50	Name: _gat_gtag_UA_714916_2 Value: 1
www.ducksters.com/	1970-01-20 06:22:16	Name: playwirePageViews Value: 1
www.ducksters.com/	1970-01-20 06:22:16	Name: pwUID Value: 799344360796605
.ducksters.com/	1970-01-20 15:42:26	Name: __gads Value: ID=dabf21fa9f337901-222ef9d035ce00dc:T=1664450360:S=ALNI_MYkxPYXHdtgLte3E_cxmaIccZO4pg
.doubleclick.net/	1970-01-20 15:42:26	Name: IDE Value: AHWqTUk3zAYhZRpNwm04-UkMi7xWBB6Cb0PYz9kQMj8va4OMQtt-8v2KWZCbmNb_8mw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.19/7.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.intergi.com
cdn.intergient.com
cdn.playwire.com
cdnjs.cloudflare.com
config.playwire.com
ducksters.com
kinesis.us-east-1.amazonaws.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
region1.google-analytics.com
search.spotxchange.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.ducksters.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.kidsafeseal.com
z.moatads.com
8fb38eab9e304a0bf25f330c2077ae12.safeframe.googlesyndication.com
kinesis.us-east-1.amazonaws.com
184.51.10.56
185.94.180.123
2001:4860:4802:34::36
2600:9000:211a:b400:14:2602:6e80:93a1
2600:9000:223c:5200:1a:1459:5cc0:93a1
2600:9000:236e:3600:12:4abd:d340:93a1
2600:9000:2490:1000:13:7c50:cec0:93a1
2606:4700:20::681a:c6f
2606:4700:20::681a:c86
2606:4700::6811:180e
2a00:1450:400d:804::2002
2a00:1450:400d:805::2001
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::2008
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
3.91.171.237
52.215.141.21
092566589bd8db5eebfed9e0e4ef75778b493b74bf519f5c283f375971625b88
0c153290495ae00c5254a0ac46197a5c26f141da5ea4c974876b06bf04141284
0f36125ff55f3f506abf6d4c43601d285cf2959c239e8fe78d669aea00400e6d
11e71b3770865bdcfa90cc18e38aaeef86fe26ecda67190a4557d33f0e911c63
13cc0025a2b90907913a2586cfc6832fe0da221a7ec01421b69a192a3d4aaed0
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
14dd5bdcaf1f7582bf9104f89e77e2b31895bdb8f9dc55d669cc8136715c500f
15baf364503744256e4f75cd5094462e4e91a462176367dc9d372932d3c8691d
1643e7fb5fd10356a7afef349411871f5b78d3172bd2590145291e993375ecf1
18a4c49f3f3ff370f9fb53adcbcd1b1a37c7bc8fdb74089a8a22455babf02bf4
1b5839ccf8b2a8013f74f4010170cef575f7112c19e791f7b71405d90687d065
1d1d2e6843d61701d00bc1081fdc466940c2f596885124bba67d21a6006d9e68
21cafb6e71a6112d3c1f4777fefa66300fa3e09db01fc7b92dfee436b8373e2c
2313a8c3a3fcc9cbeab8c3a65bbe495868aa0d766bd38678930ecbea7a26e18d
23b9cb236050bdd3ee0ca83fd60c9b25eed708678b9f75e7e0fc6a913063cc2d
255b7ad9222519026099b54f0cb4a0853b6bd5befcb150e5031cb4f0db254b51
2562a065d96888a3b4cdf07400d34dd3748e30161f9a1bd654016f1ffac0601e
256b50a93c6a74002ab90527f1e32ae17ac88d7d1272d7550a0242614c57f808
272b9948716c2d3274e41beaf32ba844e9277382560b7f109e9486069f922104
2ba94955ea222644f145ce564f4a5cd15731039aceacceae73d4f2eeb4a49980
2d783b9208cb6c94e77534e9d2b77b6c1e7ab1c3ca6b202d1f226fda92687a33
2e13f57b484d0149b893944ca1deeaeec784d4f043a8d1a50a67e0440ef13727
3202be6a3814ed585b6e36a13b88b2aa5f56c8f8939acd95d2306b9dbe1091a2
344e4454d0cfba09328139821288e4e363ef245ee50ff6a1cb56dda0ecab33ec
37549c985effc158f91c569a0313b5b1533170a476f54b1164bc7f274c8a2c0f
38b88d35ff7abc2f1614745b704a2995714660452baa4719737545b05c7e6f81
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd
4547a3e2e7545a504b3a1cdcc817a6219c904c94f79c3b98744a264652d3bcd3
48027641b9b68fc4c935af1c09f60855127855d88d6db82cbc0636c051964377
4a0fbf8080c07e60ae91b9ab6ef235cac37d61db575dfce463aee4cfa591e8e3
4f63a771e9e7e24a13a4ad3c8ac554db96c34874c3863b2b809f7f4e7e7b7db1
5533851b7d67db230189fe9c85796763ee84ac2ff6f9e60c8849a036fcda9040
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5651133b0392ce80a91d2e057fcfaf0b227307b35f32f11060e65c6e494c0a94
586dadb6bdd5844901bc425357bc97eb72f2814abd611bd657d597c7afe5a1d1
5be9deba515a89008c96f3f89042a66049601180872c9c3ef8b78507de63d1bd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c954a339be44695196534585eaf26e52abd608f43fd6ba1a271a3a800fcc83
67b141075ff5cb362d3261dde71c0f9467b1efed83ec1c43e811b4f9002051e6
6864cd22a446141125a3f853028263820f8a57def21006378d438f71e36247f2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725d1edb01d4673a22b6b7c66348ab19f0be4467b2f17e364db97d500b8efd68
7518a05d1a06ced2db6784903731965fead63341e5ddaa1163a81d7faed379fa
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7ac9e77d2f0f75d7d4e1778b747a963b75bed083c4d882eb4a7eb0e6fe75ea2d
7fbe4f3a945bb4673c78ff1af46f86172a35dbe87b66114968fb6e56a353a9e1
80797fa8bd60f66bd617579ff02f6f0ab079c5189a34ff7183eef3c90d9ba7a5
881a8e16a9aa3dde622ecdb17620b378a6f5bfb67609d79a63cd610d6f14a1b7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91fb73240f6c4d14842b31b056a2a77919b7438588c62ab880d9f4d90cbf2e0b
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
96cc38cfeb78e902e483c17f9ac04f2952a82686542d146a45136421efc7576f
96cddb2c4c259ad698ef12685f75b8bea7f844ed81013835c46513d482e5bf10
9bce3f639d8c79c53792487efe49a0cb10b9997d57d45a80067de7549f13b6c8
9c88fe77d0bb423a2815479f8f06a39d4a2f47f7ee3c800b2792d217e063576f
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0e8f5ec0f8c3e6859f474326523e60e66bb823e7ae05ba9b75e560c0ea4c1cd
a12f71a382952ff23588015d79da35f9c35a44df276c57a0e08ba3a210faf308
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a58929d117a189fe01b26b1435b86841b538dbebe633fcdca96407a5aad13a
ae726193112d41052e35118aa67d5f832d40aa9e53c2594466e0ee5df73caab6
af6d2685e6ed7810b4f1199f79262d9f71ace0ddc2a6e834dcf7169b018ece7a
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b60388748b4d1d9dcb193c8f537c293afbd480bc278520224c49e48bd06a425f
c3fef29529678ff5e018e5d2db4a897390044b92e9105cf7adae070f76f8dbe1
c64a1508eb1d128c4140b719f25cdb8a6c02b658284ea250eb2db0889355ef04
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cc6b3654648a3c72901bc3261e6b3d758e1646a42cf0df9250e90a54a5e5f485
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bdfd5591bde5f784843f075bdb89b51dbf036c8c15b5d7f88ec25fbe0b843b
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d833c06dd1b91530e21f68566ed1b70d3851904b0428ebb4244deed953a282ea
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
db6e9b9c4a8d198b13039b61e72982d72bfd88e5faf9069da73156e0b9674894
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86c385f301dc4a46357e568d6158c186bfece30776324bf09090ca6a4c8bea3
edac2e92c551951830e96916a9e5b3c5fe48237eb6436ae85fbefd037a766c46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f84465ad80f2fdee0969318288ace06b8e600eb3d9bb1580e5e39ad1b013d524
fd41fbb16992f6306edc644431aecc9d91fe9a1762fafc35f8816c277bfded0d

www.ducksters.com Open in urlscan Pro 2606:4700:20::681a:c86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

98 %HTTPS

80 %IPv6

16 Domains

24 Subdomains

21 IPs

4 Countries

1174 kBTransfer

3340 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ducksters.com Open in urlscan Pro
2606:4700:20::681a:c86 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

98 %
HTTPS

80 %
IPv6

16
Domains

24
Subdomains

21
IPs

4
Countries

1174 kB
Transfer

3340 kB
Size

9
Cookies

96 HTTP transactions
1 data transactions