urlscan.io logo urlscan.io
SecurityTrails logo

www.ducumon.click Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ducumon.me/
Effective URL: https://www.ducumon.click/
Submission: On October 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 8 countries across 33 domains to perform 200 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.ducumon.click.
TLS certificate: Issued by GTS CA 1P5 on September 16th 2023. Valid for: 3 months.
This is the only time www.ducumon.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 176.123.8.49 200019 (ALEXHOST)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 142.250.184.234 15169 (GOOGLE)
21 151.139.128.10 20446 (STACKPATH...)
2 13 142.250.186.66 15169 (GOOGLE)
1 172.217.18.8 15169 (GOOGLE)
3 195.181.175.16 60068 (CDN77 ^_^)
1 172.217.23.99 15169 (GOOGLE)
1 54.38.64.100 16276 (OVH)
1 2.21.20.197 20940 (AKAMAI-ASN1)
3 178.250.1.11 44788 (ASN-CRITE...)
3 172.67.13.182 13335 (CLOUDFLAR...)
2 145.239.193.51 16276 (OVH)
1 51.89.9.252 16276 (OVH)
2 91.228.74.159 16509 (AMAZON-02)
1 54.76.93.84 16509 (AMAZON-02)
1 65.9.7.13 16509 (AMAZON-02)
1 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 216.239.32.36 15169 (GOOGLE)
1 74.125.71.154 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
3 162.19.138.119 16276 (OVH)
2 104.26.8.169 13335 (CLOUDFLAR...)
1 141.95.33.111 16276 (OVH)
1 142.250.185.234 15169 (GOOGLE)
1 18.66.97.52 16509 (AMAZON-02)
1 104.18.22.145 13335 (CLOUDFLAR...)
1 52.51.215.30 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.98 15169 (GOOGLE)
3 142.250.181.225 15169 (GOOGLE)
36 18.245.86.127 16509 (AMAZON-02)
4 142.250.185.66 15169 (GOOGLE)
32 104.26.10.25 13335 (CLOUDFLAR...)
32 157.90.0.13 24940 (HETZNER-AS)
1 172.217.16.196 15169 (GOOGLE)
4 108.138.26.100 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 216.239.32.3 ()
1 2a00:1450:400... ()
200 41
1    176.123.8.49 (Moldova)

ASN200019 (ALEXHOST, MD)
www.ducumon.me
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.ducumon.click
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
21    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
f3f6i6e3.stackpathcdn.com
13    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
1    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com
3    195.181.175.16 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 809075600.fra.cdn77.com
ads.themoneytizer.com
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net
fonts.gstatic.com
1    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    2.21.20.197 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-197.deploy.static.akamaitechnologies.com
ced.sascdn.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    172.67.13.182 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    54.76.93.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-93-84.eu-west-1.compute.amazonaws.com
p.cpx.to
1    65.9.7.13 (Hollywood, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-13.fra56.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ducumon.click
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    74.125.71.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
www.google.de
3    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
1    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
ajax.googleapis.com
1    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net
rules.quantcount.com
1    104.18.22.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    52.51.215.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-215-30.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
5    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
3    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
c3a094d68c64a115ab168d742bbb5105.safeframe.googlesyndication.com
tpc.googlesyndication.com
36    18.245.86.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-127.fra60.r.cloudfront.net
sourserve.com
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googletagservices.com
32    104.26.10.25 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
32    157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de
s.richaudience.com
1    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net
www.google.com
4    108.138.26.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-100.fra56.r.cloudfront.net
redcarpat.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    216.239.32.3 (None, )

ASN- ()
csi.gstatic.com
1    2a00:1450:4001:812::2001 (None, )

ASN- ()
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
36 sourserve.com
sourserve.com — Cisco Umbrella Rank: 193484
180 KB
32 richaudience.com
s.richaudience.com — Cisco Umbrella Rank: 17023
6 KB
32 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 31005
4 MB
21 stackpathcdn.com
f3f6i6e3.stackpathcdn.com
337 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
234 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
c3a094d68c64a115ab168d742bbb5105.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
41 KB
6 ducumon.click
www.ducumon.click
86 KB
4 redcarpat.com
redcarpat.com — Cisco Umbrella Rank: 103455
65 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
236 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
1 KB
3 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3127
mwzeom.zeotap.com — Cisco Umbrella Rank: 3540
21 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
666 B
3 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 39785
198 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
26 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
10 KB
2 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 41739
6 KB
2 gstatic.com
fonts.gstatic.com
csi.gstatic.com
48 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
ajax.googleapis.com — Cisco Umbrella Rank: 405
32 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 42072
923 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
47 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
277 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10542
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10126
37 KB
1 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 36188
280 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
80 KB
1 ducumon.me
www.ducumon.me
305 B
0 sddan.com Failed
kvt.sddan.com Failed
200 33
Domain Requested by
36 sourserve.com www.ducumon.click
sourserve.com
32 s.richaudience.com sourserve.com
32 hb.adpone.com www.ducumon.click
sourserve.com
21 f3f6i6e3.stackpathcdn.com www.ducumon.click
f3f6i6e3.stackpathcdn.com
16 securepubads.g.doubleclick.net www.ducumon.click
securepubads.g.doubleclick.net
www.googletagservices.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 www.ducumon.click 1 redirects www.ducumon.click
4 redcarpat.com www.ducumon.click
4 www.googletagservices.com securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 id5-sync.com ads.themoneytizer.com
ced.sascdn.com
3 gum.criteo.com ads.themoneytizer.com
3 ads.themoneytizer.com www.ducumon.click
ads.themoneytizer.com
2 i.clean.gg cadmus.script.ac
2 cm.g.doubleclick.net 2 redirects
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 c3a094d68c64a115ab168d742bbb5105.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com www.ducumon.click
1 adtrack.adleadevent.com ajax.googleapis.com
1 cadmus.script.ac script.4dex.io
1 mwzeom.zeotap.com www.ducumon.click
1 rules.quantcount.com secure.quantserve.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 lb.eu-1-id5-sync.com ads.themoneytizer.com
1 www.google.de www.ducumon.click
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 c.tmyzer.com ads.themoneytizer.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.ducumon.click
1 fonts.googleapis.com www.ducumon.click
1 www.ducumon.me 1 redirects
0 kvt.sddan.com Failed ads.themoneytizer.com
200 42

This site contains links to these domains. Also see Links.

Domain
notetoguide.com
www.xcinsp.com
www.pkgps4.com
play.google.com
reisendergeh.com
Subject Issuer Validity Valid
ducumon.click
GTS CA 1P5		 2023-09-16 -
2023-12-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-04 -
2024-05-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
1266287590.rsc.cdn77.org
R3		 2023-09-27 -
2023-12-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
c.tmyzer.com
R3		 2023-09-22 -
2023-12-21		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2023-08-30 -
2024-09-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.adleadevent.com
Amazon RSA 2048 M01		 2023-06-27 -
2024-07-25		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
sourserve.com
Amazon RSA 2048 M01		 2023-09-06 -
2024-10-05		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
redcarpat.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-01-24		 a year crt.sh

This page contains 47 frames:

Primary Page: https://www.ducumon.click/
Frame ID: EAC7F53E12805FAB949B6504D215B14B
Requests: 67 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697915885903
Frame ID: DC2E302048C3D5B186D10F92A238280D
Requests: 1 HTTP requests in this frame

Frame: https://www.ducumon.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: 6AFC0878353ECDED93B7B6C9DC61DA44
Requests: 2 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.ducumon.click%2F&id=MTIZ
Frame ID: AB4A7E373B5CCC60E45C616ECB561F3B
Requests: 1 HTTP requests in this frame

Frame: https://c3a094d68c64a115ab168d742bbb5105.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3AAD53561434EA00DF1C8A3246E82A3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu66Kxezqp9VXmieZm4U_Pj3NfIUoCmafy_FNAGxs2Jz8oup5xuB3sSJZ9ZCInk_4i8L584lX0Q_U9jO1MAEQrX7-9qyNWKEevGUvmFO_uRffyhH48Jt7H8BenYvzYy6ZoflrjLXnB61wpf1xtho_UNorqKQRACOvzsnlng-1Fw_cG3LVaOmPCwIk27bUGc9qVkLq_rRzGYelelQtzgxO6g8OxMbQzjAy_H67cFcXZCeqPt_Ghe9YVp55QNPtDq1PNnRZ0Nx-vClHSyw_EUSbk08R9trHjcUno5thlqYENbEQ3ijHGKOTb4UVq0SUeyP8kHBq9Mc1zrSMdDBDvivdP3SBXdvPQW3EeC6sTAYZy0&sai=AMfl-YQE981cbqcUa5pzj299DZWJLITLr2OUd9RPbrXfvLPK_BQUF4nDB5_4yWIyQASR8klc0Zuw7oMg_Bm7Nt_sD8HCojr5Tq50g09rN5XtE7_golBgssB4zam1dJymlQ&sig=Cg0ArKJSzIjI9Jh6-t9oEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 717CE06BAB1BBF8AD7DA5762CB07EF7E
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuVO78ywm7QdEOOks42gQqVD37QMhcEG5SeS2MrVCeCRaO7jJn0et0BgYsja-i_PsWnIbMAyZyj2j8Tj46C7f42Bk0rmx3-ggNi0Yl8CAotFTGs2PAcWFcN522r6fyXngGaBixYvX1ZbZfXCPw0fc7eL955DoEKQw1e0VIdblhWBbqpC2EE6emSznlfpZWDFf4bLvq80fvo_JWGlgH9PCB0D4hbQiLt_oCGz5C7WWAQ4_a6vlYkIM4z55E2iKa3-IjFccyG7oU1jkV9eSq1p1kqsKCxmPfWnK_bf9APiOGwvYvZuG4NHSbfG5sLuI66Tt6xpX76jfVOTKUzP3zIjTGHD7BtkNdzXYt-BUY7w&sai=AMfl-YQ46uED41_cs_l2bwXvs6Vc4UC2pbIrFX-_ZMh7aDlQ_GY6E7OfvYYgLmwDczNRJEb2oNc3IEw15UdOxTtPPRvIr4_OgW_JjgM7GKlU_UlWT7pmrN6ybZ-MMMfXyA&sig=Cg0ArKJSzPH3aHlL8wTzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CB98AA4EECD900005C51BAAC3A6CF70B
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQzZ1FxG0Qicg62xgPW9Apn4ON_CCGzE69vepQK7Rm39QwJdwWzlctT6lCoN5J9xr2844qj5BHPrZ88Pi0Cfn6smgT6d07AiErdidw7jlSdhcymOOM_AFoFnQOmfaDwb91MJHjvyiCY0e1XUUhGaHA4u3LpxxhAtzdU7rlBUmRPjZ73oC39PohLsCXMgCfckjIsGfUuslmAdLSzWfBAEniP0mCSza5gOZPX4IaiqlpKlVoZNLC49UaqYDhzq4glI8X5gHKPDvg7SDjbajVuIiJEk2ooBdsy8C-nHhP6BXXggLOXH00W7Ze52G8Z2jMef1ejNGJBNWzSvOOrRge0BWlQxbjht4JInUdHI_luQ&sai=AMfl-YTmBv7Q0Ah6m2ZdThBDISVxDXnaUJfCDIft8OpwOa57pjElwGcwjTy4hce7P6ri8gN8lHyRv0U9SWHnV2ldWoTsTF6lI789IFWZsNzK9Ku_IIor6hm-FQXv59fgSg&sig=Cg0ArKJSzDs9yH3wVK1iEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C8C4BA5FBA589A62EC0EBD02EA504335
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvziy8LZc7RYna66DpiXXh-B1IVV8SKxbkvu8gCQocaSw5uv3U5FeEyBQT4iYSpc92HP2Kr53wQI9QSJZDl8n1iH2Nk81owIQ-49BwbuC-_QH9D_L2GS9AACyV-Y0JUOaD3ZC-ZzFLO84-gcWk5jVBmWw_Ey4NkhwGDbQ7IoYTy_0ata_BGQCW-WG_3HL5QXnGXfR2EWpLv6h0EdStufsXaEJR72oaeH1OJ6ZJtVCyLDhXeOrfjWs3NTzvCLucfyehGuUPkbtq7fomF0MnaurHDSfwmjfqKKlA_Hq-Go3YP-BgzdS9cD8OPb-7Nu7R5mKErXC5lJSewEag6d1pLhnR9efT5vAJ0ywBnePWNzObbHfBZ&sai=AMfl-YQeHnbovRBb1imYirIyQ4BVQBUYlawRLtt6Is3Em7gSrqpQDdlW8hE4fsDnVcawnRR69D2455OGIHoh_oDOj3CmeOPghfUy7855DC0Jls_5EYt1mtzmm9KbH5727w&sig=Cg0ArKJSzM6QsihWRNWpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 97A2C65557575504824CD49F791B3F03
Requests: 14 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: A241E4CCCFC413EFF0949AF8FAB54A6D
Requests: 1 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=tnzvcgak&e=1802562599418
Frame ID: 454AE13DF06EFA7681CF9F2EE4C7DB90
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=pecscfgrj&e=1802562599418
Frame ID: E3D0F97456546F65B024D2C9CE04E188
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=avjmwswqgq&e=1802562599418
Frame ID: A4BDBA975ADA6735E6A18CC03D87E2BC
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=xrosyxxu&e=1802562599418
Frame ID: 0EF56C2B32EA9A29CC2BE6295CC1EFDA
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=rblooim&e=1802562599418
Frame ID: DA3B01F43976EB9E2FBC1AEE2D94EEC4
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=gxzwcciqr&e=1802562599418
Frame ID: DA917A3E4A3730AF84A9A2492DE5DC94
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=raudxvide&e=1802562599418
Frame ID: 28383C999CF64AE1D7EA1FFAA14C5860
Requests: 2 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 21D6BDCBF254E9EAC10CB7C7FCA42C4A
Requests: 1 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=shunsfer&e=1345243651446
Frame ID: 7627DAF55FB5BAF83FE5DDDDC6335863
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=kjqudpgv&e=1345243651446
Frame ID: 587B5240C5CE79B313FC4DDE176A64D4
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=ssilkoqd&e=1345243651446
Frame ID: 989BB3523AF499FD23AF74E1CED081D4
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=ktgxqvh&e=1345243651446
Frame ID: 92AB4FB250B43E3EB75DBD589ECB5BD9
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=xatcspih&e=1345243651446
Frame ID: 75513F60A5C0879B5DC0F8FC467334BE
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=hdxqure&e=1345243651446
Frame ID: 74115FD51C787774286D8A8D7D0D958C
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=kolbmp&e=1345243651446
Frame ID: 293FA16B71789DB1C221B8BF1C916C8B
Requests: 2 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: C348F32A7802FCF3636B88F27C9AF2E6
Requests: 1 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=gwckeu&e=1300988650699
Frame ID: 0D622C1C0FCB6B4F0448B33652C42EBC
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=ejnpjn&e=1300988650699
Frame ID: BDD1320D80A01456A8625A20F45BAB59
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=xfuyhilk&e=1300988650699
Frame ID: 4B9DD1EBE52A59C32E0E7D6E9F5C109A
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=irrfacbl&e=1300988650699
Frame ID: FC7A1EFB675B56BF7BD579529FFD945F
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=hyqqg&e=1300988650699
Frame ID: 1E1F52952043115ED10FFBE0E358603C
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=dwjoqaat&e=1300988650699
Frame ID: 7F4484286706E619F3ACD1572AA1BCC3
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=bqlsvgbfi&e=1300988650699
Frame ID: 3D96130DCC177C206070EB7A6D4D32E0
Requests: 2 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: D3DD6C0E2816A00C2813E9B8CA0899FA
Requests: 1 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=qhtwpsu&e=1723230783387
Frame ID: 2E70BF07D0D1AD9822522E2278910D96
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=wpdrzdzf&e=1723230783387
Frame ID: 39B3078B86E8F555B6DE1C2B0536AFA5
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=zsfndsq&e=1723230783387
Frame ID: E304F395A077CDBC4BD50A4B7F4B01B1
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=cqpqntc&e=1723230783387
Frame ID: 338E7C95668A92F6BB8C540EE23A38CD
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=bwgfvd&e=1723230783387
Frame ID: 7DCFEA69F3E2BFC55B894277B66D9001
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=dnvsuldd&e=1723230783387
Frame ID: D891E0085BACCBC9E10C65679A37EBFA
Requests: 2 HTTP requests in this frame

Frame: https://sourserve.com/r/p.html?f=gjrndl&e=1723230783387
Frame ID: 6A97D5EF2E797E9F599A2D6C4A368315
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E9E94DED543315A37E58966F8037377
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D949802030E48DAB7C59AF15A6F856A1
Requests: 2 HTTP requests in this frame

Frame: https://redcarpat.com/a/320x50.png
Frame ID: 12564578C7817181751E6FE4BAB7EB4F
Requests: 1 HTTP requests in this frame

Frame: https://redcarpat.com/a/160x600.png
Frame ID: 3948277AE2CF19AD68A949799EFA88CF
Requests: 1 HTTP requests in this frame

Frame: https://redcarpat.com/a/728x90.png
Frame ID: 7079681C6E7DA1ED051CFBCBE2252B04
Requests: 1 HTTP requests in this frame

Frame: https://redcarpat.com/a/300x250.png
Frame ID: CE4C8998525D286B83F621BFB7CE5AAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ducumon - The Next Gen to Give entertainment that best suits you, all for free!

Page URL History Show full URLs

  1. http://www.ducumon.me/ HTTP 301
    https://www.ducumon.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

200
Requests

99 %
HTTPS

10 %
IPv6

33
Domains

42
Subdomains

41
IPs

8
Countries

5624 kB
Transfer

18118 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ducumon.me/ HTTP 301
    https://www.ducumon.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://www.ducumon.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.ducumon.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Request Chain 56
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-6356-9c02af93af10&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-6356-9c02af93af10&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELdqccxrRbcQ92fNF7L-uEY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-6356-9c02af93af10&zdid=1258

200 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ducumon.click/
Redirect Chain
  • http://www.ducumon.me/
  • https://www.ducumon.click/
69 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7caa54994bc234081728919217a22e842db137df5d5a79edc873a610937aaa1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
819bd8278ebf3a5e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 19:18:04 GMT
expires
Sat, 21 Oct 2023 19:18:04 GMT
last-modified
Sat, 21 Oct 2023 16:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioyQ75FKKo69Lqq5v0nJeqp8P7qNKbhEQaj818v4LG%2BwFHvfhleZy4xGpLLnCa%2Fazo%2BSa%2B2a4tYOcSwh290xFjcGTL%2B5nCxUCJA49ZD%2FN09oF7RUwcHrlfG%2B5zkKOft8esaFyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
234
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 21 Oct 2023 19:18:04 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.ducumon.click/
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 PHP/7.2.24
css
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
1c9cc8e33a15d6f739e16ec44ae2cd8907a4ec6201386bf9cca6a85a53103168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 19:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 19:16:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Oct 2023 19:18:05 GMT
style.min.css
f3f6i6e3.stackpathcdn.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
13841
Last-Modified
Tue, 08 Aug 2023 22:05:34 GMT
Server
cloudflare
ETag
"1691532334"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCpQHQ6j60fczyfaKKMFWVw3qnSGJfp%2FMLuQCX3Vsv7Odku8cbBdvpfLAy8e0yAzseAm6YUrgtm1d1DCT7UIBBT1wvPhloX%2F3WcvZMKlWk%2FIti7Xv0zBe08WJvTm%2Fbih"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds215.lo4.hn,1697915885.cds228.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
8152589f0ce37702-LHR
font-awesome.min.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/assets/fonts/awesome/assets/v4/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/assets/fonts/awesome/assets/v4/css/font-awesome.min.css?ver=1694586445
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
6a04f704f1ff8f018568020f67b9a9a4eb47a0c1029358b195de73feefd36153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
3990
Last-Modified
Wed, 13 Sep 2023 06:27:25 GMT
Server
cloudflare
ETag
"1694586445"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0suPDR6XfHhlCBTYl%2FMHgkTo2VP45iNt%2BV4g5mxOXlGkjU8KXOYEp3dgqkmVJuAGDk7FGiNc3lhjuIt%2FD%2BQ84bTm68mT%2F0uKwdcr7S9xwmFki0jX6ZVerucRVH%2Bqfym"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds259.lo4.hn,1697915885.cds103.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805e997c7efc7691-LHR
animate.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/animate.min.css?ver=1.1.3
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
2621
Last-Modified
Mon, 03 May 2021 07:35:26 GMT
Server
cloudflare
ETag
"1620027326"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV6qidAEkOxw5IIIc07M%2BZeUcwj6M5dfQgJ7Cf4gn2Fw4M6CL99mM%2FsA7xWmT5rV%2B7bvPkpL1z3dsdFbj7RHwgx115Hirr5g3X1vEzJ8upLOmyoKjmUhBIp7VVQrH1I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds226.lo4.hn,1697915885.cds217.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7ac48fdd0a2e24d2-LHR
spr_columns.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/spr_columns.css?ver=1694586445
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
cfb829354040f367c2c97ee3716d87f194c6d2a23ecfdd4901d7c22e3b8be3b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
396
Last-Modified
Wed, 13 Sep 2023 06:27:25 GMT
Server
cloudflare
ETag
"1694586445"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIQ6zfNsixm5v9vnoOSmnTMUU0qFwdWyzva6q7wI8kUEPgGSDZtvH2PucJDmjK9uKROHzg9coa%2FD5V1nzsMKdt8kRSEgO%2BRd2BlILogWPAMPR4OhVVELGS%2Brs7vitbZQ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds288.lo4.hn,1697915885.cds323.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805e997c7f3b71e6-LHR
all.min.css
f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/css/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.3.1
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
6803
Last-Modified
Wed, 16 Aug 2023 01:20:23 GMT
Server
cloudflare
ETag
"1692148823"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4etxLvSaUdlIZKs5FszvIXf1ycNMPFvl44Bco9js6Vax%2FPsq%2FAJOzd1kNdz7E4Y%2FCjDiiVb2W4XAgqkGxM4g94nVrSYqkGG3rN0CXlSR314poGgB9iqvuXi%2Ficu7ABq"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds254.lo4.hn,1697915885.cds275.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7f75f9deac7a76d5-LHR
font-icons.min.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1694586445
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
891b450bc9c1540873ef9d8e417573bebb8a04d5da713bfc5f269a1f4ffde175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
790
Last-Modified
Wed, 13 Sep 2023 06:27:25 GMT
Server
cloudflare
ETag
"1694586445"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGMfR60mRf1ZdCVsZyJslmpnRaLV4FNQ9qiqVTDMUIVGwoO3lN%2FF6A1qxxpJWpSD%2BtsB%2FDwgslSNOGIMZHC5VOKLwTVPRawVSupZ7YogJkpxaycVhSOMFC8OhvGA%2BBsv"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds226.lo4.hn,1697915885.cds214.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805e997c8fd84190-LHR
font-awesome.min.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-awesome.min.css?ver=1694586446
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
4f61525c435935afe56cf850326d30eddbac45d82f9ec281cc2554eb570efff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
6976
Last-Modified
Wed, 13 Sep 2023 06:27:26 GMT
Server
cloudflare
ETag
"1694586446"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch8BlV6%2FcuPLmS2pLyEivT3hdr430IO1MasS5Wqxz6S2pjajKKhYQdV4e%2F4iUAUQt8au%2BqWeH4Ap1UN1bocotg%2FqU1MxYdu9gyw8wdK571L1zEqBZHuw71bOR39u%2Fy2c"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds288.lo4.hn,1697915885.cds261.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805e997ca8142508-LHR
style.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress_child/ 		307 B
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress_child/style.css?ver=1694586446
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
d098cba4343ea4111852815ebe9dca7c79d69ca280b99825415448f380c2b4dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
187
Last-Modified
Wed, 13 Sep 2023 06:27:26 GMT
Server
cloudflare
ETag
"1694586446"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVEYFDaM2uvTsNqbOrXBz1RzBxwvN1ARYona8SKlUI1selbmUFv0p68b%2FxDEsJyllF5W172%2FHRz2qC2N4A2brLz4ZK1qjFUj8wKEnH1IEeiVI5HDUrsI%2BywM9G8elFSO"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds254.lo4.hn,1697915885.cds264.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805e997c8dd548c9-LHR
widgets.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wpforo/themes/2022/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wpforo/themes/2022/widgets.css?ver=1694586446
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
95b642f67cd22e16edcc8466f6de5cf0cf4a96549aad8979d9dfdf58536fdc82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
2646
Last-Modified
Wed, 13 Sep 2023 06:27:26 GMT
Server
cloudflare
ETag
"1694586446"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxNKrkIOBxkXdO7E39%2FXPpsD8Kr93jRSBCmKiRzs6B6934YY9ZSwhSJki%2Bh5xi2uVjA3ilRS50bct%2FD8PCmybtZTqodYiOBvWz8nGIU2dL4%2BdGADjVOe%2FnlVgHBHA%2FBQ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds298.lo4.hn,1697915885.cds314.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805e997c88547732-LHR
featured-images.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/blog/functions/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.3.2
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
493
Last-Modified
Fri, 18 Aug 2023 02:35:31 GMT
Server
cloudflare
ETag
"1692326131"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnOqgkHs7YNaFGVUSnEKsXofpdSTExdtE4RVfduSXl6kSkq%2F4kdfhMmg4EqylnCC2vjDtPrtrPnQax5CFosGJJvnuhH852iG6AzViXW8mg4UzbK7QgLnQD2%2FGL%2FN7SUw"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds259.lo4.hn,1697915885.cds032.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7f88e6e88cca4885-LHR
style.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/style.min.css?ver=2.3.2
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
b09569c29ce1eaff4d4b26f902188a7f679223d58a7f5d1e5f7b17aab6833c49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
1247
Last-Modified
Fri, 18 Aug 2023 02:35:31 GMT
Server
cloudflare
ETag
"1692326131"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBjTRV%2Bh6bJmkRarHMUW2WjCYe5d0xu2cnNk9fQVvmAOoAB5nVSBXVxVbuZOuX%2FLC9UvuzddKuyT0XqI2v3Enkd0r68GOaGt1JPMpo8r9KpSB3vgGnAvfIUyMEJx8cqj"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds288.lo4.hn,1697915885.cds239.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7f87fc23391b3693-LHR
style-mobile.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/style-mobile.min.css?ver=2.3.2
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
76159e62f0aa757670084bcf637554ecbce058a98467688d5d3e94e6f022d537

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
512
Last-Modified
Fri, 18 Aug 2023 02:35:31 GMT
Server
cloudflare
ETag
"1692326131"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B0giEpXFM7Ak6cN25sG45tQuV0lDigMRrtl5F6UROUGhqLHVbd%2FtxTWsxV24dsKaBxSxBLlvTjqIyCzV%2BB6LzEDWVLyVoqqbLVqmJp51%2BKn%2BwktFDIpTfuiBD00KcEJ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds298.lo4.hn,1697915885.cds080.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
81667cbd7a678891-LHR
colors.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/uploads/wpforo/assets/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/uploads/wpforo/assets/colors.css?ver=1694586446
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
4bfec0d9a1a3e8806adbb6f164d312aaed994cfff3a77bfef2d3cde0afd02405

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
7932
Last-Modified
Wed, 13 Sep 2023 06:27:26 GMT
Server
cloudflare
ETag
"1694586446"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quDD3nUWRKzMMJrfB7hQy7AQVhU7%2FlOSOqh2X9u3GfMwiucPmHgqFDvBevY28n0r5QQroCscR2vaSVxnlcVxpTUzoQ8Ayd%2F7xWoCKUf5Q%2BVmsRMO%2BVCOpqhnCirDJaO9"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds298.lo4.hn,1697915885.cds288.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805e997c8d2848bb-LHR
jquery.min.js
f3f6i6e3.stackpathcdn.com/wp-includes/js/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
30343
Last-Modified
Tue, 08 Aug 2023 22:05:33 GMT
Server
cloudflare
ETag
"1691532333"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp7rmF9dTGLIQAfzwTK43N2X3yFksACz5hIfHQuDG9b4zkSqnuzTUHEgkZhzOH7Z4rJMYm%2F%2BrGGEzdt1MsBY2sIZtZ0hUN4TqaXMF8ZEI%2FEWf6GHQxLXhfSDSKL3pfSL"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds215.lo4.hn,1697915885.cds203.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7f3b47f4de1d23cb-LHR
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
44b98f5d269487ccc0de25f17e8b7ae79256c224577f25c2e65da23958db8262
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29132
x-xss-protection
0
server
cafe
etag
805 / 19651 / m202310170101 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 19:18:07 GMT
ThetaEmeraldTLD.png
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/10/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/10/ThetaEmeraldTLD.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
fdccd47e2c21e3a03ded6e7259449ccc939283593a8925974cf0344a43b7c30b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
991
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
62403
Last-Modified
Mon, 16 Oct 2023 04:04:58 GMT
Server
cloudflare
ETag
"1697429098"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc%2BLuX5tKOf7JrDiFwthjb99yvVtWkkfkT%2FZDN4gNooy%2Fj20AwpK1XZoS8tqdjJgZ2e%2BG9TwWBwWhbVV1yBMGWcOOzz81VWdyoysJE%2F5YETENdfurlrg5DWYIgEIGf7i"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1697915885.cds254.lo4.hn,1697915885.cds323.lo4.c
Cache-Control
public, max-age=10368000
Accept-Ranges
bytes
CF-RAY
816d9a68ee4135de-LHR
DucumonIku-min.jpg
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2021/10/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2021/10/DucumonIku-min.jpg
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
ed2cf15d31dbb39bec3e590eee1406f6d375c55dfdeceebb91081a4fd061f427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 08 Oct 2021 01:05:56 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"1633655156"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lYbIwrnSrswn7WZSlAzDfWscloF1iVAsYOAr8xNxMyKzASfwxbf9IMRVVJAll5GykzEOSdeNwLZMixis2L602zMCPGDGmNaI9iYO9zban30k1NFtCIoNWzwNjgpk5c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1697915885.cds298.lo4.hn,1697915885.cds235.lo4.c
Cache-Control
public, max-age=10368000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7ac48fe19ecf417f-LHR
Content-Length
52426
Prism095.png
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2016/12/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2016/12/Prism095.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
51ccf0ba6f97f7f8c16d0e51644aac50ea3ce3542b5d083486883562afbf9bee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
77
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
64608
Last-Modified
Wed, 19 Jul 2023 01:07:18 GMT
Server
cloudflare
ETag
"1689728838"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HahLKPZVY8ABeaTRf2JCUikK%2B05bHziFGzRX5fB%2FK9hsiX2CPHZDWJlx9LtQ15rsvxVAuaKCom0YCy7ID3ABuId6SEb3T0Kfuejepl5ghxggk7JKG0QwpEwbdx74GcJP"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1697915885.cds288.lo4.hn,1697915885.cds313.lo4.c
Cache-Control
public, max-age=10368000
Accept-Ranges
bytes
CF-RAY
7e8f44e02accdd1f-LHR
LeekGreen.png
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/10/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/10/LeekGreen.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
cc93c8d1b46bf5c9466ac32cdc5ecca43284f5d5125c5c27bcfea7931a5bbac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
33930
Last-Modified
Fri, 20 Oct 2023 08:47:26 GMT
Server
cloudflare
ETag
"1697791646"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN1hX3OssL0MxX8%2BJPSU31aO1VhfJIfMmOPD58lEGVibPsrmwYLUgUFJVojwxCeXlJzjJ6etnYxrSWDKzKRH5lNq0nyNcOQWXpgSx8LHS%2BM1MjH1HVlhjWHiRThsS8HI"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1697915885.cds215.lo4.hn,1697915885.cds302.lo4.c
Cache-Control
public, max-age=10368000
Accept-Ranges
bytes
CF-RAY
8190117f5a14886d-LHR
Vatonage.png
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/10/Vatonage.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
e28924b464e60c01146ae6e8d7c5cfdab768798a7ce6bca68892c7a3907fcc90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
19406
Last-Modified
Thu, 19 Oct 2023 08:06:19 GMT
Server
cloudflare
ETag
"1697702779"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Fr04BDwYAl24jak6Jhx9jImQszmeLteWVWotd508ZFglkqiCSPvkyDMJP6uWDvvVIp%2FvKuFAeGFHB2UiqMCClJOMRKaevJJpiUU%2F%2FKbmhs2v0YQm%2BD8BadyQ4lxCTWM"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1697915885.cds226.lo4.hn,1697915885.cds228.lo4.c
Cache-Control
public, max-age=10368000
Accept-Ranges
bytes
CF-RAY
8187d929fa4f4595-LHR
js
www.googletagmanager.com/gtag/ 		224 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CE6CLHD4YS
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
32bcaffa49c3e412d0afa347bb8156fcc499c8e2ddec9e46e7c8db4cc38e8d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81376
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 19:18:05 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=44
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
809075600.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-nzt
AcO1rw43Nzf//yYCAA
x-accel-expires
@1698379630
date
Sat, 21 Oct 2023 19:18:05 GMT
x-77-pop
frankfurtDE
x-77-age
141055
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
908339303ed7822bed233465452a4b34
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
141055
x-accel-date
1697774830
requestform.js
ads.themoneytizer.com/s/ 		46 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
809075600.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
39d075a313a2b382bf94516b505dfbd88d715f73b8d3501dcc0155aba9ab6c7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-nzt
AcO1rw43Nzf/OhsCAA
x-accel-expires
@1698382643
date
Sat, 21 Oct 2023 19:18:05 GMT
x-77-pop
frankfurtDE
x-77-age
138042
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
908339303ed7822bed2334654adf5534
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
138042
x-accel-date
1697777843
8923b384d6ebde5ad8313b818563534f.js
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/8923b384d6ebde5ad8313b818563534f.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
950f655a868c39f7173600ccbd929d110d70112d82f8a8c7d2a9d60f1e7e546e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
15586
Last-Modified
Wed, 13 Sep 2023 06:27:28 GMT
Server
cloudflare
ETag
"1694586448"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pc8BRxSF8sWMNfA3NFa9WVo4jOxWh42Dr4oLFjFLk4XO%2BEMTAxBKLPtEK3CL%2BotCouzvixMDUzo1ydHuAjcEaaFe6C4LPm%2FsYUU7jupeHh7FkOoF1f9dHeSWmi60nw%2F5"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1697915885.cds259.lo4.hn,1697915885.cds210.lo4.c
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
805ecb8aee384065-LHR
/
www.ducumon.click/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducumon.click/
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 21 Oct 2023 16:56:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q929SHLH3Rw6f7EVAUSQ0CffRQ6YwO88dazV8XEFK8Zkn2bTmbIC24xLMSFmxVGALDLLwNXh1MD71Mv4V1NgEGs%2FUFXP6Ksrf8mMH%2BlkfWVIGSndexLaF386XmAE3NdRQuNPkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=0
cf-ray
819bd82a8b3a3a5e-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 21 Oct 2023 19:18:05 GMT
generatepress.woff2
f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by
Host: f3f6i6e3.stackpathcdn.com
URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1694586445
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
cloudflare /
Resource Hash
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer
https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1694586445
Origin
https://www.ducumon.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
1287
Last-Modified
Wed, 16 Aug 2023 01:20:23 GMT
Server
cloudflare
ETag
"1692148823"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ie9tliQviVERerNCLU1fc%2Bu7l5y2WbfrBGL%2BnR1jaSl8JcaknOgf842u1A%2F%2BeH3BlZPKv%2FRj0PhowzNaljyijgLrlU0%2FQWfUWsxU5KtmcAcWARUtoJ%2B6dlTOF7cU7GzZ"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-HW
1697915885.cds296.lo4.hn,1697915885.cds276.lo4.c
Cache-Control
max-age=10368000
Accept-Ranges
bytes
CF-RAY
806c7e106bbb76c6-LHR
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ducumon.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:17:53 GMT
x-content-type-options
nosniff
age
176412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:17:53 GMT
/
c.tmyzer.com/c/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=101319&f=44&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
server
nginx
x-iplb-request-id
B073EDE0:0616_36264064:01BB_653423ED_76789FF:A75B
x-iplb-instance
38438
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
smart.js
ced.sascdn.com/tag/1097/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-197.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f28fdae33f8ef4ea1c515edc121c58a5d8117f6b69b7069b2029578313fcfb8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
37248
Expires
Sat, 21 Oct 2023 21:18:06 GMT
sync
gum.criteo.com/ 		49 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
300381
expires
60
mapper.js
spl.zeotap.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df2e870b373f1bf5c660a65e0afc2c47226992fdec0b26db18aff14e9d3299b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains; preload
age
17221
cf-polished
origSize=62059
cf-bgj
minify
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.gewinnspiele.tv
cache-control
public, max-age=21600
access-control-allow-credentials
true
cf-ray
819bd8311ad3380a-FRA
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 20:31:05 GMT
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
last-modified
Thu, 14 Oct 2021 07:27:53 GMT
server
nginx/1.20.1
x-iplb-request-id
B073EDE0:A132_91EFC133:01BB_653423ED_8086FA4:5FB4
etag
"6167dbf9-15ab"
x-iplb-instance
29923
content-type
application/javascript
accept-ranges
bytes
content-length
5547
/
onetag-sys.com/usync/ Frame DC2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697915885903
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 28 Oct 2023 19:18:06 GMT
px.js
p.cpx.to/p// 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p//px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.93.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-93-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
content-length
42
content-type
text/plain; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.13 Hollywood, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-13.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 07:14:15 GMT
Via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-C1
Age
43431
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
ig8fIwgDiWWmooV6kS0ILNZ56icGyyisFPf5WPGnsEN8TUMkiG8a9g==
prebid.js
ads.themoneytizer.com/moneybid8_17/build_noconsent/dist/ 		575 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid8_17/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
809075600.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e420e5cf01c6bd4f0bd154a1fcc61b5d527773e1e24a8b3a1eac0a46e682259b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 21 Oct 2023 19:18:05 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
54701
x-accel-date
1697861184
x-77-nzt
AcO1rw43Nzf/rdUAAA
pragma
public
x-accel-expires
@1697947584
x-77-age
54701
last-modified
Mon, 02 Oct 2023 20:54:37 GMT
server
CDN77-Turbo
x-77-nzt-ray
908339303ed7822bed23346520213337
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 21 Oct 2023 04:06:19 GMT
DrinkingPartyAds.gif
www.ducumon.click/wp-content/uploads/2023/03/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducumon.click/wp-content/uploads/2023/03/DrinkingPartyAds.gif
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c13c9ec23c030a7a840bada77ccbded32c09f830f3dc2981e8b59103671eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:05 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 13:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4573938
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZyAJPP4wNaWwhOcbM1vIEgTTZqK%2F0B4QxKb9W8fT%2BJDlkkYdAZvH%2Brdk%2Fif8lZTWy64IqcZEIgGhUbKua1SUlgqkn8Dd9g4tbPTFu5pEg%2BqflGdzf3R1R2oEyYpE9QG95Zo0PUXNj%2FJf8Kxly3oXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
819bd82eff5e8fef-FRA
alt-svc
h3=":443"; ma=86400
content-length
30645
expires
Wed, 27 Dec 2023 20:45:47 GMT
main.js
www.ducumon.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame 6AFC
Redirect Chain
  • https://www.ducumon.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.ducumon.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducumon.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a182d18cf2ec941d4373ff2d94a061f3850b8e410ced4575bf49e9793395e16e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Y0b2GBjlUgaGvTpIG8PY%2F%2B80iNUYBFIeSkCb%2Fej%2BG3wPWrsevJ3e5U9uJBdBH7JIHi0oBtJ41e4%2BlGg8m4jkgamRPw0SSWqInwfsbxsJ%2BBdXvB8UYuYm7Td0rbBzLh5WjdKVSGvfLldiwn8BOOYWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
819bd82f6fff8fef-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 21 Oct 2023 19:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIw%2BFvkZDNF0seJCZBg7FlV%2FuTzH%2BXwkswP%2BduTrCSrGb18h2gvoPo4a9N7QXnJJ88uQ6Rbl4nREkPIjAMg2X0iDjdTbJ5feYWgmxXVV7tslsS4VlU%2FWwe3Glb%2FHozpvUVCA53ebVhoWrFGRvR%2FDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
819bd82f1f7f8fef-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CE6CLHD4YS&_ono=1&gtm=45je3ai0&_p=257581848&_gaz=1&cid=759422412.1697915886&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697915885&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducumon.click%2F&dt=Ducumon%20-%20The%20Next%20Gen%20to%20Give%20entertainment%20that%20best%20suits%20you%2C%20all%20for%20free!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CE6CLHD4YS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-CE6CLHD4YS&cid=759422412.1697915886&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CE6CLHD4YS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-CE6CLHD4YS&cid=759422412.1697915886&gtm=45je3ai0&aip=1&z=546766597
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ducumon.click%2F&domain=www.ducumon.click&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ducumon.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 21 Oct 2023 19:18:05 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
180669
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ducumon.click%2F&domain=www.ducumon.click&cw=1&lsw=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
197982
expires
0
prebid
id5-sync.com/api/config/ 		134 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.ducumon.click
date
Sat, 21 Oct 2023 19:18:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:06 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1655722
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKg56aMzzHEpbNB%2BhGyOWdMCvUlCb%2FkEcvO0VslC7KAAlQmIPop1DnXhhyeYBwP%2F2Ddi4Gqcsi0%2BfXX7QZxjeQWOv8NBi26uABP3BQY07nPIdk8uzYNOZQXB9IWSCgZs"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
819bd832282a2bd5-FRA
819bd8278ebf3a5e
www.ducumon.click/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6AFC 		0
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ducumon.click/cdn-cgi/challenge-platform/h/b/jsd/r/819bd8278ebf3a5e
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8gIwTquvQp04rotf4LViplolOsDFPwZ1vNMPgreFLC8K1R49Vg5TTmDKUn%2BdsCaSdZJAXAuoVC4Jsa1UCsoiqN7yEmUT3UKJwtbhANjFvUdLiqciPVPGvNj5uWybBxNWsvChwvbX5kCgJMYEtBs7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
819bd83079518fef-FRA
alt-svc
h3=":443"; ma=86400
s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 		0
0
102.json
id5-sync.com/g/v2/ 		276 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7f14b1bbb96ebae107fd473e2e74e898ff3a581d456dafd74869579d535e071d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ducumon.click
date
Sat, 21 Oct 2023 19:18:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
wckr.php
tag.leadplace.fr/ Frame AB4A 		0
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.ducumon.click%2F&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 19:18:06 GMT
server
nginx/1.20.1
transfer-encoding
chunked
x-iplb-instance
29923
x-iplb-request-id
B073EDE0:A132_91EFC133:01BB_653423EE_8086FB7:5FB4
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.ducumon.click
date
Sat, 21 Oct 2023 19:18:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 10:44:40 GMT
12.json
id5-sync.com/g/v2/ 		276 B
558 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_17/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
1416d2d55555c0776970088090e663a408062b16844cf634e224fcdbad2a1e1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.ducumon.click
date
Sat, 21 Oct 2023 19:18:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
spl.zeotap.com/ 		429 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b46546de5ed581b4aa6578874bb92881395390c7d74e1ceff468b9052c97f91
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.ducumon.click
access-control-allow-credentials
true
cf-ray
819bd8319b7d380a-FRA
access-control-allow-headers
*
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:50:38 GMT
content-encoding
gzip
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1649
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
H0iUZcXdiD6JiBvSHW3248NDOGAtHKKgnQ3I3pcruUXhCPu5L_yLAA==
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-6356-9c02af93af10&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-6356-9c02af93af10...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELdqccxrRbcQ92fNF7L-uEY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-635...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELdqccxrRbcQ92fNF7L-uEY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-6356-9c02af93af10&zdid=1258
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.ducumon.click
access-control-allow-credentials
true
cf-ray
819bd8328cd9380a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELdqccxrRbcQ92fNF7L-uEY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=cef4b7e5-a4dc-48fc-4343-5481452c5d12&reqId=21b6c2d0-b253-41ad-6356-9c02af93af10&zdid=1258
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:06 GMT
content-encoding
gzip
last-modified
Fri, 20 Oct 2023 16:18:03 GMT
server
cloudflare
age
0
etag
W/"67e8e96dae06a1f9b3ffb0918bbde23a596265fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
819bd834b90c18e3-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 19:18:06 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1638362
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCc%2F45I9kq36EkvTrmRoFVv5GqT99pvpgfKnNA9HGsn3w9ksvGoftHk6vwz51vzUpiE99eqVgBJlN1Bua6xToJAAwbRAGtySAPt9gIcG9zwffFEQrY8otLmHVlvRhqwJ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
819bd834cb0f3813-FRA
notifyme.php
adtrack.adleadevent.com/ 		0
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.215.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-215-30.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 19:18:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Oct 2023 19:18:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.ducumon.click
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel;r=1889705523;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.ducumon.click%2F;uht=2;fpan=1;fpa=P0-1984166637-1697915886363;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1889705523;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.ducumon.click%2F;uht=2;fpan=1;fpa=P0-1984166637-1697915886363;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=ducumon.click;dst=1;et=1697915886755;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Ducumon%2Cdescription.The%20Next%20Gen%20to%20Give%20entertainment%20that%20best%20suits%20you%252C%20all%20for%20free!%2Curl.https%3A%2F%2Fwww%252Educumon%252Eclick%2F%2Csite_name.Ducumon;ses=1a88bc57-8514-45f5-b7e9-e55d6cad4522;mdl=
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ducumon.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 21 Oct 2023 19:18:07 GMT
server
nginx/1.21.6
via
1.1 google
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3052
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 20 Oct 2024 18:27:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		50 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ducumon.click
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425c6ae73940896fd84c7652151e1a60c3b29e8e656cc7d7b386dcd9f61a8e0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Sat, 21 Oct 2023 19:18:07 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2646248313903326&correlator=246493536038077&eid=31078703%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697915887512&lmt=1697900175&adxs=436&adys=731&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.ducumon.click%2F&vis=1&psz=1600x115&msz=728x-1&fws=0&ohw=0&ga_vid=759422412.1697915886&ga_sid=1697915888&ga_hid=257581848&ga_fc=true&dlt=1697915884955&idt=2510&adks=4198062671&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c2f8529c75efa15c93ff283ebb77a482e615b70d561660d2a5aad907e6b83279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13223
x-xss-protection
0
google-lineitem-id
6160640580
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138413578869
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2646248313903326&correlator=246493536038077&eid=31078703%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__320x50_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697915887520&lmt=1697900175&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.ducumon.click%2F&vis=1&psz=1600x115&msz=0x-1&fws=128&ohw=0&ga_vid=759422412.1697915886&ga_sid=1697915888&ga_hid=257581848&ga_fc=true&dlt=1697915884955&idt=2510&adks=2479459083&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a6516e3bf5cce6b94373b396e8f25f1b7131650a1ab81d7c8f3b43a41a2887f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12080
x-xss-protection
0
google-lineitem-id
6162763190
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138413479337
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2646248313903326&correlator=246493536038077&eid=31078703%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__160x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697915887524&lmt=1697900175&adxs=1440&adys=50&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.ducumon.click%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=759422412.1697915886&ga_sid=1697915888&ga_hid=257581848&ga_fc=true&dlt=1697915884955&idt=2510&adks=1747618850&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9f17a0e0b4bac694f53662982177c9babbfcc5d796ec49bd8b4e8cefdc29d495
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12072
x-xss-protection
0
google-lineitem-id
6137698453
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138408788069
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2646248313903326&correlator=246493536038077&eid=31078703%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697915887526&lmt=1697900175&adxs=528&adys=1594&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.ducumon.click%2F&vis=1&psz=776x250&msz=300x-1&fws=0&ohw=0&ga_vid=759422412.1697915886&ga_sid=1697915888&ga_hid=257581848&ga_fc=true&dlt=1697915884955&idt=2510&adks=714504307&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d29b25c24dcd2e3ba46f1f95a42b9c5833ddb7b4344d53c92df9a5ae80dd8233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12058
x-xss-protection
0
google-lineitem-id
6137698276
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409411186
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ducumon.click
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ca42da6f5b3fc320032216fbe1090164c9e7c292cc0832a803a54686f449e6ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12093
x-xss-protection
0
container.html
c3a094d68c64a115ab168d742bbb5105.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3AA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3a094d68c64a115ab168d742bbb5105.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 19:18:07 GMT
expires
Sun, 20 Oct 2024 19:18:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 717C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu66Kxezqp9VXmieZm4U_Pj3NfIUoCmafy_FNAGxs2Jz8oup5xuB3sSJZ9ZCInk_4i8L584lX0Q_U9jO1MAEQrX7-9qyNWKEevGUvmFO_uRffyhH48Jt7H8BenYvzYy6ZoflrjLXnB61wpf1xtho_UNorqKQRACOvzsnlng-1Fw_cG3LVaOmPCwIk27bUGc9qVkLq_rRzGYelelQtzgxO6g8OxMbQzjAy_H67cFcXZCeqPt_Ghe9YVp55QNPtDq1PNnRZ0Nx-vClHSyw_EUSbk08R9trHjcUno5thlqYENbEQ3ijHGKOTb4UVq0SUeyP8kHBq9Mc1zrSMdDBDvivdP3SBXdvPQW3EeC6sTAYZy0&sai=AMfl-YQE981cbqcUa5pzj299DZWJLITLr2OUd9RPbrXfvLPK_BQUF4nDB5_4yWIyQASR8klc0Zuw7oMg_Bm7Nt_sD8HCojr5Tq50g09rN5XtE7_golBgssB4zam1dJymlQ&sig=Cg0ArKJSzIjI9Jh6-t9oEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
sourserve.com/ Frame 717C 		91 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223d3784ff0f0e572951390d5241d6c7b872e860ee25dfbafd3e355e5311e2a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
zAASV.4z32iPmUPUngToYNRiJrw_Lfiu
content-encoding
gzip
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 08:17:16 GMT
last-modified
Wed, 18 Oct 2023 08:11:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
39659
x-amz-server-side-encryption
AES256
etag
W/"4d77129a9a8dbf884a160882c80217ec"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FwIVK0rGl6WtwX4AivN9E-dSCh96Y8pgnEPvyEM_26k4d1oX8SyyRw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 717C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 19:18:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB98 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuVO78ywm7QdEOOks42gQqVD37QMhcEG5SeS2MrVCeCRaO7jJn0et0BgYsja-i_PsWnIbMAyZyj2j8Tj46C7f42Bk0rmx3-ggNi0Yl8CAotFTGs2PAcWFcN522r6fyXngGaBixYvX1ZbZfXCPw0fc7eL955DoEKQw1e0VIdblhWBbqpC2EE6emSznlfpZWDFf4bLvq80fvo_JWGlgH9PCB0D4hbQiLt_oCGz5C7WWAQ4_a6vlYkIM4z55E2iKa3-IjFccyG7oU1jkV9eSq1p1kqsKCxmPfWnK_bf9APiOGwvYvZuG4NHSbfG5sLuI66Tt6xpX76jfVOTKUzP3zIjTGHD7BtkNdzXYt-BUY7w&sai=AMfl-YQ46uED41_cs_l2bwXvs6Vc4UC2pbIrFX-_ZMh7aDlQ_GY6E7OfvYYgLmwDczNRJEb2oNc3IEw15UdOxTtPPRvIr4_OgW_JjgM7GKlU_UlWT7pmrN6ybZ-MMMfXyA&sig=Cg0ArKJSzPH3aHlL8wTzEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
sourserve.com/ Frame CB98 		91 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223d3784ff0f0e572951390d5241d6c7b872e860ee25dfbafd3e355e5311e2a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
zAASV.4z32iPmUPUngToYNRiJrw_Lfiu
content-encoding
gzip
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 08:17:16 GMT
last-modified
Wed, 18 Oct 2023 08:11:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
39659
x-amz-server-side-encryption
AES256
etag
W/"4d77129a9a8dbf884a160882c80217ec"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_VSNj038zQwrIAM_rMU3ZraGgb5RV4C6_PO0FpSmdlXxddkFGpqg1A==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB98 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 19:18:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C8C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQzZ1FxG0Qicg62xgPW9Apn4ON_CCGzE69vepQK7Rm39QwJdwWzlctT6lCoN5J9xr2844qj5BHPrZ88Pi0Cfn6smgT6d07AiErdidw7jlSdhcymOOM_AFoFnQOmfaDwb91MJHjvyiCY0e1XUUhGaHA4u3LpxxhAtzdU7rlBUmRPjZ73oC39PohLsCXMgCfckjIsGfUuslmAdLSzWfBAEniP0mCSza5gOZPX4IaiqlpKlVoZNLC49UaqYDhzq4glI8X5gHKPDvg7SDjbajVuIiJEk2ooBdsy8C-nHhP6BXXggLOXH00W7Ze52G8Z2jMef1ejNGJBNWzSvOOrRge0BWlQxbjht4JInUdHI_luQ&sai=AMfl-YTmBv7Q0Ah6m2ZdThBDISVxDXnaUJfCDIft8OpwOa57pjElwGcwjTy4hce7P6ri8gN8lHyRv0U9SWHnV2ldWoTsTF6lI789IFWZsNzK9Ku_IIor6hm-FQXv59fgSg&sig=Cg0ArKJSzDs9yH3wVK1iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
sourserve.com/ Frame C8C4 		91 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223d3784ff0f0e572951390d5241d6c7b872e860ee25dfbafd3e355e5311e2a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
zAASV.4z32iPmUPUngToYNRiJrw_Lfiu
content-encoding
gzip
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 08:17:16 GMT
last-modified
Wed, 18 Oct 2023 08:11:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
39659
x-amz-server-side-encryption
AES256
etag
W/"4d77129a9a8dbf884a160882c80217ec"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5rjsQqatJoApbw9C5En1r9rp258qcsFieVHCas8GOE874ubTsaIoXQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8C4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 19:18:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 97A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvziy8LZc7RYna66DpiXXh-B1IVV8SKxbkvu8gCQocaSw5uv3U5FeEyBQT4iYSpc92HP2Kr53wQI9QSJZDl8n1iH2Nk81owIQ-49BwbuC-_QH9D_L2GS9AACyV-Y0JUOaD3ZC-ZzFLO84-gcWk5jVBmWw_Ey4NkhwGDbQ7IoYTy_0ata_BGQCW-WG_3HL5QXnGXfR2EWpLv6h0EdStufsXaEJR72oaeH1OJ6ZJtVCyLDhXeOrfjWs3NTzvCLucfyehGuUPkbtq7fomF0MnaurHDSfwmjfqKKlA_Hq-Go3YP-BgzdS9cD8OPb-7Nu7R5mKErXC5lJSewEag6d1pLhnR9efT5vAJ0ywBnePWNzObbHfBZ&sai=AMfl-YQeHnbovRBb1imYirIyQ4BVQBUYlawRLtt6Is3Em7gSrqpQDdlW8hE4fsDnVcawnRR69D2455OGIHoh_oDOj3CmeOPghfUy7855DC0Jls_5EYt1mtzmm9KbH5727w&sig=Cg0ArKJSzM6QsihWRNWpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
sourserve.com/ Frame 97A2 		91 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
223d3784ff0f0e572951390d5241d6c7b872e860ee25dfbafd3e355e5311e2a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
zAASV.4z32iPmUPUngToYNRiJrw_Lfiu
content-encoding
gzip
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 08:17:16 GMT
last-modified
Wed, 18 Oct 2023 08:11:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
39659
x-amz-server-side-encryption
AES256
etag
W/"4d77129a9a8dbf884a160882c80217ec"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
I8-o1U1JBIHiilp8nXCYdNavq109El0ylkKWQ6_-9En66HyEVwSyxA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 97A2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 19:18:08 GMT
tsvywhsu3dccosod7zsfh.json
sourserve.com/c/ Frame 717C 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/c/tsvywhsu3dccosod7zsfh.json?cb=1697915887736
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25991faafe00868ea75b21f51ae0ddcee3f2699cf43fcd46a11389f159728e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 10:25:54 GMT
x-amz-version-id
pnp1BZ_dW3N.SPxi67C.8d0wyojYyew6
via
1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
31934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1559
last-modified
Wed, 18 Oct 2023 07:53:31 GMT
server
AmazonS3
etag
"561e5c368699bbf7d0eeb221b8c5856d"
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
19QIkWYFtWjNSmpFi3jWX24mmws1fQqHfp6QRN9vg0hRaBieznZX6A==
dngtej48zud812zd87r36.json
sourserve.com/c/ Frame CB98 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/c/dngtej48zud812zd87r36.json?cb=1697915887744
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd89cf79418dd8f1ccac4a620cc5e811fc843d0fae2b25d2de5f8d6d6c9814cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 10:25:54 GMT
x-amz-version-id
1RyVuzakjNhtFKfcQkrrC45KFZE4p72J
via
1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
31934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1685
last-modified
Wed, 18 Oct 2023 07:53:37 GMT
server
AmazonS3
etag
"b8eebd48867c2a27b0308eb7bcecda28"
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
43-BWqBC53dDKCRpzHQ47a-1RUPJk4I4QGHbigcpe-5BNIXHtWYNsQ==
a4ey53iqvdnqdrnbfn1vg.json
sourserve.com/c/ Frame C8C4 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/c/a4ey53iqvdnqdrnbfn1vg.json?cb=1697915887747
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3e732a4b21b3e02eea9a23eb82bb50126a2770033aebce80989261b68717fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 10:25:54 GMT
x-amz-version-id
bSBxjsxJu0xUXblNcBFcqih9oT0uyvPi
via
1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
31934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1686
last-modified
Wed, 18 Oct 2023 07:53:38 GMT
server
AmazonS3
etag
"9eb2ecf1639040f7bfdffd82bdf4cfd0"
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
Ou-XtufngSbmWfPRKIW8wCJ1aUmbMJAFSG_ObjaSFrnD-m-Q8VeSAA==
p17507zcwy1drux4xxi2j.json
sourserve.com/c/ Frame 97A2 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/c/p17507zcwy1drux4xxi2j.json?cb=1697915887750
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1521f2d759e768e150c8a97787e1db7da9448e020e7043f48e7b305185b81486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 10:25:54 GMT
x-amz-version-id
8XLxLB6kGpLUZ8xkPqKQGfUx4oYWPAb9
via
1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
31934
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1738
last-modified
Wed, 18 Oct 2023 07:53:31 GMT
server
AmazonS3
etag
"24acb496f4a383014d025a39164b6854"
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
S2_3DapsQcRF4VyfRK7KhD9uqOhn-AiXF9a1cXH4Y9DFjC5dRSzF_g==
prebid7.19.0.js
hb.adpone.com/ Frame A241 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvIHe5%2BowXjms3l5%2FhYcyf6dzcMCkeJD%2BszViAeHQ27mUEhPlrqqNwnazBfkULBgcyYnGwL4nGNlHZ%2B9dT0hNRZkoFbo4k1ICsJAmJfzpGFE0Cf907ExUCqv57yU5NQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd83d78444db0-FRA
/
s.richaudience.com/ex/ Frame 717C 		12 B
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 454A 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=tnzvcgak&e=1802562599418
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39659
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
G71gQ1VRl7CZDm6k-F1eNFS0RYBAsyLyzuHwHhQyLN7_r6uzG5nAPA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 717C 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame E3D0 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=pecscfgrj&e=1802562599418
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39659
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
19InpxkxpI_BgU99ZpPws9S05W84XDaV9HutxTuQZ6lJjK5Wis9FWQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 717C 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame A4BD 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=avjmwswqgq&e=1802562599418
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39659
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
Bj5rTZ1-rdNcDemhnEqRfJ-4xabxedRv_xC2OCwJnOaXtT2NZh6NnQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 717C 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 0EF5 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=xrosyxxu&e=1802562599418
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39659
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
cbP3ZQmH_xGWYKglZNLvyG72M22u49UzfEGS-a0wnVvldPayPO4Fqg==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 717C 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame DA3B 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=rblooim&e=1802562599418
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39659
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
aLx2QKHaS8ML2vv-dtHcq9BNwflq1SvtraQSzoYTuvoVZXgUHdEN0w==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 717C 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame DA91 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=gxzwcciqr&e=1802562599418
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39659
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
LLLlOOUCwYmMX0o77kP7_jQ_LJL7JoOdKOoQ0OUgHJiAAxRTcIYviw==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 717C 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 2838 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=raudxvide&e=1802562599418
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39659
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
mVUr5PETploSp5Lzz6VuHqPMfQ9jbdMXaJPF46FtbjKFxzdA6eZPZg==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 717C 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=0767361697915887608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:07 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 19:18:08 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 21D6 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZirIfElowiyAWRCksLWfSsqkdkIXJT0xUap2Yzfx4wsVXrZr16bFkM665I55hkgBzT5nCxT9TPIlOPZ2CJzALveUZcDaR0%2FjwKQ8o56mz6d8dwSNbV%2Bzl5uHKGG85Kk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd83d78484db0-FRA
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 7627 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=shunsfer&e=1345243651446
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
-s58yOnVqj0k2WpDmPV_WT41biaqyhcZRvciU9PiS9sTpL1DpTU_uQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 587B 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=kjqudpgv&e=1345243651446
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
9ENd9Hy9aNdAyMh7lmzUxwhOSj4ntSrhm5ch2jUOdjOEkAJxC5-TXQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 989B 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=ssilkoqd&e=1345243651446
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
rFpMbQxvahbwFBaGCD7GV_c0uMAwPHvlvygx9layRxCbgrEV7Jmq9A==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 92AB 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=ktgxqvh&e=1345243651446
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
guKk9xvDWqbEOhNdLupvPsHlYquFEHtdzojBKqN2CF2o0iksUsSfhg==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 7551 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=xatcspih&e=1345243651446
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
8vBCF_r49ybBSw8rvneUU_Jhfk0nTT4nr7FKSGrK4j6aD8JFMb0crA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 7411 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=hdxqure&e=1345243651446
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
dLrrRlq056VUZPr44gHu56BMFp6hAVq0E01dd2na96cqUbPvfG16GA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 293F 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=kolbmp&e=1345243651446
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
6ituoLF66nb8xi3cfwv4JtODudqfAzAzXVJosXbj-wLjcESpRYy24A==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame CB98 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=6998711697915887644
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
prebid7.19.0.js
hb.adpone.com/ Frame C348 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78iqesOrhaDTkTTTK6H3eKJE3w%2BdmgfibyUHsHx%2Bi2hY2AQJvUKrFUSW09xS2208Op%2FS42oOPmeGtp5MkxPu8AR3C8A3xR312TuvSgIzgFVCHQ8xI0GmbPOsP9hGmgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd83d78464db0-FRA
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 0D62 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=gwckeu&e=1300988650699
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
iAeNeU5dqkO4gfjRhLE3kYomNlYGcVXjNAZYl0KFcjfDhJMDYbYlCA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame BDD1 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=ejnpjn&e=1300988650699
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
lG4xBZIiTSxWuwz1VVzqnhQsiuZjO_rM-sCC0-S46-d80hMyF-9psQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 4B9D 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=xfuyhilk&e=1300988650699
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
7DXlkc6zY_f7uf67KZJr2D1yaaU_80dqUorq2tHKlmHoCp4lipJVqA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame FC7A 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=irrfacbl&e=1300988650699
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
LIJ7_zWk4vX0Tlvxm1D242rYClbiMBcnWtplDcZfby1WuB_pL1Fs5A==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 1E1F 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=hyqqg&e=1300988650699
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
581T3knzP8psEbbfZx-1zpS5M5LaLxT_Ki85BAiLC-_zHRPPLlIt9Q==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 7F44 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=dwjoqaat&e=1300988650699
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
jaxBf7nzpY4z0mzDYllvSaUsYB5W0DGv0I0XnjDKHesa0vaWxLT1bw==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 3D96 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=bqlsvgbfi&e=1300988650699
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
cufY2b93Bgk00vDzQQK_-eNnpT2YosSUtGaqx2bbN4gxrVytkRS8FQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame C8C4 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
prebid7.19.0.js
hb.adpone.com/ Frame D3DD 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FQLXn%2Fn0rKyX1nBqAsjgF27%2BL4i5fx7S%2FDWj4jtEhOAI0RPbTnQWHdI13G1ZlhPjPK3VYqBvB82pnp4uC4a3gXUvCGs8bF3sK1GAqm1slSwFLnkRsvTXOPBgQOQuhM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd83e79d04db0-FRA
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 2E70 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=qhtwpsu&e=1723230783387
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
R2zR1hbUnw8vuwhXaJD7yLlfl4JGEsd_8ovBXiIJXA1tUzhfrpCoaA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 39B3 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=wpdrzdzf&e=1723230783387
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
7tAyl6m0iSQ4YwRiPdck902XfeVNW4s_p4BJxp0e4nHQiLBMwqw3MQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame E304 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=zsfndsq&e=1723230783387
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
-kw9X2ukZXrGjk0oLFe05hMdl5gBzydxHknIzObINr880lwzd8Dmig==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 338E 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=cqpqntc&e=1723230783387
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
Bu4crbpi7l2s6KdXM5ujGmmT2vgjNSXn_FWzheh0QSy4n-WJcAjl6Q==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 7DCF 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=bwgfvd&e=1723230783387
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
yFJoHkcuBBr89NF6cNm2hBlM1URxKx1gldUGqByGwYgHtEFCzaMX6w==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame D891 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=dnvsuldd&e=1723230783387
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
72OHsQjlrLMEsJGexVFc_qxOKrc4OAcX9-tpBW64zsud9MV3kKUZSQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
p.html
sourserve.com/r/ Frame 6A97 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sourserve.com/r/p.html?f=gjrndl&e=1723230783387
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39660
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 08:17:09 GMT
etag
W/"1502454049092e2787e9630f343bea9f"
last-modified
Wed, 18 Oct 2023 08:12:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
QXXtQLYCFLbIuZIC7mw6CGPhVa_qcVqk0iXIwipxeBjIKMvn0nrkMA==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
QJWkuPnDMeltYwyLp5fKDGJRUeGBUSp0
x-cache
Hit from cloudfront
/
s.richaudience.com/ex/ Frame 97A2 		12 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/ex/
Requested by
Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 21 Oct 2023 19:18:08 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 717C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstacjXeokOkuA3-UNNA5LPmyyuGAYwor_wem6Vh2EG1a2z-SEKTDa-jpO9txOcO_Aa4I3mkGcSS1Net02d1YNqiPQ-k2eFDB43xlILmDOVJI7wiyHJCv5yq2BeTwePwFB6fhZwhReboNhdlO4BtYvhKutDonZtzY-TYO_JBmHrZulNxtqn0GWPjl9SCO9NA1kZk-jlivEYGAh5kYql4WOcZ5Gh4gkGnJkUGUrVC_MD3oCwv0KC0pu7frrBdCMZlS4ouVZs_CemhWmzZOdab23bIPy3j__SCkQp3Wkg3YpH2LGcATvIigigx9F_nGf4CgFuTqH23mQu6i79z7gwAvZxNYdEKDUOkQRy1G6wzQr2aqqo&sai=AMfl-YSSIaczVRlDSUHGnH0gPII2hf9bq-3qkJZiyJrxVBWWjq3rXAw4KHSxNLy8o__jb10uedv4_HfeR5k_ogoBn3K8W2T44RrP5FjvdCnW4kQwicMJjPOw-sJv6LFEPQ&sig=Cg0ArKJSzNGQsHmgrLCWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 19:18:08 GMT
truncated
/ Frame 717C 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23dfc130690592628e49ebcc12e09d8ae6d348723ef059287e7aab3c74644dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CB98 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNbwsW28aMq1Mj0FT1XYcw6TXvCFApp1kC1NVPKDoTyOXi1WNIZM2-cV9iUI_-x8rxF0qagbN-bl69a6Keg6KFW410wFblPgBnrOLrp3mPncLiXhwFVja0n4f5A8NSqSHPitPJlW7xnGnouIOw03i4bzy61Tqyg7ieJKJZWZxt7zbJcNmmIfcYLbQjx_r91I-CM7NrucpB7bmW0A1-gzdKOKQ4Ya1oBr7VqxqBuhRGKks5k1c14XqfVbecQAgkFAIVEiK5C_fkdnau5eYcaabL9NeJPrwCJ2eCk5SsDHHBKPs5_-f0rqrNNti44qSsBoxNlzBtzDHIR2iRnAcFMfP1ziymxqtKCsESQqS99ljp&sai=AMfl-YTG5UQE5qLY7pTsqtUlsr_GpzDPlTZfJBgX3vN6mGVWogQS7brskOrcXI6kxzMGYZ-Vm_9npYIGJF8cKyI3OLjeSAVTuGTsQsAaFb6A6uCTP533fBpzfy0NjjFFqw&sig=Cg0ArKJSzLuDt4lgy7EcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 19:18:08 GMT
truncated
/ Frame CB98 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a21255c23eaa694a365e10945ca1aea90251a29b22f6f51ecac002baed61d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 97A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEv_HOget_vtAhKAROrUNuGWmXcJ3cUwBnbpk4KfeJflTwakKMhswN-dCy_p8ZcFcGl3Ofx_8YbvvbkdHHbbEOlrrqItxjSavJKXALzZodYG3KOzuf9kYMB8Iz0Rk2ulMnFqk1ZsGeDM2yl_JF9o3sNZEBrkM-dy2jx7uc5UXcW1Dc8-vcmDaYMBSw-J943Hd_yZgJprHF7H42bpqhJZsPHPCa6nxew-SLX-3uGM5fL5W9oocaHtB0_70Lsl7_BPh1PT_szIhZckZ0dthwGlr385mY2S8SF4kXCliIvKjJWzi83Q3zUXZtdBxbPCo3KbQLusSq5c9L5m3zAVvIvXc-fn9gcn6dEE1PosT-XuGZyhq49do&sai=AMfl-YQ68apXcIu0fof-FEjJiZa2mC4xA40sbcsmG6_ehdJL8UiIgLVTU_yY6phgZ_Uqjqwiw2rkEdnvrLBH5Mgq2SqAGNjcgj3lV-zuuZkSv7bOPZIouBwlTgfMDCG9XQ&sig=Cg0ArKJSzFtZEkqcQ0QSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 19:18:08 GMT
truncated
/ Frame 97A2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df9ca32423498afe26bbacd130dffc45b66135771797b3db523892aa6004ef48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C8C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqBkwiGBxVWreeoS34cHGDUDDQaZ-LJ_j2GbFYU1WekthRV2MfsO_9gIS4LuC-zPIueRlO8k_QUCTXq-kFPjEQb719d1g5v0WvV_1RB2Wxd_2USZyM6WBnFhGdL0zMVEJCI0ZW9lUILbW3LG8YivA5BFytoJ9mCmdBd99Xozv4YHkQJsBeMBqW049TWNdzqpzrAqy89YICFSI1AzzdM8GJNnwEdWoeUbl4ek75JYTVwhPrQS_Lm7x3idwg7jKKuPIbO5jx3btXRVAvrYWeNUrS78H7NqbFgdfs8p1tlOoRXJMsLBXSX8lOeQ95zDRsEPOpugcTZESg_RLPLZM_1MxjPZqUJ3xlnrvAh-doTEyT&sai=AMfl-YTwgYOh4kmS8BY3JzTjJuLTbQ9xB1mUe66uBxrXUbJeYog-kn58WbhdnpKvuUzvK5xjpvT4Ntg4MaBEXTJm6oXQ9JcoGohYofz_80Em1NqAkc5L_iuH-JbxSyTkzg&sig=Cg0ArKJSzD6cAhG5h1UCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 19:18:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E9E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
198152
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 12:15:36 GMT
expires
Fri, 18 Oct 2024 12:15:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D949 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
GSE /
Resource Hash
a8c060c4a9505cccdb3e666a20a20ba916a5fc4fc2e89811f9cba6201058785a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lkUH6Bt3rmboZLkFN2wxJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ducumon.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lkUH6Bt3rmboZLkFN2wxJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 19:18:09 GMT
expires
Sat, 21 Oct 2023 19:18:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
320x50.png
redcarpat.com/a/ Frame 1256 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcarpat.com/a/320x50.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06e7c4f208b93f15137c5c1ad9019de33d8e327a83ebfd4290cbba051b5c2c57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
55_Y8rY2dqk6cQcq2gHqfOxIpbzEreFl
date
Sat, 21 Oct 2023 08:18:34 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified
Fri, 11 Feb 2022 16:12:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
39577
etag
"995fea5d7626eda74fb8089619a8a42e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9515
x-amz-cf-id
NIzhwcs4M53UrKXzWT0JyrfmwVMxOHcVeWJ8WZ_H0On9nfaG-TKDkA==
160x600.png
redcarpat.com/a/ Frame 3948 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcarpat.com/a/160x600.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f241f89eccc5a13cf6da04c9fbd1269dc3a83d7666593058335adcddb3d004a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
W4TkYj3vqXw2wrJZdjuO8ebnNEFV6X5w
date
Sat, 21 Oct 2023 08:16:28 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified
Fri, 11 Feb 2022 16:12:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
39702
etag
"30dafd136daeeca03abbfc29c1d12643"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8585
x-amz-cf-id
2GBNo_oLAi8PhYIBt6etFDF7J-X9xxzvj2uzeBZUhRMYL2NFAdsi7g==
prebid7.19.0.js
hb.adpone.com/ Frame 454A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=tnzvcgak&e=1802562599418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyGR2MoCZSsGqupKrSWnHfSL09wVF1OIxDDjBKPw8pEYCykYdULb7SylqcOScDVtB1Vd9gOppCXfaZ7WCCVykBD57djNV42scTGntRPBlAlhk1yHQRU3Y4QaKqz%2FBYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8416e5f4db0-FRA
728x90.png
redcarpat.com/a/ Frame 7079 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcarpat.com/a/728x90.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
WwIpDV_THpmhOWIOgeg7VsMLk6b5x1Xa
date
Sat, 21 Oct 2023 08:16:27 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified
Fri, 11 Feb 2022 16:12:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
39702
etag
"cba20ee20997190b39756c05abd61f7f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36623
x-amz-cf-id
GsfHG-9dryTLTvWNPqsY2z_cRVfFUisRyO8j2Cb5uqdLwxQPyR1i_g==
300x250.png
redcarpat.com/a/ Frame CE4C 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcarpat.com/a/300x250.png
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69abb1b8af004cb630bbfd95a8986e30d78dd7256ce28afb7c03c455ab046d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
mgFQzrV8Di.90CBDODKoOYDWRvNqdQfe
date
Sat, 21 Oct 2023 08:16:06 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified
Fri, 11 Feb 2022 16:12:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
39722
etag
"3bf1905d88ab4fd345b3dcea31d90ce3"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10433
x-amz-cf-id
1et1B4XPbCa__ts6Il88sQgqbOOKyqPpXby_vhwVCz4f3fRWPrnzyQ==
prebid7.19.0.js
hb.adpone.com/ Frame E3D0 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=pecscfgrj&e=1802562599418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcjlwHph2BG%2FZFL0ZPQyQi9GAlLrPh4%2F%2BXyy8qAIbS4jYlJ25TIr9S85fezVgqfior%2F6XAS9ziqRSqtI0VlKBvNz21aSRh32ZLFnyvPNE8sliVAjqp4rWwAfCo2x5Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8419ea14db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A4BD 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=avjmwswqgq&e=1802562599418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIzSSst8SHGqDRrXqNcioBNyeKyL0sokMsJSAB%2Fk6DDCBQ2yZDa0kE3WoNsd1iGBqqceQrYxO0a55fobcw6u9EQOyw0lOUq72mIKlLg%2BYLx%2Bj1%2F2SxjsZStCvSf1OVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8419ea64db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 0EF5 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=xrosyxxu&e=1802562599418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAJWYj%2FxbKutJS5aE5ocLPord8YG076aZddIeu2BJlFRgG9xWssDZyt3vwGzZ3r40caQeTMJuCj8iH58F2ZKPqU%2BF0DD9nPYiMD3DHidDt01JTkEstkmWTzhoDhh5GE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd841bec44db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame DA3B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=rblooim&e=1802562599418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hADR0UkEChDajO%2FD4NXTyFtvG0wEPWymeNe2u0pD23v%2FRkGi719936NsbcbwpGcChwm18SKFUY1p7ExR%2Bgj8KlSLOIU0o%2FkKjzJu6rNb8%2Bn7Wfywf3QAySyevEWPH1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd841bece4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame DA91 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=gxzwcciqr&e=1802562599418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEq%2BACo4YrQOHDznZ%2BNRCmrMaASYaK02AXqjI%2FdDM%2B7vmKL334Dw%2FhEr1UYSnDWx%2FXg8ctCgF8h7ArWAI8LBk219DvUJ%2F3Qc1KHoKbXrQhoIhnr%2FtmC4D35kRKgkxQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd841cede4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 2838 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=raudxvide&e=1802562599418
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poZ%2FCy1jQg2N9iXk%2Fgs1BeTrWuw3zvWb%2B2tyO3zNRrKfjs%2BqDSMSWf%2BJ8gTYMGMOjfH5wQFDisdlqd3O18lyn4EKTKCQ%2BwIbf%2FiBY0%2BThU925bceDTrPGZLjLZpGxKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd841ceec4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7627 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=shunsfer&e=1345243651446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIoFPRzRTS3gxFm2S2FpUak7NRtVNqtPlok3nd4PlUGl2mEzZ14ISC7RA9OEAghVSsKod34jK86b%2BIHF0VdqP25IM2mvzDjAN1RCE8MpsJyvZdDxXoDDkYzqyagsOak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd841ff1e4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 587B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=kjqudpgv&e=1345243651446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioSPeZwBakKbYfHtw8yVzrxRBdrXX0vAv9yNyjkJ7lXeHvlpJ%2Brm%2F394t8DywsIJI6mQdgzg5ldRluMo5Vd6pUc1q3JZ2y2uvztsKvgLm1DVpTcZyIhvHSFDuAIyCgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd841ff2f4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 989B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=ssilkoqd&e=1345243651446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW2jEJ5mHNS0WH9OXzx3gkRg8W3ozc0K%2Fp3cBIhfSwwA36aXE6LKkIQKfPjD84KRnBmudTDep6KSwzDY9ia9dTHSEGl86fBdXRnpXNK2meV1%2FZoWeay0%2B%2Brar9SVEMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8420f4f4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 92AB 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=ktgxqvh&e=1345243651446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOr5kMer%2F3I4wY4vhpmzVFJv2991Ol8MmcaPgpkgxWEnURcly0M3G7kv77ZUvefmbwNtw4V9DwEYAOqZN2iG0jd%2BlOS4Tj9BbY89Cx7rCHYPqpgB%2Fh7D5Yx8Ln5b2fM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8420f524db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7551 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=xatcspih&e=1345243651446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:08 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVbJmxe4NUh6EY1J%2BMSERa3pqCWMSlPDpx%2Fd7TotdnXtQs8wT6oEl%2BXa%2Fn9nHGiBaAYto62eQ8lF99MOgqVf2v6CDepNToF%2F3wJbdWy5lnJmd1PRZZB8duxWRyY%2BvbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8420f534db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7411 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=hdxqure&e=1345243651446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEDgtRltI8xosoC8XSpioqQAdDfUTQdWP57qn7uR64KC5h2Y9o9cuOQPwoZEJJVDepG2vMxERiya7nn%2FagDLI5aHu11gErXx02ud19xGZgIELR4N8lfK48uQkl%2FCzpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8420f554db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 293F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=kolbmp&e=1345243651446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08JQjQqnTGgG0RhP1b9r0FeHz2WjtB%2BcvyxC2yCBXjp0mPJhphvrbO4LWaaknA7geBZAkQYT8ELmFdgKXPPfwvludgaa4pVapJv%2BiwlC4g5MtCZ%2FaZAGwI9Bqzl5SOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8421f6a4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 0D62 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=gwckeu&e=1300988650699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyIpiAYsdJnhT4qwAFtXTmzYmcYDZ%2Bd0YDttVNgAc70BA60YC1kdNNE9D9Q%2B3XXkHkvTyLYI8ebHSTUj3iNMRovCqT7sKlRq%2BEIsergvIAYTitIxm4B3vWMbfJ2eI4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8424fc14db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame BDD1 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=ejnpjn&e=1300988650699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBTkD6NT3tctGZmf%2FyiPW%2BP6KmqzzHPFQTOv2AKc6rXL4NTL6Okl9AIfwa76FZEt1zEORYSFiP%2FuTtu9UBLplt8wVe4xSWyTTjEZ2oyLLopxBom6iDurOql6y1ERee8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8425fcd4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 4B9D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=xfuyhilk&e=1300988650699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuB1lXT7W07XBZqkfxFb%2FEE9PMLLSUP67eUinVUrlVq1gki9V33q6cB%2BsdpJX4CsHB60zhhB8TBa5sv57AYThItHHHVEnyc2wGdTQa0jdXvv%2B9i3H7zcYzR7XxCbrIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8425fda4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame FC7A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=irrfacbl&e=1300988650699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHc2nfOgadp2r7jSy8pvS4azdH%2BmYrgLNBbhJIqYQQDkhfWzkkHx1N16ZGB79fL4W1qLEFQOT2e82cJBZ7f8KVjK%2Fk6zTUwGvNUnauUrAp6k1IgXLe2dU%2BtkNlTXF74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8425fdc4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 1E1F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=hyqqg&e=1300988650699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h8dBNFWoZf8Z0z%2FFQxl9Q71cKaPGjadT0kjULzi%2FmFJf6EHfo%2B9jqwpo0PUUWDjtoY2ky77c55WL2cGOj4QZk%2BQK%2FjLiFylY2gl3aT%2BgdlpFH%2BRhuBK2zyCRXuGxN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd8426ffc4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7F44 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=dwjoqaat&e=1300988650699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYMMO8%2BbWNrSp8SSbC1w7SYXJmI9uCZaKhVYg6dNRCi7OliCqK%2FkHsH18k4DWhcTORL3YLubTS1ZlRFWtdZbxxwT6xvauAe8hVtY0UkOAeHePiqTEJ2oSIoZENQJlRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd84268004db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 3D96 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=bqlsvgbfi&e=1300988650699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhz6lNhs8BLVAn9iO7NM9FfqXKQWs3dCkr4N01nPtqKXd6S8N5NYZnZWV%2BrL6LbmAvXlPt8gPVFac5kWI4oXJ5Qx8Bg95nRPMsB8txuwOyMYmdeQPtiIlTUOqmTBmTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd84278104db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 2E70 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=qhtwpsu&e=1723230783387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KLKV1k5%2BaUl%2BCP6N4BHG7jtpyRfBVbfzJ0hZckd6%2BJa2zBJ4uVNLekBd1jIh9yYbcvkvsuO8%2FxwqYxzKGbNLq%2FDH8kfVn3l1EvmcGNxZWNA7XEB7iQa0s7irdqyMSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd842882e4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 39B3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=wpdrzdzf&e=1723230783387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDjOlKye900NG6GUhpFU5U4T5VNkFN5LJOKDuF%2Fjr1aM1ARxBNGiX0MYYMxLH3Gux5EBaftrXbkpzBxDILOtRMtQ%2FxGxsm8vIv%2FUUUZ%2B6PI4ZKbN6O3hS6PV%2FlprW8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd842a8524db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame E304 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=zsfndsq&e=1723230783387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maMPYWbhlLhI2pyLFoiQdvUBnrTFdkIZG4KF28BVN3RnC4aM5Z%2BSqo5tU8KXs0JUeSZYenQYN5rt7W4S4yN1bZeycUWNrlKfOG9UNRNBmFKGrcAoUMNsvcl9NX1n%2BWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd842b8754db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 338E 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=cqpqntc&e=1723230783387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb1e1NiRNeMIY6hhq00QNniOfAxeLBSwNqyNye2IjN1Up4nx1hLaNxreuUwgO6%2BZ%2By1z0XphO9GXLBQQ0W3%2BSSrFkmV2nGG5ruVZba6K2MTMweEtUQOXvyyiDd8V1%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd842b8784db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7DCF 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=bwgfvd&e=1723230783387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFY8i9KBAtb9%2FQ7kmQFN5BzUO%2BxjpMcZAiLWJA5i8BCJW2XF50o0S3OBVsclUgWCxtOeX4EEBmPdNZrgly1pe0MPWwKIZg9U0i557ZcKRd1Y282NoMfBL4aU%2BzHXam0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd842c8884db0-FRA
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame CB98 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1220d6f0e954e8079d7d0da9af7f086b86d3692c106bd6d9f7bb38a4fb8c710b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:55:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1359
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23557
x-xss-protection
0
server
cafe
etag
1850745145916647609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 19:55:30 GMT
prebid7.19.0.js
hb.adpone.com/ Frame D891 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=dnvsuldd&e=1723230783387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1Zg14jjm0igxwM6w4ErcHjTHtPekYGF%2BBjT6odHaOV85MOSePgjSMws17otEMNttQOpCKthgBKFLs3TfSE75oLAlyxyd%2FzpDD27yzhPGxB1A682%2Fq%2Fai7JJ0%2BUrugI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd842c88a4db0-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 6A97 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sourserve.com
URL: https://sourserve.com/r/p.html?f=gjrndl&e=1723230783387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sourserve.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18GTFDJGMBFNTJ3B
age
4225
x-amz-server-side-encryption
AES256
x-amz-id-2
Wm4UCZBeN+V0rY+cMyrCbssC73zRdX196YsVwkcQzE9R6B625QM327Vg4WVzf6hTq8nGUHTOYmUELD8/S4vvDg==
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BonW08SJ54tYjEJYCzN92uTotHmbGdLW0y4p3%2BKkAsL6gj3y7z8Pqc9L8muNxFOGuflpS3BinNyKWTpskDh7M5gmh0Cr8bmWNgpoeL5myCaNqRRGLpbipkK2x75ozw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
819bd842f8ca4db0-FRA
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame 6E9E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
3975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Oct 2024 18:11:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB98 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=urind
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducumon.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CB98 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lo0fa50h&chm=1&e=21068133&ctx=2&qqid=CK_r18rth4IDFWgEVQgdakQKhw&met.4=fb.8~lb.pr~ol.11q~idt.1ub~dt.-3f&met.3=739.ps~736.r0_1~735.vf_1~740.wl_1~738.11p~113.1cg_5~112.1cf_6&met.1=1.lo0fa3o3~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~22.r7~23.r7&met.7=CBsQCDgB~CCIQBBgBIAkoCTA9ODRoCnA9eKwCsAEBuAED~CBsQCiAKOFs~CE0QChgBIAooCjCkAziaA2jfAnCSA3i-2AOAAZLWA4gBntsLsAEBuAED~CBsQBCBuODY~CBsQBCDwAjgV~CBsQBCD5AjgS~CBsQBCCHAzgS~CBsQBCCYAzgW~CBsQBCCnAzgX~CBsQBCC5AzgY~CBsQBCDMAzgR~CBsQBCDbAzgR~CCIQBBgBIJwHKJwHMOAHOERonQdw3wd4rAKwAQG4AQM~CCgQChgBIJ0LKJ0LMMALOCNooAtwvgt4sboBgAGFuAGIAaTsA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D949 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=2646248313903326&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame CB98 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR3XsQamma_K2MI7cVTJ3B8yOyvqSGfD1Vxed7FrJdSpE44pzOiq-JJyoxpPcbhf_76aFZK66Ip-aZDNJE67eC_xAzy-X4kjXX8UkpKog6Z_4TJXsDHGHbHDgJw1nU&sig=Cg0ArKJSzPHaoXyU1Y2YEAE&id=lidar2&mcvt=1021&p=730,436,820,1164&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4198062671&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697915887635&rpt=923&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 717C 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXrwiIIgPw33A8nY55KWxHxax7Z0hWpDWdxIFrMy_oNUdqBYBW2KZBG_KYJ1MvjgmnhY5n84IPowAe-tMg9oB5ysYOWeIvWHZ754NDkoYctDYgCaBS8_PFGUG9FJ26&sig=Cg0ArKJSzNdFjlKofsocEAE&id=lidar2&mcvt=1024&p=50,1440,654,1600&mtos=0,1024,1024,1024,1024&tos=0,1024,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=1747618850&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697915887599&rpt=933&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 19:18:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6E9E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oTBDiA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 19:18:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=2646248313903326&bg=!m5ilmNfNAAbDUgby41I7ADQBe5WfOMqAF9XsQgzVpoo0ZDodtPAlOSWTztijO2vI9f-9IygvhlORFROQhyixR6xdHtvoAgAAAG1SAAAABGgBB5kCyKEZ6VrAT-BljevXMAPJjZQhL56JPo3Ese2dYbVjKEDZRD9SKCBiaV8I2wGt-fTcGfeZWDrP3RLbV3YfsrX_BVFgEJGsVSrJ9EmHX0QyPMCzR0UnuTyyQVgfOAewb7j5o0HXiZusT2ZlihYWY7oTk9bPlGSQ0qK3wJY7q67TF0XQYduvSdwRXhE7LjPltZQZkeJDfRlIPsnZP48TMNnsMK_SwrwaBp6BeqU5u0mj01znlhRUAvSI6qLysWxoC7Rqn0y_foM7l2Vuzsj2rcG0e9B18WYPgaSSwqzUTin4QmOFXQ_SYjWTlkBKmJdx5JjTAPJGh5P__cQbgy9VlIoU7B_XAd9WNf0XK1ENEO3Fkw7unPdeHTfKMGyvt13BtnBX7a4YgweBNmV3GTc1rZ4pQYvbzODorDkWc7z8RqYeiL0YTSps4RtucJzzoQw756NSU_2aFyK43ta47i3quH5zpHCA2z-BVf-i_HhSRNIewYJU6qN6d6m7ivLu_U7s9PIU1otHBLsygTzuqaaTGMRcuMgh5Zaz_6Y2PeA4zyHMuTknxR4aGiAOs19H4wV0ffFHNopy0SRwhojj0f9jADI8BQwzLYZ1uBRjextbkx8A7JBi-Ejjxz0HVsPxT-NZDCfuuxZ6l6zqqv3Zo6B3fQMdRadgYR3iwebuoFWMZT6obIz9wi8hjxKgw8aIcPR88mhQgtFobfBsAy6JRH8cOA2bv7QNjP34SOKVTQ5KBRkXnWeKE40uaaBwxWtKeYHkZc1EfUn5r2Qq79YPfsoPfFiGggnOLU62xbksqV8LeRliJAQijwbNl2XLesm8IfLhVPuwVBXmE5kgMixHSBXdGVqXUbrK9Xrb1X8xZESxdM61ElUbtA3rVSKTpn7-OZCf5efhWUzjtlqQ553YVKYinp8FJpRgXR_YTtj6bTSnEvNn1KUj0HQvNZxxo9U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ducumon.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kvt.sddan.com
URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.ducumon.click%2F

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 undefined| $ function| jQuery object| googletag function| gtag object| dataLayer function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| generatepressMenu function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent_ab_test number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| leadplaceScript object| iframe object| tagsObject string| website object| notifyme object| headelement object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility116434 function| isEmpty function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| whatToLoad number| nugg_ab number| site_id string| pubstack_ab object| sublime string| sh object| _qevents boolean| moneycaching object| params number| nugg number| ra object| google_tag_manager object| google_tag_data object| gaGlobal object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| bliinkBid object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 undefined| Adcall_26328 undefined| Adcall_video object| pubstack_publica number| bidder_geo boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| intervalCounterNumberGPP2 number| sas_renderMode object| libJsLeadPlace function| mapperjs object| __core-js_shared__ undefined| bid undefined| vastUrl object| targetingParams function| quantserve function| __qc object| ezt object| _qoptions undefined| __gpp object| apntag object| _ADAGIO object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.ducumon.click/ Name: _ga
Value: GA1.1.759422412.1697915886
.ducumon.click/ Name: sharedid
Value: dcb218d4-9ad6-4cca-99d8-ef1368e39b8f
.ducumon.click/ Name: sharedid_cst
Value: zix7LPQsHA%3D%3D
.ducumon.click/ Name: cf_clearance
Value: Iiw5l0QResluwhgqb5r0ls9OpmkjJqkbahevUjlscaA-1697915886-0-1-227440cf.10f7646a.c0638d75-0.2.1697915886
.zeotap.com/ Name: zc
Value: cef4b7e5-a4dc-48fc-4343-5481452c5d12
.zeotap.com/ Name: zsc
Value: %12%18%1EW%3Bs%FF%C5%98%C2Ru%82~%A5%F4%B1d%96O%8A%914%5C%97%7D%A44%7B%C4%D6%95%D1p%15%DA%3D%F0%BEC%13%D60a%B5%A4%EB%A4%D5Nx%F7%84o%B0I%13%EB%14%07%26%ED%11%05j%D8%23Dqz%C4%ACJ%BEc%8DP%DE%A0K%C6%D2%E8
.doubleclick.net/ Name: IDE
Value: AHWqTUmdf2aN23EF1I5IFsiKoAr9QWH0OLlOxxGPlkLsOowr-1C8zkUAGWcBppkkqxU
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0
.quantserve.com/ Name: mc
Value: 653423ee-c3d53-16623-73493
.ducumon.click/ Name: __qca
Value: P0-1984166637-1697915886363
.script.ac/ Name: __cf_bm
Value: HmbE7JJcGMF1VHNDRryuwm55bDAWRejptclaMO0cKuA-1697915886-0-AW9BtKZwXIfzv7jEhRFHHq56AYeyoZY3AHZrUEZ2BtuUcGew81lslX3zBa4omPrj4jnYgEIzQBB31VNUbLyJ6Ls=
.ducumon.click/ Name: __gads
Value: ID=26f80e96eaf1abf9:T=1697915887:RT=1697915887:S=ALNI_Mb1s1UtCMFtQ8WHARF_gKVxlclfZA
.ducumon.click/ Name: __gpi
Value: UID=00000c9ecbc5d7dc:T=1697915887:RT=1697915887:S=ALNI_MY6M1KK-Ck6Rzq0RXTGlZPSPBBgcA
.ducumon.click/ Name: _ga_CE6CLHD4YS
Value: GS1.1.1697915885.1.0.1697915887.58.0.0

12 Console Messages

Source Level URL
Text
network error URL: https://p.cpx.to/p//px.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.ducumon.click/
Message:
Access to fetch at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.ducumon.click%2F' from origin 'https://www.ducumon.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.ducumon.click%2F
Message:
Failed to load resource: net::ERR_FAILED
rendering warning URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6857531697915887656
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=1062781697915887668
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
c.tmyzer.com
c3a094d68c64a115ab168d742bbb5105.safeframe.googlesyndication.com
cadmus.script.ac
ced.sascdn.com
cm.g.doubleclick.net
csi.gstatic.com
d2zur9cc2gf1tx.cloudfront.net
f3f6i6e3.stackpathcdn.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb.adpone.com
i.clean.gg
id5-sync.com
kvt.sddan.com
lb.eu-1-id5-sync.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.quantserve.com
redcarpat.com
region1.analytics.google.com
rules.quantcount.com
s.richaudience.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
sourserve.com
spl.zeotap.com
stats.g.doubleclick.net
tag.leadplace.fr
tpc.googlesyndication.com
www.ducumon.click
www.ducumon.me
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
kvt.sddan.com
104.18.22.145
104.26.10.25
104.26.8.169
108.138.26.100
141.95.33.111
142.250.181.225
142.250.184.234
142.250.185.163
142.250.185.234
142.250.185.66
142.250.185.98
142.250.186.66
145.239.193.51
151.139.128.10
157.90.0.13
162.19.138.119
172.217.16.196
172.217.18.8
172.217.23.99
172.67.13.182
176.123.8.49
178.250.1.11
18.245.86.127
18.66.97.52
188.114.96.3
195.181.175.16
2.21.20.197
216.239.32.3
216.239.32.36
2a00:1450:4001:803::2002
2a00:1450:4001:812::2001
2a00:1450:4001:82b::2002
2a06:98c1:3121::3
34.95.69.49
51.89.9.252
52.51.215.30
54.38.64.100
54.76.93.84
65.9.7.13
74.125.71.154
91.228.74.159
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0352843249492dc9728f7876c2a3a53f684d8986b9a1d642be6c6c0c8bddd910
06e7c4f208b93f15137c5c1ad9019de33d8e327a83ebfd4290cbba051b5c2c57
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
1220d6f0e954e8079d7d0da9af7f086b86d3692c106bd6d9f7bb38a4fb8c710b
1416d2d55555c0776970088090e663a408062b16844cf634e224fcdbad2a1e1f
1521f2d759e768e150c8a97787e1db7da9448e020e7043f48e7b305185b81486
1b46546de5ed581b4aa6578874bb92881395390c7d74e1ceff468b9052c97f91
1c9cc8e33a15d6f739e16ec44ae2cd8907a4ec6201386bf9cca6a85a53103168
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1df2e870b373f1bf5c660a65e0afc2c47226992fdec0b26db18aff14e9d3299b
223d3784ff0f0e572951390d5241d6c7b872e860ee25dfbafd3e355e5311e2a2
23dfc130690592628e49ebcc12e09d8ae6d348723ef059287e7aab3c74644dda
25991faafe00868ea75b21f51ae0ddcee3f2699cf43fcd46a11389f159728e2e
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
32bcaffa49c3e412d0afa347bb8156fcc499c8e2ddec9e46e7c8db4cc38e8d48
39d075a313a2b382bf94516b505dfbd88d715f73b8d3501dcc0155aba9ab6c7b
3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
425c6ae73940896fd84c7652151e1a60c3b29e8e656cc7d7b386dcd9f61a8e0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b98f5d269487ccc0de25f17e8b7ae79256c224577f25c2e65da23958db8262
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
4bfec0d9a1a3e8806adbb6f164d312aaed994cfff3a77bfef2d3cde0afd02405
4f61525c435935afe56cf850326d30eddbac45d82f9ec281cc2554eb570efff3
51ccf0ba6f97f7f8c16d0e51644aac50ea3ce3542b5d083486883562afbf9bee
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
69abb1b8af004cb630bbfd95a8986e30d78dd7256ce28afb7c03c455ab046d83
6a04f704f1ff8f018568020f67b9a9a4eb47a0c1029358b195de73feefd36153
76159e62f0aa757670084bcf637554ecbce058a98467688d5d3e94e6f022d537
7caa54994bc234081728919217a22e842db137df5d5a79edc873a610937aaa1d
7f14b1bbb96ebae107fd473e2e74e898ff3a581d456dafd74869579d535e071d
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
891b450bc9c1540873ef9d8e417573bebb8a04d5da713bfc5f269a1f4ffde175
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
950f655a868c39f7173600ccbd929d110d70112d82f8a8c7d2a9d60f1e7e546e
95b642f67cd22e16edcc8466f6de5cf0cf4a96549aad8979d9dfdf58536fdc82
9a21255c23eaa694a365e10945ca1aea90251a29b22f6f51ecac002baed61d04
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9f17a0e0b4bac694f53662982177c9babbfcc5d796ec49bd8b4e8cefdc29d495
9f241f89eccc5a13cf6da04c9fbd1269dc3a83d7666593058335adcddb3d004a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a182d18cf2ec941d4373ff2d94a061f3850b8e410ced4575bf49e9793395e16e
a6516e3bf5cce6b94373b396e8f25f1b7131650a1ab81d7c8f3b43a41a2887f3
a8c060c4a9505cccdb3e666a20a20ba916a5fc4fc2e89811f9cba6201058785a
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
b09569c29ce1eaff4d4b26f902188a7f679223d58a7f5d1e5f7b17aab6833c49
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
c2f8529c75efa15c93ff283ebb77a482e615b70d561660d2a5aad907e6b83279
c3e732a4b21b3e02eea9a23eb82bb50126a2770033aebce80989261b68717fd1
ca42da6f5b3fc320032216fbe1090164c9e7c292cc0832a803a54686f449e6ec
cc93c8d1b46bf5c9466ac32cdc5ecca43284f5d5125c5c27bcfea7931a5bbac0
cfb829354040f367c2c97ee3716d87f194c6d2a23ecfdd4901d7c22e3b8be3b6
d098cba4343ea4111852815ebe9dca7c79d69ca280b99825415448f380c2b4dd
d29b25c24dcd2e3ba46f1f95a42b9c5833ddb7b4344d53c92df9a5ae80dd8233
dd89cf79418dd8f1ccac4a620cc5e811fc843d0fae2b25d2de5f8d6d6c9814cb
df9ca32423498afe26bbacd130dffc45b66135771797b3db523892aa6004ef48
e28924b464e60c01146ae6e8d7c5cfdab768798a7ce6bca68892c7a3907fcc90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e420e5cf01c6bd4f0bd154a1fcc61b5d527773e1e24a8b3a1eac0a46e682259b
e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b
ed2cf15d31dbb39bec3e590eee1406f6d375c55dfdeceebb91081a4fd061f427
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c13c9ec23c030a7a840bada77ccbded32c09f830f3dc2981e8b59103671eb8
f28fdae33f8ef4ea1c515edc121c58a5d8117f6b69b7069b2029578313fcfb8d
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
fdccd47e2c21e3a03ded6e7259449ccc939283593a8925974cf0344a43b7c30b