urlscan.io logo urlscan.io
SecurityTrails logo

www.ducks.org Open in urlscan Pro
104.214.108.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portal.criticalimpact.com/go/1/ce7bd55de6db241aa6473c7b9fa19141/25997/300770c60462b25f/557cdccc131a3ed1a6473c7b9fa19141/25997
Effective URL: https://www.ducks.org/
Submission: On September 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 73 HTTP transactions. The main IP is 104.214.108.93, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.ducks.org.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 24th 2018. Valid for: 2 years.
This is the only time www.ducks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.167.225.41 174 (COGENT-174)
11 104.214.108.93 8075 (MICROSOFT...)
23 13.85.88.16 8075 (MICROSOFT...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:133... 15133 (EDGECAST)
2 2.18.68.218 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
3 6 172.217.16.134 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 2600:9000:20e... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
73 21
1    199.167.225.41 (United States)

ASN174 (COGENT-174, US)
PTR: portal.cisend.com
portal.criticalimpact.com
11    104.214.108.93 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.ducks.org
webapi.ducks.org
23    13.85.88.16 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
duckscdn.blob.core.windows.net
2    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
4    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
duazurecdn.azureedge.net
2    2.18.68.218 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-218.deploy.static.akamaitechnologies.com
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com
6    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
10231870.fls.doubleclick.net
5083104.fls.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:10c:4bb::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    2600:9000:20eb:1000:0:93e4:a640:93a1 (United States)

ASN16509 (AMAZON-02, US)
my.hellobar.com
2    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
23 duckscdn.blob.core.windows.net www.ducks.org
10 www.ducks.org www.ducks.org
7 www.google.com 1 redirects cse.google.com
www.ducks.org
4 10231870.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 duazurecdn.azureedge.net www.ducks.org
3 www.google.de www.ducks.org
2 5083104.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 px.ads.linkedin.com 1 redirects www.ducks.org
2 www.facebook.com www.ducks.org
2 googleads.g.doubleclick.net www.googleadservices.com
2 my.hellobar.com www.googletagmanager.com
my.hellobar.com
2 snap.licdn.com www.ducks.org
snap.licdn.com
2 connect.facebook.net www.ducks.org
connect.facebook.net
2 eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com www.ducks.org
2 cse.google.com www.ducks.org
www.google.com
2 ssl.google-analytics.com 1 redirects www.ducks.org
2 cdnjs.cloudflare.com www.ducks.org
1 fonts.googleapis.com my.hellobar.com
1 www.linkedin.com 1 redirects
1 clients1.google.com www.ducks.org
1 www.googleapis.com www.ducks.org
1 www.googleadservices.com www.googletagmanager.com
1 webapi.ducks.org www.ducks.org
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com www.ducks.org
1 portal.criticalimpact.com 1 redirects
73 26

This site contains links to these domains. Also see Links.

Domain
www.firstbankcard.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
Subject Issuer Validity Valid
*.ducks.org
DigiCert SHA2 Secure Server CA		 2018-10-24 -
2020-12-09		 2 years crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 5		 2020-07-18 -
2022-07-18		 2 years crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
*.ssl.cf1.rackcdn.com
DigiCert SHA2 Secure Server CA		 2020-04-19 -
2021-07-19		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.hellobar.com
DigiCert SHA2 Secure Server CA		 2017-10-26 -
2020-12-07		 3 years crt.sh
www.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh

This page contains 5 frames:

Primary Page: https://www.ducks.org/
Frame ID: B978D4F8A86500C4FE46C985FB39778B
Requests: 69 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/activityi;dc_pre=CLGF6fKv2-sCFZzLuwgd4CQNCQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 568A9DF3991E280658A197A4E082B623
Requests: 1 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/activityi;dc_pre=CMCJ6fKv2-sCFZTouwgdLKgGHw;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 7A0B887FCB50F3FB589DA0D9E1F5A571
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato
Frame ID: 6402F3D906375A7E01E6725E9B66CF27
Requests: 1 HTTP requests in this frame

Frame: https://5083104.fls.doubleclick.net/activityi;dc_pre=CI6Mk_Ov2-sCFbTMuwgdIYMCBw;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 1DE7041F6D2D93828E16EAC929B00625
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://portal.criticalimpact.com/go/1/ce7bd55de6db241aa6473c7b9fa19141/25997/300770c60462b25f/557cdccc131a3ed... HTTP 302
    https://www.ducks.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

73
Requests

100 %
HTTPS

75 %
IPv6

18
Domains

26
Subdomains

21
IPs

5
Countries

1463 kB
Transfer

3490 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portal.criticalimpact.com/go/1/ce7bd55de6db241aa6473c7b9fa19141/25997/300770c60462b25f/557cdccc131a3ed1a6473c7b9fa19141/25997 HTTP 302
    https://www.ducks.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=219661092&utmhn=www.ducks.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&utmhid=229086684&utmr=-&utmp=%2F&utmht=1599630476198&utmac=UA-171220-3&utmcc=__utma%3D1.1612228352.1599630476.1599630476.1599630476.1%3B%2B__utmz%3D1.1599630476.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=311024359&utmredir=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092&slf_rd=1&random=292544051
Request Chain 46
  • https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
  • https://10231870.fls.doubleclick.net/activityi;dc_pre=CLGF6fKv2-sCFZzLuwgd4CQNCQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
Request Chain 47
  • https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
  • https://10231870.fls.doubleclick.net/activityi;dc_pre=CMCJ6fKv2-sCFZTouwgdLKgGHw;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
Request Chain 67
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2F&time=1599630477061 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252F%26time%3D1599630477061%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2F&time=1599630477061&liSync=true
Request Chain 70
  • https://5083104.fls.doubleclick.net/activityi;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
  • https://5083104.fls.doubleclick.net/activityi;dc_pre=CI6Mk_Ov2-sCFbTMuwgdIYMCBw;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.ducks.org/
Redirect Chain
  • http://portal.criticalimpact.com/go/1/ce7bd55de6db241aa6473c7b9fa19141/25997/300770c60462b25f/557cdccc131a3ed1a6473c7b9fa19141/25997
  • https://www.ducks.org/
136 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc416162554f80ac06540999ec01f5cc2497c56365552381cbae2a84e6c78b4e

Request headers

Host
www.ducks.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
dnn_IsMobile=False; path=/; HttpOnly .ASPXANONYMOUS=YkmZVow26-52DSTn1GxAo9dUtVRCfHqrxBiqDll8-LxIc0KgcfM_QMILL88lO0SCdBtVwf8FcjE6DmWkeiwzEcaANs0YfUbfPmLmEYSCLurLHWRD0; expires=Tue, 17-Nov-2020 16:27:55 GMT; path=/; HttpOnly Analytics_VisitorId=864ad5af-d4ab-4740-9584-c1dca2b5de1a; expires=Fri, 09-Oct-2020 05:47:55 GMT; path=/; HttpOnly Analytics=SessionId=096452be-7e18-4770-a721-4325a892e69c&TabId=12861&ContentItemId=-1; expires=Wed, 09-Sep-2020 06:47:55 GMT; path=/; HttpOnly dnn_IsMobile=False; path=/; HttpOnly .ASPXANONYMOUS=YkmZVow26-52DSTn1GxAo9dUtVRCfHqrxBiqDll8-LxIc0KgcfM_QMILL88lO0SCdBtVwf8FcjE6DmWkeiwzEcaANs0YfUbfPmLmEYSCLurLHWRD0; expires=Tue, 17-Nov-2020 16:27:55 GMT; path=/; HttpOnly Analytics_VisitorId=864ad5af-d4ab-4740-9584-c1dca2b5de1a; expires=Fri, 09-Oct-2020 05:47:55 GMT; path=/; HttpOnly Analytics=SessionId=096452be-7e18-4770-a721-4325a892e69c&TabId=12861&ContentItemId=-1; expires=Wed, 09-Sep-2020 06:47:55 GMT; path=/; HttpOnly language=en-US; path=/; HttpOnly
DNNOutputCache
true
X-UA-Compatible
IE=10
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
Date
Wed, 09 Sep 2020 05:47:54 GMT
Content-Length
54794

Redirect headers

Date
Wed, 09 Sep 2020 05:47:54 GMT
Server
Apache/2.4.6 (CentOS)
Set-Cookie
JSESSIONIDTC1=91B2A866E31ED9A30B6F1B941D72A6FB; Path=/; HttpOnly; httpOnly cfid=ac8eb022-6a3c-4ca2-8ede-bec2671a751c;Path=/;Expires=Tue, 29-Sep-2020 07:25:58 UTC;HTTPOnly; httpOnly cftoken=0;Path=/;Expires=Tue, 29-Sep-2020 07:25:58 UTC;HTTPOnly; httpOnly CF_CLIENT_TPORTALCRITICALIMPACTCOM_LV=1599630474473;Path=/;Expires=Tue, 08-Dec-2020 05:47:54 UTC; httpOnly CF_CLIENT_TPORTALCRITICALIMPACTCOM_TC=1599630474473;Path=/;Expires=Tue, 08-Dec-2020 05:47:54 UTC; httpOnly CF_CLIENT_TPORTALCRITICALIMPACTCOM_HC=2;Path=/;Expires=Tue, 08-Dec-2020 05:47:54 UTC; httpOnly
location
https://www.ducks.org/
Content-Type
text/html;charset=UTF-8
Content-Length
0
Connection
close
DependencyHandler.axd
www.ducks.org/ 		285 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c064a84ebdf7187af09a9b38c79d598921a7566b679d547574a689d229400d5

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Sep 2020 05:24:51 GMT
ETag
"358278453c22dbcff82e9491c9a75cc3"
Access-Control-Allow-Methods
*
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=862615, s-maxage=862615
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
44189
Expires
Sat, 19 Sep 2020 05:24:51 GMT
DependencyHandler.axd
www.ducks.org/ 		451 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9saWJyYXJpZXMvalF1ZXJ5LzAxXzA5XzAxL2pxdWVyeS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktTWlncmF0ZS8wMV8wMl8wMS9qcXVlcnktbWlncmF0ZS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktVUkvMDFfMTFfMDMvanF1ZXJ5LXVpLmpzOw&t=Javascript&cdv=1346
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3cb488888e9ea75771482ea8d142de6a4b3846f7bc7e49a3b90b6c9f041cae3

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Sep 2020 05:18:26 GMT
ETag
"1543aa30ffe2174318651201bb1e859c"
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=862230, s-maxage=862230
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
117658
Expires
Sat, 19 Sep 2020 05:18:26 GMT
WebResource.axd
www.ducks.org/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/WebResource.axd?d=pynGkmcFUV30wkr0VxdaLepze5QkbZPFrxJ5iedrC6BgKY57PpfKNc0GycQ1&t=636996002731294402
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Jul 2019 02:24:33 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
6007
Expires
Thu, 09 Sep 2021 03:56:27 GMT
Telerik.Web.UI.WebResource.axd
www.ducks.org/ 		140 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ScriptManager_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a22727c22-244c-4537-8243-3c42cc5b20e2%3aea597d4b%3ab25378d2
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
70444fe7a3a0b50db2a0e01e060adbdbfd51294f3fca39be4ba0be287cd32a4d

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2013 00:00:00 GMT
Vary
User-Agent
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535603
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
35151
Expires
Thu, 09 Sep 2021 05:41:18 GMT
DependencyHandler.axd
www.ducks.org/ 		92 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1346
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3b2388c7bdb0a8647c2e64aa5dcc79d8e9b9cd21db20909f780e4c59c926072

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Sep 2020 05:24:51 GMT
ETag
"faf92ff8240d39c72a9a18049ff3871a"
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=862616, s-maxage=862616
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
29142
Expires
Sat, 19 Sep 2020 05:24:51 GMT
promo-blackout-duck-call.jpg
duckscdn.blob.core.windows.net/imagescontainer/_global/nav/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/nav/promo-blackout-duck-call.jpg?cb=2
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82360796214c966ec37d0458fcfb7764172df11a9af378bbc5b1ec47d064ae34

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Sat, 22 Aug 2020 00:16:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
vXGUEExywUf82wUZCmXPiQ==
ETag
"0x8D846309AC0C9B1"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
a730c3e3-f01e-0039-1d6c-8638cc000000
x-ms-version
2014-02-14
Content-Disposition
Accept-Ranges
bytes
Content-Length
10529
x-ms-lease-state
available
swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
546287
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2581
cf-request-id
0513011aaf0000074253b56200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
etag
"5eb03cf2-4d42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5cfe9e0aba790742-FRA
expires
Mon, 30 Aug 2021 05:47:55 GMT
swiper.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/ 		125 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1159592
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28876
cf-request-id
0513011abc0000074253b57200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
etag
"5eb03cf2-1f3be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5cfe9e0acaa40742-FRA
expires
Mon, 30 Aug 2021 05:47:55 GMT
RANDOM_NUMBER.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/ 		310 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/RANDOM_NUMBER.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aa4aeed15888d0492c0da8f53d0a63d6f764e62c3c2eeed63e1f4a1f98138ace

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:55 GMT
Last-Modified
Wed, 24 Apr 2019 13:07:01 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VS2DYk2NK9SNiP4V/wT+QA==
ETag
"0x8D6C8B5BDADE3B7"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
d2f90047-401e-0009-026c-8662e6000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
310
x-ms-lease-state
available
RANDOM_NUMBER.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/ 		310 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/RANDOM_NUMBER.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aa4aeed15888d0492c0da8f53d0a63d6f764e62c3c2eeed63e1f4a1f98138ace

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Wed, 24 Apr 2019 13:06:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VS2DYk2NK9SNiP4V/wT+QA==
ETag
"0x8D6C8B5B9AC4611"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
ea0733a9-201e-005d-7c6c-86886c000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
310
x-ms-lease-state
available
RANDOM_NUMBER.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/ 		310 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/RANDOM_NUMBER.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
50f5aa4a46fd19ef752911d901cb3c690d105830dd8697927b5df5b08b077246

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Wed, 24 Apr 2019 13:29:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
IX9gRD6PC78aW5mRT8alOQ==
ETag
"0x8D6C8B8D79399D9"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
f3611d16-e01e-00e1-4a6c-869f1d000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
310
x-ms-lease-state
available
eventsWidget.js
www.ducks.org/desktopmodules/eventsWidget/Resources/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/desktopmodules/eventsWidget/Resources/js/eventsWidget.js?cb=4
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
16300699cb373cc76b6b22028cf26604e7da058935c3bfce797b6dd9fa949c5a

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 19:19:31 GMT
Server
Microsoft-IIS/8.5
ETag
"de5ade46579ad51:0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
6978
X-UA-Compatible
IE=10
du-events.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/du-events.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e78bffe11218b54384d07c2bf3b7cf09107738cbefc0317d5f060254af3f5fad

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 19:33:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qP0LC25RwYVDzCdIWsLBNg==
ETag
"0x8D6C75970DEC74D"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
64a71cb8-a01e-002a-3c6c-860d2d000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
53039
x-ms-lease-state
available
home-efficiency.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/home-efficiency.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2970fdc26e24337b06018d4588a9ccdcd72b640bf08a94b7b756ed818ad53290

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:55 GMT
Last-Modified
Tue, 21 Apr 2020 15:44:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
rys3AtXy1WkiTuJr9QQeBw==
ETag
"0x8D7E60ADAB91D11"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
f760264c-f01e-00f5-216c-865c79000000
x-ms-version
2014-02-14
Content-Disposition
Accept-Ranges
bytes
Content-Length
32630
x-ms-lease-state
available
nav-where-we-work.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-where-we-work.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2ef621d5a0c7975941c11708248712f51cfacba9a2898639a44971f0a9870a3c

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 01:33:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
JTWyeOVnYYJ8Sog7X86JFg==
ETag
"0x8D6C6C2855FC096"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
d2f90072-401e-0009-246c-8662e6000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
27541
x-ms-lease-state
available
nav-waterfowl-id.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-waterfowl-id.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fb0626044a734779164531dd67d8ef78cc2ca9ed7c2fd255787e3881598c7939

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 01:29:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
7M3yz/pq2ZNcrI5gwuvx+g==
ETag
"0x8D6C6C1F553AC2F"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
a730c405-f01e-0039-356c-8638cc000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
23249
x-ms-lease-state
available
nav-du-magazine.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-du-magazine.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c419976ff2214161f1358b8ee6b0a844cd82217be7bfa1142c39d11e7ca3ce4a

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 01:38:16 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
+sPmcv6lpzS0p477RhFSdg==
ETag
"0x8D6C6C330F73045"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
f3611d45-e01e-00e1-736c-869f1d000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
23287
x-ms-lease-state
available
nav-prairie-experience.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-prairie-experience.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9d1ea69a68fd856aaad36b07ccd7f8ea3bac74b11297d870ec88036324c69d1e

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 15:00:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
D6qChPknyjDWo4x4fmCMJA==
ETag
"0x8D6C73354A47DE3"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
ea0733e5-201e-005d-2a6c-86886c000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
29060
x-ms-lease-state
available
nav-youth-programs.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-youth-programs.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b96bcc460ae20a0404e495da32a0ff1004e17c1d9cba06922ae187efc8b6350a

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 15:00:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
n7Qont7FPqwogOhCxvf1lg==
ETag
"0x8D6C73354A25A78"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
64a71d35-a01e-002a-2d6c-860d2d000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
32086
x-ms-lease-state
available
nav-mobile-apps.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-mobile-apps.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bbe00e43f262bed3419d7592a2321a7c6538278df6c47ca322697047cf7b0045

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 15:00:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
b66gAyx8WiIknd2t+GHtwA==
ETag
"0x8D6C733549BA213"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
a730c427-f01e-0039-506c-8638cc000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
27834
x-ms-lease-state
available
nav-visa.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-visa.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e9c9d74ac38ee8a1b5174bac730608b740ee04755fbc925a3872259e6628ae53

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 15:11:20 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
WT+vgXpubcRgkjoSve99eA==
ETag
"0x8D6C734C6CC6410"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
f7602679-f01e-00f5-486c-865c79000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
23240
x-ms-lease-state
available
nav-recipes.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-recipes.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6f84d73fb1ee367292b6e68b96ffb20e98dafaa64fbb5032b3fefd60ce8bc05e

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 15:12:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VgcMqQFJR3v7UksmD/cYEA==
ETag
"0x8D6C734F37F4D9C"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
f3611d90-e01e-00e1-3b6c-869f1d000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
31824
x-ms-lease-state
available
nav-dog-training.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-dog-training.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a3fdc72be5fb7b758a75640c4bf0b58333878b40a460b0ebd1bd392dbb91ec1

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 22 Apr 2019 15:14:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
943vtyg6vGc2yQZdpLg45g==
ETag
"0x8D6C73545F0B1EF"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
ea073433-201e-005d-6e6c-86886c000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
24986
x-ms-lease-state
available
ic_facebook.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		748 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_facebook.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
08a63ff052869fd7bc5c160e0fa136076500451675562f99f5cbba799498ad99

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 08 Jan 2018 19:41:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2kX1Bo5N5krR4GIUjZ85gA==
ETag
"0x8D556CFD4FAA918"
Vary
Origin
Content-Type
image/png
x-ms-request-id
d2f9008c-401e-0009-3a6c-8662e6000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
748
x-ms-lease-state
available
ic_twitter.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_twitter.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5e6da4379a25cc190a0ce4c38b816a8d20f20161d57825feb1adcec75cf539c5

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 08 Jan 2018 19:45:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
0LXFZWWY2yEbWHqRUbcrZA==
ETag
"0x8D556D05553CD44"
Vary
Origin
Content-Type
image/png
x-ms-request-id
64a71d70-a01e-002a-666c-860d2d000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
1052
x-ms-lease-state
available
ic_youtube.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_youtube.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
295a9a73e8b5839b4db4ed0b0e4784a058cb25ac2dd8bbcd59b062038e831708

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 08 Jan 2018 19:45:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
m1ZFKOk+KwvXcGe4ke5MLQ==
ETag
"0x8D556D058CD9A76"
Vary
Origin
Content-Type
image/png
x-ms-request-id
a730c44b-f01e-0039-6d6c-8638cc000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
1651
x-ms-lease-state
available
ic_instagram.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_instagram.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3e6bd1ed9d844e4f8aea6ada75aa9b5f16c9698de108d181d1f2db9de86047ea

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 08 Jan 2018 19:45:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
BrEjXway920P8TyB9Bq62A==
ETag
"0x8D556D0520B7BFD"
Vary
Origin
Content-Type
image/png
x-ms-request-id
f7602696-f01e-00f5-636c-865c79000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
1718
x-ms-lease-state
available
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
5041
date
Wed, 09 Sep 2020 04:23:55 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 09 Sep 2020 06:23:55 GMT
gtm.js
www.googletagmanager.com/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8529cc6b80c29f7452c44b65dcbfa712ca3f49ff00b07fe8e21d38ecdde6b330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:56 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32150
x-xss-protection
0
last-modified
Wed, 09 Sep 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Sep 2020 05:47:56 GMT
g-logo-vert-green.png
duckscdn.blob.core.windows.net/imagescontainer/_global/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/logos/g-logo-vert-green.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a81755bd2468f9738069c47b54e2d936d51cf482a3351c184c213d448ba9650

Request headers

Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:55 GMT
Content-MD5
p2gi8omVVGDWlcFL3R74dA==
x-ms-copy-progress
6023/6023
x-ms-copy-source
https://duckscdn.blob.core.windows.net/imagescontainer/_global%2Flogos%2Fg-logo-vert-green-orig.png?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-07-05T14%3A59%3A50Z&se=2018-07-06T15%3A14%3A50Z
x-ms-copy-status
success
Content-Length
6023
x-ms-lease-state
available
x-ms-lease-status
unlocked
Accept-Ranges
bytes
Last-Modified
Thu, 05 Jul 2018 15:14:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D5E28A0DB7F667"
Vary
Origin
Content-Type
image/png
x-ms-request-id
f760262f-f01e-00f5-096c-865c79000000
x-ms-version
2014-02-14
x-ms-copy-id
7207a82f-f543-4d77-8fd6-63f83dbc58ed
x-ms-copy-completion-time
Thu, 05 Jul 2018 15:14:50 GMT
glyphicons-halflings-regular.woff2
www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Origin
https://www.ducks.org
Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:56 GMT
Cache-Control
max-age=259200
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
1245
Content-Type
text/html
cse.js
cse.google.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
4b36892581aa11fd25e3e467bd8247e69ae5c65bf55942f51f57611fbea4dedc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:56 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2897
x-xss-protection
0
expires
Wed, 09 Sep 2020 05:47:56 GMT
1_FURTMAN_BWDBWT_154560csc1200x500.jpg
duazurecdn.azureedge.net/media-manager/20200908/1ceeae84-598b-46ab-830f-65ad9b0a79c9/992/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duazurecdn.azureedge.net/media-manager/20200908/1ceeae84-598b-46ab-830f-65ad9b0a79c9/992/1_FURTMAN_BWDBWT_154560csc1200x500.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FB7) /
Resource Hash
7beeb128f3e5f7efbba24e71f54646460ff8421a60ff34c9cc627aa1a15a110f

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Sep 2020 05:47:55 GMT
content-md5
w8JddJglOBIaBd4sByT2CQ==
age
33485
x-cache
HIT
status
200
content-length
50963
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 08 Sep 2020 17:59:35 GMT
server
ECAcc (frc/8FB7)
etag
"0x8D85420F2556254"
content-type
application/octet-stream
x-ms-request-id
300050d0-c01e-0090-2d1e-86ed24000000
x-ms-version
2014-02-14
accept-ranges
bytes
Home_Page_Banner-Blackout_Duck_Call.jpg
duazurecdn.azureedge.net/media-manager/20200821/c07cacdd-2e30-4d4a-be06-a408c8705dfd/992/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duazurecdn.azureedge.net/media-manager/20200821/c07cacdd-2e30-4d4a-be06-a408c8705dfd/992/Home_Page_Banner-Blackout_Duck_Call.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F72) /
Resource Hash
a93104589dbd2e6153628def4d4dee57d541618c4b36f3926df3a8dcdd21c76f

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Sep 2020 05:47:56 GMT
content-md5
9/E07oMjSjAPADmp7CWU+A==
age
341879
x-cache
HIT
status
200
content-length
32950
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 21 Aug 2020 14:48:16 GMT
server
ECAcc (frc/8F72)
etag
"0x8D845E13CABA00E"
content-type
application/octet-stream
x-ms-request-id
95cad8b6-b01e-00db-3350-83dcbe000000
x-ms-version
2014-02-14
accept-ranges
bytes
FURTMAN_BWDBWT_077763cs1200x500.jpg
duazurecdn.azureedge.net/media-manager/20200901/7f4d1d95-3c65-47d7-9ecc-3ad4efe4dc73/992/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duazurecdn.azureedge.net/media-manager/20200901/7f4d1d95-3c65-47d7-9ecc-3ad4efe4dc73/992/FURTMAN_BWDBWT_077763cs1200x500.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9c77b1929bdaed288e47ec08540cab13362719704ce2ce0c624ff3e079426958

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Sep 2020 05:47:55 GMT
content-md5
x+K3qkvZb0Sv4I+3+y9epw==
x-cache
HIT
status
200
content-length
60022
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 01 Sep 2020 15:17:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8D84E8A342442E1"
vary
Origin
content-type
application/octet-stream
x-ms-request-id
921338f2-101e-011e-2c6c-86e4d0000000
x-ms-version
2014-02-14
accept-ranges
bytes
Banner-Performance_Polo.jpg
duazurecdn.azureedge.net/media-manager/20200805/14b3cc7c-47c9-4276-8460-cdb3f1025701/992/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duazurecdn.azureedge.net/media-manager/20200805/14b3cc7c-47c9-4276-8460-cdb3f1025701/992/Banner-Performance_Polo.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDF) /
Resource Hash
4b46e9f8b20e6c9a58b0cfe53fc45c0f98388857f1b3891b3b0a44e345768046

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Sep 2020 05:47:56 GMT
content-md5
dq3Rm0LSfQ5BIuMfstQdcw==
age
488262
x-cache
HIT
status
200
content-length
44241
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 05 Aug 2020 15:13:24 GMT
server
ECAcc (frc/8FDF)
etag
"0x8D83952191A6A71"
content-type
application/octet-stream
x-ms-request-id
3ee67f52-701e-00ef-19fb-817316000000
x-ms-version
2014-02-14
accept-ranges
bytes
prev.png
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/prev.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.218 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9e20daf40299bc6c07fbc96ae8a09f1f0f7a8a2270970e20f200d6013c300597

Request headers

Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:57 GMT
X-Object-Meta-Cb-Modifiedtime
Sat, 02 Sep 2017 19:49:39 GMT
Last-Modified
Sat, 02 Sep 2017 19:50:59 GMT
X-Trans-Id
txc4ddfb5981024514b514c-005f586c8cdfw1
ETag
0fa1b9d67ddde96435eb29501b42b9be
Content-Type
image/png
X-Timestamp
1504381858.05993
Cache-Control
public, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3763
Expires
Wed, 09 Sep 2020 06:02:57 GMT
next.png
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/next.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.218 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
125b501f4bd9ae044debc9785c8300edb8181c66e3902426f1fa1905528a3d35

Request headers

Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:56 GMT
X-Object-Meta-Cb-Modifiedtime
Sat, 02 Sep 2017 19:50:45 GMT
Last-Modified
Sat, 02 Sep 2017 19:50:59 GMT
X-Trans-Id
tx09a4c3fee47c45f3beb31-005f586c8cdfw1
ETag
d96442fc852124d6c5027fd8c9df6db9
Content-Type
image/png
X-Timestamp
1504381858.07159
Cache-Control
public, max-age=849
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3641
Expires
Wed, 09 Sep 2020 06:02:05 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=219661092&utmhn=www.ducks.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=World%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092&slf_rd=1&random=292544051
42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092&slf_rd=1&random=292544051
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=1612228352.1599630476&jid=311024359&_v=5.7.2&z=219661092&slf_rd=1&random=292544051
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
glyphicons-halflings-regular.woff
www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Request headers

Origin
https://www.ducks.org
Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1346
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 31 Aug 2020 01:39:57 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"338e4a1377fd61:0"
Content-Type
font/x-woff
Cache-Control
max-age=259200
Accept-Ranges
bytes
Content-Length
23424
3
webapi.ducks.org/api/event/getupcomingnationaleventsforwidget/ 		887 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webapi.ducks.org/api/event/getupcomingnationaleventsforwidget/3
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9saWJyYXJpZXMvalF1ZXJ5LzAxXzA5XzAxL2pxdWVyeS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktTWlncmF0ZS8wMV8wMl8wMS9qcXVlcnktbWlncmF0ZS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktVUkvMDFfMTFfMDMvanF1ZXJ5LXVpLmpzOw&t=Javascript&cdv=1346
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0b3f885ee7b40f87e79f9bdfcf27874012da0ac572503fca2917eb324d4adeaf

Request headers

Accept
*/*
Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Sep 2020 05:47:56 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Length
887
Expires
-1
2.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/2.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0c7c9886090618c3b42851683948f513b7cff3863b90c25dda2fe97b893eefe

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:57 GMT
Last-Modified
Tue, 23 Apr 2019 14:12:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
xUxO2d3j08KLfi6mo0djIA==
ETag
"0x8D6C7F5BAB694C4"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
ea073479-201e-005d-2a6c-86886c000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
41239
x-ms-lease-state
available
2.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/2.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2f57f37bc6ee345a51c29c0e1a0fc8d77d0d10c1f18af5afd828a91ff30835e3

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:57 GMT
Last-Modified
Tue, 23 Apr 2019 19:20:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
HZTquMHO0Ah5wS0sEwuuig==
ETag
"0x8D6C820C6B0FEEE"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
f3611db7-e01e-00e1-5a6c-869f1d000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
29970
x-ms-lease-state
available
4.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/4.jpg
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4e9c2413f7da9f88c09990d054eef47559fb6ede9c05d4b1ce13a9b03c9edb3

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Tue, 23 Apr 2019 19:19:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
rQSmCV8oZJR292VTlq1CjA==
ETag
"0x8D6C820A82E6DE1"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
64a71d8f-a01e-002a-046c-860d2d000000
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
27810
x-ms-lease-state
available
ring.gif
www.ducks.org/desktopmodules/quizadmin/resources/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ducks.org/desktopmodules/quizadmin/resources/images/ring.gif
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
aa00caef81b45d8a9cbd1880e85c4012e75c2d5658dee646bb920645c087f4cd

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:56 GMT
Last-Modified
Mon, 14 May 2018 13:43:44 GMT
Server
Microsoft-IIS/8.5
ETag
"b8f36b9389ebd31:0"
Access-Control-Allow-Methods
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
23837
X-UA-Compatible
IE=10
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11311
x-xss-protection
0
server
cafe
etag
12833363978352728442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Sep 2020 05:47:56 GMT
activityi;dc_pre=CLGF6fKv2-sCFZzLuwgd4CQNCQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
10231870.fls.doubleclick.net/ Frame 568A
Redirect Chain
  • https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
  • https://10231870.fls.doubleclick.net/activityi;dc_pre=CLGF6fKv2-sCFZzLuwgd4CQNCQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10231870.fls.doubleclick.net/activityi;dc_pre=CLGF6fKv2-sCFZzLuwgd4CQNCQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10231870.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLGF6fKv2-sCFZzLuwgd4CQNCQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ducks.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 09 Sep 2020 05:47:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
387
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 09-Sep-2020 06:02:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 09 Sep 2020 05:47:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10231870.fls.doubleclick.net/activityi;dc_pre=CLGF6fKv2-sCFZzLuwgd4CQNCQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=2764894144004;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CMCJ6fKv2-sCFZTouwgdLKgGHw;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
10231870.fls.doubleclick.net/ Frame 7A0B
Redirect Chain
  • https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
  • https://10231870.fls.doubleclick.net/activityi;dc_pre=CMCJ6fKv2-sCFZTouwgdLKgGHw;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10231870.fls.doubleclick.net/activityi;dc_pre=CMCJ6fKv2-sCFZTouwgdLKgGHw;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10231870.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CMCJ6fKv2-sCFZTouwgdLKgGHw;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ducks.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 09 Sep 2020 05:47:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
388
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 09-Sep-2020 06:02:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 09 Sep 2020 05:47:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10231870.fls.doubleclick.net/activityi;dc_pre=CMCJ6fKv2-sCFZTouwgdLKgGHw;src=10231870;type=pagev0;cat=homep0;ord=1;num=3344118867615;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fbevents.js
connect.facebook.net/en_US/ 		135 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34302
x-xss-protection
0
pragma
public
x-fb-debug
SSeIKFtDIgXTCNd8M9fwTfnOF1Y/jpzQtto8DwmoKAHIo/vs0sdy8gLqxeEQLZek+U6kmcoUeYmqqQmKwTkmmA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 09 Sep 2020 05:47:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		964 B
759 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:4bb::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
b5840616d8bf9540bbe45a42f6841f92b78c70dabd3b8ee60abb51e79c47d5d6

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 20:41:55 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=12694
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
446
6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
my.hellobar.com/ 		52 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1000:0:93e4:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72d7795249e304f1ba1e96505806d7408567414719d4cfb3f1a72a97dffff87f

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:58 GMT
content-encoding
gzip
last-modified
Tue, 08 Sep 2020 12:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"01d2a7e36493fe3707c46ffd251f61e7"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
status
200
cache-control
must-revalidate, proxy-revalidate, max-age=86400, s-maxage=10
accept-ranges
bytes
content-length
8201
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-amz-cf-id
ArY7s1RCcmD1kyRAo8BFCQZeVP5IoJj-7a6eq_7Ao2CFMQjZppHmuw==
cse_element__en.js
www.google.com/cse/static/element/26b8d00a7c7a0812/ 		260 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/26b8d00a7c7a0812/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a59cb277854c7e55d027b3cc11095a241d8107ff7be5b345403453a3d16be1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 13:27:13 GMT
server
sffe
age
508966
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88400
x-xss-protection
0
expires
Fri, 03 Sep 2021 08:25:10 GMT
default+en.css
www.google.com/cse/static/element/26b8d00a7c7a0812/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/26b8d00a7c7a0812/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 18:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 13:27:13 GMT
server
sffe
age
126449
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8947
x-xss-protection
0
expires
Tue, 07 Sep 2021 18:40:27 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:38:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
age
544
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
expires
Wed, 09 Sep 2020 06:28:52 GMT
1431799027060769
connect.facebook.net/signals/config/ 		524 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1431799027060769?v=2.9.24&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb86f2640168b112589e84e40aa5425eaeb33d0afeedad6eee4bdce7dd992bda
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134850
x-xss-protection
0
pragma
public
x-fb-debug
tCGLAnkELS45SO+C2kgYn1FumA3NMrATSiFDNdVu9WoqwpbCxzGIKCZNtqltsh3yYh3gdIB76CqUnT5P6R4Ycw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 09 Sep 2020 05:47:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1040837785/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1040837785/?random=1599630476993&cv=9&fst=1599630476993&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b19648090729a3d6f8cb873e83b62a8ec226870a04692f84cf1dbe61937cf5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976631994/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976631994/?random=1599630476996&cv=9&fst=1599630476996&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
486daedad581c7cad9bab2fd2f2788bce0793d5df4ddc7ba1e78b47246fe6b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1024
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:4bb::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Sep 2020 05:47:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 20:29:41 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=12246
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
async-ads.js
cse.google.com/adsense/search/ 		182 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/26b8d00a7c7a0812/cse_element__en.js?usqp=CAI%3D
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37702ee17ce34e7941119f6a192f688d3fe460bfd8901cd7c281a19b6fa4616d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"11254694494293678903"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 09 Sep 2020 05:47:57 GMT
generate_204
www.googleapis.com/ 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 09 Sep 2020 05:47:57 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Sep 2020 11:04:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
age
153828
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
expires
Tue, 07 Sep 2021 11:04:09 GMT
generate_204
clients1.google.com/ 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 09 Sep 2020 05:47:57 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1431799027060769&ev=PageView&dl=https%3A%2F%2Fwww.ducks.org%2F&rl=&if=false&ts=1599630477044&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1599630477043.715006661&it=1599630476982&coo=false&rqm=GET
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 09 Sep 2020 05:47:57 GMT
/
www.google.com/pagead/1p-user-list/1040837785/ 		42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1040837785/?random=1599630476993&cv=9&fst=1599627600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=4245396242&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1040837785/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1040837785/?random=1599630476993&cv=9&fst=1599627600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=4245396242&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976631994/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976631994/?random=1599630476996&cv=9&fst=1599627600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=352974662&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/976631994/ 		42 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/976631994/?random=1599630476996&cv=9&fst=1599627600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=352974662&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Sep 2020 05:47:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2F&time=1599630477061
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252F%26time%3D1599630477061%26li...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2F&time=1599630477061&liSync=true
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2F&time=1599630477061&liSync=true
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:57 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
DHdnrnEHMxagTop9FSsAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
9m+/p3EHMxawj3BKSisAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: D3E67ACACCA048D590918DBE0F6D46E2 Ref B: FRAEDGE1409 Ref C: 2020-09-09T05:47:57Z
x-frame-options
sameorigin
date
Wed, 09 Sep 2020 05:47:57 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&url=https%3A%2F%2Fwww.ducks.org%2F&time=1599630477061&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
modules-v60.js
my.hellobar.com/ 		141 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.hellobar.com/modules-v60.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1000:0:93e4:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3661bde0404473b362b4ce5ac6ba980422e82714d808be044ebb59f9473c5a09

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Sep 2020 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 02 Sep 2020 12:23:32 GMT
server
AmazonS3
age
579925
etag
"2cf3d08858cdb0e5c4279c99ec59cafc"
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
must-revalidate, proxy-revalidate, max-age=31557600, s-maxage=31557600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
39874
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-amz-cf-id
aE5WHTL1JJ3WEfJgYJQ_U3pUon2uPXqBUNRAV8ry7Qde9BUEE4lYQQ==
css
fonts.googleapis.com/ Frame 6402 		767 B
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Sep 2020 05:41:57 GMT
server
ESF
date
Wed, 09 Sep 2020 05:47:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Sep 2020 05:47:57 GMT
activityi;dc_pre=CI6Mk_Ov2-sCFbTMuwgdIYMCBw;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F
5083104.fls.doubleclick.net/ Frame 1DE7
Redirect Chain
  • https://5083104.fls.doubleclick.net/activityi;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
  • https://5083104.fls.doubleclick.net/activityi;dc_pre=CI6Mk_Ov2-sCFbTMuwgdIYMCBw;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5083104.fls.doubleclick.net/activityi;dc_pre=CI6Mk_Ov2-sCFbTMuwgdIYMCBw;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5083104.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CI6Mk_Ov2-sCFbTMuwgdIYMCBw;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ducks.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk8vfkWx4mHXPKSPk240SFUYX88lz86VAPHkeT2wqJblarC4RgT6OY7gZP9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 09 Sep 2020 05:47:57 GMT
expires
Wed, 09 Sep 2020 05:47:57 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 09 Sep 2020 05:47:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5083104.fls.doubleclick.net/activityi;dc_pre=CI6Mk_Ov2-sCFbTMuwgdIYMCBw;src=5083104;type=gener0;cat=gener0;ord=6636233237038;gtm=2wg8q1;auiddc=1276951651.1599630477;~oref=https%3A%2F%2Fwww.ducks.org%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1431799027060769&ev=Microdata&dl=https%3A%2F%2Fwww.ducks.org%2F&rl=&if=false&ts=1599630478548&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtWorld%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1599630477043.715006661&it=1599630476982&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ducks.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 05:47:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 09 Sep 2020 05:47:58 GMT

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery number| analytics_page_startTime object| _gaq object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events string| dnnJscriptVersion string| DNN_HIGHLIGHT_COLOR string| COL_DELIMITER string| ROW_DELIMITER string| QUOTE_REPLACEMENT number| KEY_LEFT_ARROW number| KEY_UP_ARROW number| KEY_RIGHT_ARROW number| KEY_DOWN_ARROW number| KEY_RETURN number| KEY_ESCAPE object| $window number| vpw number| vph string| bp boolean| isInEdit boolean| isIpad boolean| isSportingDog boolean| isRecipes boolean| isMobile function| Init function| ImageRandomizer function| AttachHandlers function| DetectDevice function| IsDeviceIpad function| IsDeviceMobile function| IsInEditMode function| AnimateHeader function| SetMobileMenuHeight function| CreateRibbons function| GetBreakpoint function| SetGlobalNavActiveItem function| ThirdLevelMediaInit function| ScrollDirectionInit string| DNN_COL_DELIMITER string| DNN_ROW_DELIMITER boolean| __dnn_m_bPageLoaded function| __dnn_ClientAPIEnabled function| __dnn_Page_OnLoad function| __dnn_KeyDown function| __dnn_bodyscroll function| __dnn_setScrollTop function| __dnn_SetInitialFocus function| __dnn_CanReceiveFocus function| __dnn_ContainerMaxMin_OnClick function| __dnn_Help_OnClick function| __dnn_SectionMaxMin function| __dnn_enableDragDrop undefined| __dnn_oPrevSelPane undefined| __dnn_oPrevSelModule number| __dnn_dragEventCount function| __dnn_dragOver function| __dnn_dragComplete function| __dnn_MoveToPane function| __dnn_RefreshPanes undefined| __dnn_m_aryPanes undefined| __dnn_m_aryModules function| __dnn_Panes function| __dnn_Modules function| __dnn_getMostSelectedPane function| __dnn_getPaneControlIndex function| __dnn_Pane function| __dnn_PaneControl function| __dnn_ShowModalPage function| __dnncore object| dnncore object| jQuery19109326245204049235 object| dnn string| s object| dnnModal object| Modernizr number| width object| picturefillCFG function| picturefill object| dataLayer function| Swiper object| _gat object| gaGlobal object| swiperRhsDesktop object| swiperRhsMobile string| poe function| sliderDesktopInit function| sliderMobileInit string| googleApiKey object| ewObj object| swiperevents boolean| hasSlides function| EventWidget string| geoCodeCookieName object| geoOptions undefined| geoID function| GetLocation function| ShowPosition function| ShowPositionError function| GetStateFromLatLon function| IsPositionChanged function| CreateGeoCookie function| setCookie function| getCookie function| checkCookie string| remoteAddr string| webApiDomain object| specifiedStates boolean| isAutoDetect boolean| isExplicitState number| defaultEventCountParamDesktop number| defaultEventCountParamMobile boolean| isHovered function| mouseOverItem function| mouseOutItem function| mouseClickItem function| GetSvgItem object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids object| __gcse function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google object| closure_lm_868390 function| _googCsa number| nextSearchboxId function| lintrk boolean| _already_called_lintrk number| googleNDT_ number| _googCsaAlwaysHttps number| _googEnableTcf number| _googEnableQup number| _googLazyLoadingRootMargin number| _googTcfApiTimeout number| _googUspApiTimeout number| googleAltLoader function| bootstrap object| hellobarSiteSettings object| script function| hellobar

15 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 204=Yqu3kqOpoolp4GaNKmLHcHUZL38hEFMG5seLsMvgXhqKA8nOJWYiGqScSNzdv2DRci4eGK5mkUU96rYQcInCK629pSUEGLk_xiQpD9fjhJSs8KeegLsCMKazkAtFYcXzSGnMUQN4eDu1oKdznknmpmObrZcXiW8HAlbvatKZhE0
.ducks.org/ Name: _fbp
Value: fb.1.1599630477043.715006661
www.ducks.org/ Name: __utmb
Value: 1.1.10.1599630476
www.ducks.org/ Name: __utmc
Value: 1
www.ducks.org/ Name: __utma
Value: 1.1612228352.1599630476.1599630476.1599630476.1
www.ducks.org/ Name: Analytics
Value: SessionId=096452be-7e18-4770-a721-4325a892e69c&TabId=12861&ContentItemId=-1
www.ducks.org/ Name: __utmt
Value: 1
www.ducks.org/ Name: language
Value: en-US
www.ducks.org/ Name: Analytics_VisitorId
Value: 864ad5af-d4ab-4740-9584-c1dca2b5de1a
.google.com/ Name: 1P_JAR
Value: 2020-09-09-05
.doubleclick.net/ Name: IDE
Value: AHWqTUk8vfkWx4mHXPKSPk240SFUYX88lz86VAPHkeT2wqJblarC4RgT6OY7gZP9
www.ducks.org/ Name: __utmz
Value: 1.1599630476.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
www.ducks.org/ Name: .ASPXANONYMOUS
Value: YkmZVow26-52DSTn1GxAo9dUtVRCfHqrxBiqDll8-LxIc0KgcfM_QMILL88lO0SCdBtVwf8FcjE6DmWkeiwzEcaANs0YfUbfPmLmEYSCLurLHWRD0
.ducks.org/ Name: _gcl_au
Value: 1.1.1276951651.1599630477
www.ducks.org/ Name: dnn_IsMobile
Value: False

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1346(Line 33)
Message:
Width: 1600
console-api log URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1346(Line 32)
Message:
Creating ribbons.
console-api log URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1346(Line 39)
Message:
Setting active menu item.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10231870.fls.doubleclick.net
5083104.fls.doubleclick.net
cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
cse.google.com
duazurecdn.azureedge.net
duckscdn.blob.core.windows.net
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com
fonts.googleapis.com
googleads.g.doubleclick.net
my.hellobar.com
portal.criticalimpact.com
px.ads.linkedin.com
snap.licdn.com
ssl.google-analytics.com
stats.g.doubleclick.net
webapi.ducks.org
www.ducks.org
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagmanager.com
www.linkedin.com
104.214.108.93
13.85.88.16
172.217.16.134
172.217.18.98
199.167.225.41
2.18.68.218
2600:9000:20eb:1000:0:93e4:a640:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:4e6b
2620:1ec:21::14
2a00:1450:4001:809::200a
2a00:1450:4001:814::2002
2a00:1450:4001:814::2004
2a00:1450:4001:818::2003
2a00:1450:4001:818::2008
2a00:1450:4001:818::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:81e::200e
2a00:1450:400c:c06::9c
2a02:26f0:10c:4bb::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
08a63ff052869fd7bc5c160e0fa136076500451675562f99f5cbba799498ad99
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0b3f885ee7b40f87e79f9bdfcf27874012da0ac572503fca2917eb324d4adeaf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
125b501f4bd9ae044debc9785c8300edb8181c66e3902426f1fa1905528a3d35
16300699cb373cc76b6b22028cf26604e7da058935c3bfce797b6dd9fa949c5a
1c064a84ebdf7187af09a9b38c79d598921a7566b679d547574a689d229400d5
295a9a73e8b5839b4db4ed0b0e4784a058cb25ac2dd8bbcd59b062038e831708
2970fdc26e24337b06018d4588a9ccdcd72b640bf08a94b7b756ed818ad53290
2ef621d5a0c7975941c11708248712f51cfacba9a2898639a44971f0a9870a3c
2f57f37bc6ee345a51c29c0e1a0fc8d77d0d10c1f18af5afd828a91ff30835e3
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3661bde0404473b362b4ce5ac6ba980422e82714d808be044ebb59f9473c5a09
37702ee17ce34e7941119f6a192f688d3fe460bfd8901cd7c281a19b6fa4616d
3e6bd1ed9d844e4f8aea6ada75aa9b5f16c9698de108d181d1f2db9de86047ea
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
486daedad581c7cad9bab2fd2f2788bce0793d5df4ddc7ba1e78b47246fe6b21
4b36892581aa11fd25e3e467bd8247e69ae5c65bf55942f51f57611fbea4dedc
4b46e9f8b20e6c9a58b0cfe53fc45c0f98388857f1b3891b3b0a44e345768046
50f5aa4a46fd19ef752911d901cb3c690d105830dd8697927b5df5b08b077246
5e6da4379a25cc190a0ce4c38b816a8d20f20161d57825feb1adcec75cf539c5
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6f84d73fb1ee367292b6e68b96ffb20e98dafaa64fbb5032b3fefd60ce8bc05e
70444fe7a3a0b50db2a0e01e060adbdbfd51294f3fca39be4ba0be287cd32a4d
72d7795249e304f1ba1e96505806d7408567414719d4cfb3f1a72a97dffff87f
77a59cb277854c7e55d027b3cc11095a241d8107ff7be5b345403453a3d16be1
7beeb128f3e5f7efbba24e71f54646460ff8421a60ff34c9cc627aa1a15a110f
82360796214c966ec37d0458fcfb7764172df11a9af378bbc5b1ec47d064ae34
8529cc6b80c29f7452c44b65dcbfa712ca3f49ff00b07fe8e21d38ecdde6b330
8a3fdc72be5fb7b758a75640c4bf0b58333878b40a460b0ebd1bd392dbb91ec1
8a81755bd2468f9738069c47b54e2d936d51cf482a3351c184c213d448ba9650
8b2484fa9a9b136b9eb56c1d2b3bfdacd1c8970acf325585235aa35b16fc010a
9c77b1929bdaed288e47ec08540cab13362719704ce2ce0c624ff3e079426958
9d1ea69a68fd856aaad36b07ccd7f8ea3bac74b11297d870ec88036324c69d1e
9e20daf40299bc6c07fbc96ae8a09f1f0f7a8a2270970e20f200d6013c300597
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a93104589dbd2e6153628def4d4dee57d541618c4b36f3926df3a8dcdd21c76f
aa00caef81b45d8a9cbd1880e85c4012e75c2d5658dee646bb920645c087f4cd
aa4aeed15888d0492c0da8f53d0a63d6f764e62c3c2eeed63e1f4a1f98138ace
b19648090729a3d6f8cb873e83b62a8ec226870a04692f84cf1dbe61937cf5c7
b3b2388c7bdb0a8647c2e64aa5dcc79d8e9b9cd21db20909f780e4c59c926072
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
b5840616d8bf9540bbe45a42f6841f92b78c70dabd3b8ee60abb51e79c47d5d6
b96bcc460ae20a0404e495da32a0ff1004e17c1d9cba06922ae187efc8b6350a
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
bbe00e43f262bed3419d7592a2321a7c6538278df6c47ca322697047cf7b0045
c419976ff2214161f1358b8ee6b0a844cd82217be7bfa1142c39d11e7ca3ce4a
d0c7c9886090618c3b42851683948f513b7cff3863b90c25dda2fe97b893eefe
d3cb488888e9ea75771482ea8d142de6a4b3846f7bc7e49a3b90b6c9f041cae3
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e9c2413f7da9f88c09990d054eef47559fb6ede9c05d4b1ce13a9b03c9edb3
e78bffe11218b54384d07c2bf3b7cf09107738cbefc0317d5f060254af3f5fad
e9c9d74ac38ee8a1b5174bac730608b740ee04755fbc925a3872259e6628ae53
eb86f2640168b112589e84e40aa5425eaeb33d0afeedad6eee4bdce7dd992bda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb0626044a734779164531dd67d8ef78cc2ca9ed7c2fd255787e3881598c7939
fc416162554f80ac06540999ec01f5cc2497c56365552381cbae2a84e6c78b4e