URL: https://www.pluck-a-duck.com/duck-hunts/
Submission: On December 27 via api from US

Summary

This website contacted 20 IPs in 6 countries across 17 domains to perform 75 HTTP transactions. The main IP is 198.71.233.106, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is www.pluck-a-duck.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 16th 2019. Valid for: a year.
This is the only time www.pluck-a-duck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.71.233.106 26496 (AS-26496-...)
29 2a02:fe80:101... 30148 (SUCURI-SEC)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:205... 16509 (AMAZON-02)
4 52.8.115.137 16509 (AMAZON-02)
1 143.204.208.127 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 23.111.9.38 33438 (HIGHWINDS2)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 52.88.61.207 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2600:9000:214... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
75 20
Domain Requested by
29 secureservercdn.net www.pluck-a-duck.com
secureservercdn.net
10 connect.podium.com www.pluck-a-duck.com
connect.podium.com
8 mind-flayer.podium.com connect.podium.com
4 fonts.gstatic.com www.pluck-a-duck.com
4 fareharbor.com www.pluck-a-duck.com
fareharbor.com
3 assets.podium.com
3 connect.facebook.net www.pluck-a-duck.com
connect.facebook.net
2 www.facebook.com www.pluck-a-duck.com
2 cdn.mouseflow.com 1 redirects www.pluck-a-duck.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.google.com 1 redirects www.pluck-a-duck.com
2 fonts.googleapis.com www.pluck-a-duck.com
1 avatars.podium.com
1 www.google.de www.pluck-a-duck.com
1 stats.g.doubleclick.net 1 redirects
1 d2xcq4qphg1ge9.cloudfront.net www.pluck-a-duck.com
1 www.googletagmanager.com www.pluck-a-duck.com
1 fh-kit.com www.pluck-a-duck.com
1 maxcdn.bootstrapcdn.com www.pluck-a-duck.com
1 www.pluck-a-duck.com
75 20

This site contains links to these domains. Also see Links.

Domain
fareharbor.com
Subject Issuer Validity Valid
www.pluck-a-duck.com
Go Daddy Secure Certificate Authority - G2
2019-10-16 -
2020-10-16
a year crt.sh
secureservercdn.net
Let's Encrypt Authority X3
2019-12-03 -
2020-03-02
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-10 -
2020-10-09
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.podium.com
Amazon
2019-10-15 -
2020-11-15
a year crt.sh
fareharbor.com
Amazon
2019-10-23 -
2020-11-23
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-12-06 -
2020-03-05
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
www.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.mouseflow.com
COMODO RSA Domain Validation Secure Server CA
2017-04-25 -
2020-05-09
3 years crt.sh
www.google.de
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.pluck-a-duck.com/duck-hunts/
Frame ID: EBD0EEF9E792C926CA4088FF00A86588
Requests: 61 HTTP requests in this frame

Frame: https://fareharbor.com/embeds/cart/?u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
Frame ID: BB5825BACB33A15E93422048FCA75A25
Requests: 1 HTTP requests in this frame

Frame: https://fareharbor.com/embeds/calendar/pluckaduck/?full-items=yes&u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
Frame ID: 63BF12EBC52C4FB9F16FDF6AA86B22B4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d1977486.9516225988!2d-91.54934849506098!3d35.504166546764644!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xa0789cddb3279bc8!2sPluck-A-Duck%20Lodge!5e0!3m2!1sen!2sus!4v1568049643861!5m2!1sen!2sus
Frame ID: DE915A7E304DB9F436B6794B45DE0BBA
Requests: 1 HTTP requests in this frame

Frame: https://connect.podium.com/styles/reset.css
Frame ID: 52AD229CB5495BA0E42A0EE463A869F4
Requests: 2 HTTP requests in this frame

Frame: https://connect.podium.com/styles/reset.css
Frame ID: 14ADAC0BD7536B4B3F6FE2FD8D288931
Requests: 2 HTTP requests in this frame

Frame: https://connect.podium.com/styles/reset.css
Frame ID: 60460621B6F7504BE16A37A6B6FE6606
Requests: 3 HTTP requests in this frame

Frame: https://connect.podium.com/styles/reset.css
Frame ID: C4213343AE0AA05F2ED58F634C95EFFF
Requests: 5 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i
  • script /lightbox.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

75
Requests

100 %
HTTPS

75 %
IPv6

17
Domains

20
Subdomains

20
IPs

6
Countries

1987 kB
Transfer

4672 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9.js HTTP 301
  • https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9_eu.js
Request Chain 51
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=793555511&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F&ul=en-us&de=UTF-8&dt=Duck%20Hunts%20%7C%20Pluck-A-Duck%20Lodge&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1433631029&gjid=1405212499&cid=1510325970.1577461523&tid=UA-34063123-1&_gid=1861235886.1577461523&_r=1&gtm=2ouc61&z=805438105 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_gid=1861235886.1577461523&gjid=1405212499&_v=j79&z=805438105 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105&slf_rd=1&random=3690944939

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.pluck-a-duck.com/duck-hunts/
40 KB
10 KB
Document
General
Full URL
https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.106 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-106.ip.secureserver.net
Software
openresty /
Resource Hash
0f121f077faf50471f147e9e98167a479f12ebd5c5cf825372a22ed83fa38b1c
Security Headers
Name Value
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.pluck-a-duck.com
:scheme
https
:path
/duck-hunts/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
server
openresty
date
Fri, 27 Dec 2019 15:45:21 GMT
content-type
text/html; charset=UTF-8
content-length
10263
content-encoding
gzip
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
accept-ranges
bytes
age
618
vary
Accept-Encoding, User-Agent
x-cache
cached
x-cache-hit
HIT
x-backend
all_requests
style.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/css/dist/block-library/
40 KB
6 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
6163
x-xss-protection
1; mode=block
last-modified
Tue, 05 Nov 2019 22:06:04 GMT
server
nginx
cache-control
max-age=315360000
etag
"a1fb-596a0a3682b00-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sb-instagram.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/instagram-feed/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/instagram-feed/css/sb-instagram.min.css?ver=1.12.1&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
97af939acbc5ac48df9d3f461c83849d5eafee3557bdbe75372013148da8d5d9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
2396
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jul 2019 03:37:22 GMT
server
nginx
cache-control
max-age=315360000
etag
"333e-58dc418290080-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
nivo-lightbox.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/
5 KB
1 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/nivo-lightbox.min.css?ver=2.1.0&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
03cb807237aa856f32609d565a6ba551d0f1501e121bf93ec2206468ec40dd60
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
958
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 12:02:30 GMT
server
nginx
cache-control
max-age=315360000
etag
"126a-581d96ec76180-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
default.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/themes/default/
3 KB
1 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/themes/default/default.css?ver=2.1.0&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
fffd052be112c4f900919c55d9fe90e138594b8567a448ae433ef82227f9c62d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
816
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 12:02:30 GMT
server
nginx
cache-control
max-age=315360000
etag
"b0d-581d96ec76180-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-options.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/widget-options/assets/css/
1010 B
656 B
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/widget-options/assets/css/widget-options.css?time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
270
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2019 15:57:13 GMT
server
nginx
cache-control
max-age=315360000
etag
"3f2-58aa9c46ae840-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/
701 KB
72 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/style.css?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
93fbfa7dfb5327b1a49c19630843ac9aaad1707151f24e5cb165cef12aea2424
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
72920
x-xss-protection
1; mode=block
last-modified
Wed, 09 Oct 2019 23:21:10 GMT
server
nginx
cache-control
max-age=315360000
etag
"af28f-594828a486cbd-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/
24 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 27 Dec 2019 15:45:21 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 27 Dec 2019 15:45:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 27 Dec 2019 15:45:21 GMT
style.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/DiviChild/
2 KB
646 B
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/DiviChild/style.css?ver=3.26.3&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
9ae5e48a8fc471786854e0630f109d08c0cdf21808f94ddb2c75daf075093efa
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
261
x-xss-protection
1; mode=block
last-modified
Tue, 15 Oct 2019 22:37:45 GMT
server
nginx
cache-control
max-age=315360000
etag
"68a-594faa214f3ed-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fh-kit.com/buttons/v2/
228 KB
19 KB
Stylesheet
General
Full URL
https://fh-kit.com/buttons/v2/?orange=f09719
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:820 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69fd68d4233a0c8733c0f1d26d0c1ebda9aaebfc72068ec3904cda8d5ce8dd0b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
last-modified
Mon, 23 Dec 2019 07:08:15 GMT
server
cloudflare
etag
W/"c33ffc07cb82fa7d7d4078560b2be2ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-fh-sites-appserver
sites-production-kitservers-a-0
content-type
text/css;charset=UTF-8
status
200
x-scss-cache
true
cf-ray
54bc6bcd78606461-FRA
tablepress-combined.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/
6 KB
3 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/tablepress-combined.min.css?ver=7&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
006398cc82fdeb956ce5829ef9d1e96a4bdb8e8e454357737a658289114522d7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
2782
x-xss-protection
1; mode=block
last-modified
Fri, 19 Apr 2019 09:40:34 GMT
server
nginx
cache-control
max-age=315360000
etag
"17f2-586dee9078880-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
dashicons.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/css/
46 KB
28 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/css/dashicons.min.css?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
28481
x-xss-protection
1; mode=block
last-modified
Wed, 15 May 2019 16:08:57 GMT
server
nginx
cache-control
max-age=315360000
etag
"b9c6-588ef5dded840-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tablepress-responsive.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/tablepress-responsive-tables/
5 KB
1 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/tablepress-responsive-tables/tablepress-responsive.min.css?ver=1.1&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
4ee3a46c7e627f7d03216cb93719a12739500bb7600c34bea9a8d30947629d59
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
669
x-xss-protection
1; mode=block
last-modified
Mon, 31 Jul 2017 14:36:30 GMT
server
nginx
cache-control
max-age=315360000
etag
"139c-5559df4de7780-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
33776
x-xss-protection
1; mode=block
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
nginx
cache-control
max-age=315360000
etag
"17a69-5890dc7401880-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
4014
x-xss-protection
1; mode=block
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
cache-control
max-age=315360000
etag
"2748-5333ff613c400-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
nivo-lightbox.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/
8 KB
3 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/nivo-lightbox.min.js?ver=2.1.0&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
2277
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 12:02:30 GMT
server
nginx
cache-control
max-age=315360000
etag
"1ea3-581d96ec76180-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
infinite-scroll.pkgd.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/
25 KB
7 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
16dfd97ce7080f706ab99b1d8d407a7d8a607160dc785bcf9217fc6b7c543424
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
6941
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 12:02:30 GMT
server
nginx
cache-control
max-age=315360000
etag
"63b1-581d96ec76180-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
front.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/js/
25 KB
6 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.1.0&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
7b590c659e185eea4128e5014d0d47ee569f1d5ac5a3f13fc842eb3e32f11f8f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
5550
x-xss-protection
1; mode=block
last-modified
Thu, 14 Feb 2019 12:02:30 GMT
server
nginx
cache-control
max-age=315360000
etag
"6492-581d96ec76180-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
73 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-34063123-1
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b9710af8338002657e41f95ca4b3230620ee4f5b634fd49538a09abff367997
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
br
last-modified
Fri, 27 Dec 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27813
x-xss-protection
0
expires
Fri, 27 Dec 2019 15:45:21 GMT
css
fonts.googleapis.com/
895 B
464 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Kaushan+Script&display=swap
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
856481a6aa5b2680185bb1781faad70e008bc52e29357dcd4ce437684b8b694c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 27 Dec 2019 15:45:21 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 27 Dec 2019 15:45:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 27 Dec 2019 15:45:21 GMT
et-divi-customizer-global-15717652887035.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/cache/et/global/
6 KB
2 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/cache/et/global/et-divi-customizer-global-15717652887035.min.css
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
0b8396fe547e788e635527ec83f22991f9c342bc541308a4a0042ae3c0acf09b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
1237
x-xss-protection
1; mode=block
last-modified
Tue, 22 Oct 2019 17:28:09 GMT
server
nginx
cache-control
max-age=315360000
etag
"1730-595831fbdd4e1-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
et-core-unified-15717672115786.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/cache/et/1461/
4 KB
1 KB
Stylesheet
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/cache/et/1461/et-core-unified-15717672115786.min.css
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
4c9206b54656256361147be4115c2e24a94fce825f37b5d47715942a1dafc4d3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
89046
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
681
x-xss-protection
1; mode=block
last-modified
Tue, 22 Oct 2019 18:00:12 GMT
server
nginx
cache-control
max-age=315360000
etag
"106b-59583925e4b1f-gzip"
strict-transport-security
max-age=300
content-type
text/css
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
pluck-a-duck-logo.png
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/10/
79 KB
79 KB
Image
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/10/pluck-a-duck-logo.png
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
cc24d9b06905c5ebc3e14d0a57d62fd20dee67f153639b296929d73dee04641d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
80587
x-xss-protection
1; mode=block
last-modified
Wed, 09 Oct 2019 23:36:10 GMT
server
nginx
cache-control
max-age=315360000
etag
"13acb-59482bff84b9e"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
duck-hunting-in-arkansas-300x160.jpg
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/06/
20 KB
21 KB
Image
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/06/duck-hunting-in-arkansas-300x160.jpg
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
74adb490a877cc15e0a6d0adc6d0e6bffc0462c1de37cb99ad103663af6a296c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
74616
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
20840
x-xss-protection
1; mode=block
last-modified
Wed, 26 Jun 2019 14:45:35 GMT
server
nginx
cache-control
max-age=315360000
etag
"5168-58c3b191021c0"
strict-transport-security
max-age=300
content-type
image/jpeg
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
785E1765-AF8F-43F1-8CD5-41ABAE7A7DA0-300x225.jpeg
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/05/
27 KB
27 KB
Image
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/05/785E1765-AF8F-43F1-8CD5-41ABAE7A7DA0-300x225.jpeg
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
be95ee2038d07c32b9ff21c3284d47c19ff7129e90f2f25a0f96663cbee4ecca
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
92001
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
27293
x-xss-protection
1; mode=block
last-modified
Sun, 26 May 2019 21:23:16 GMT
server
nginx
cache-control
max-age=315360000
etag
"6a9d-589d10a357900"
strict-transport-security
max-age=300
content-type
image/jpeg
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
43D30B3E-6017-47FD-B334-6E2AD446A6FE-300x211.jpeg
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/05/
23 KB
23 KB
Image
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/05/43D30B3E-6017-47FD-B334-6E2AD446A6FE-300x211.jpeg
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
a9e94833815b622b7c62cbde72a3c14586b45c1ec7950e991831153477b6adce
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
74616
x-cache
cached
status
200
x-sucuri-cache
MISS
content-length
23592
x-xss-protection
1; mode=block
last-modified
Sun, 26 May 2019 04:12:47 GMT
server
nginx
cache-control
max-age=315360000
etag
"5c28-589c2a4e9cdc0"
strict-transport-security
max-age=300
content-type
image/jpeg
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget.js
connect.podium.com/
575 B
672 B
Script
General
Full URL
https://connect.podium.com/widget.js
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3458486489eeb3606df97e3ff5dc1d9a91bdc76a28b913cae6e7f5a6329e1855

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:37:49 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:42 GMT
server
AmazonS3
age
453
etag
"fa7ad2b818f1fd51f08244ae9f08a063"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
content-length
320
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
eym0WcVZlc7n-_EtKRDVrnGgf1yLwimjrc15DNvOWHC-7x5_4paVkw==
/
fareharbor.com/embeds/script/calendar/pluckaduck/
21 KB
7 KB
Script
General
Full URL
https://fareharbor.com/embeds/script/calendar/pluckaduck/?fallback=simple&full-items=yes
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.115.137 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-8-115-137.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af55b54e6fb342bae213c5bab5f09d3ec57be10fd0f2fdb9f6b1c6e7a5571070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-fh-appserver
production-appservers-b-4
x-fh-loadbalancer
production-loadbalancers-b-0
content-security-policy-report-only
default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com; object-src 'none'; report-uri /csp-report/
p3p
CP="This is not a P3P policy."
status
200
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-amzn-trace-id
Root=1-5e062711-44053760d258946a04e73db4
vary
Accept-Encoding, Cookie
content-language
en-us
cache-control
no-cache, must-revalidate
content-type
text/javascript; charset=utf-8
expires
Fri, 27 Dec 2019 15:45:20 GMT
/
fareharbor.com/embeds/api/v1/
21 KB
7 KB
Script
General
Full URL
https://fareharbor.com/embeds/api/v1/?autolightframe=yes
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.115.137 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-8-115-137.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
937ea91a15942209923f2ae9ea6d9114a978c85c4f531dd7074f59b66c575bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-fh-appserver
production-appservers-a-1
x-fh-loadbalancer
production-loadbalancers-a-0
content-security-policy-report-only
default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com; object-src 'none'; report-uri /csp-report/
p3p
CP="This is not a P3P policy."
status
200
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-amzn-trace-id
Root=1-5e062711-03fadf72aff09f58ae5ff21a
vary
Accept-Encoding, Cookie
content-language
en-us
cache-control
no-cache, must-revalidate
content-type
text/javascript; charset=utf-8
expires
Fri, 27 Dec 2019 15:45:20 GMT
sb-instagram.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/instagram-feed/js/
99 KB
18 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/instagram-feed/js/sb-instagram.min.js?ver=1.12.1&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
556539a94582edc4064ee6830f3c2d902d6034626594ca53def5e135f8b15759
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
17610
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jul 2019 03:37:22 GMT
server
nginx
cache-control
max-age=315360000
etag
"18ab6-58dc418290080-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
iframeResizer.min.js
d2xcq4qphg1ge9.cloudfront.net/javascript/responsive_embed/20150624/
8 KB
8 KB
Script
General
Full URL
https://d2xcq4qphg1ge9.cloudfront.net/javascript/responsive_embed/20150624/iframeResizer.min.js?ver=8976338fafb1e506cd371326f9a699ab
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-127.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d188ce0e476bf4994827347d4433fec168619bb7eb2adf13aaec6fced0caf7eb

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Dec 2019 19:50:01 GMT
Via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
Last-Modified
Wed, 24 Jun 2015 18:13:31 GMT
Server
AmazonS3
Age
71721
ETag
"3a2d3465a2a22022b9efa891618554c6"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8209
X-Amz-Cf-Id
HG-gx6pObke5Kr4Pkiijzwu0K9dw5ZKVgGQhZWgTiXDnUq5i4MQkLg==
shortstack-for-wp.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/shortstack-for-wp/public/js/
326 B
630 B
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/shortstack-for-wp/public/js/shortstack-for-wp.js?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
281e59760f2788262969e8ba7ba2fb9270fa10b7f7bfa020cc81dc16f0fa8d6d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
235
x-xss-protection
1; mode=block
last-modified
Tue, 03 Apr 2018 16:05:42 GMT
server
nginx
cache-control
max-age=315360000
etag
"146-568f3e0d5c180-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/js/
266 KB
62 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/js/custom.min.js?ver=3.26.3&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
a82d4f70aa50c4d00557c3f314259be8e49173553c5cf8fc5edb7add6e07014d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
63324
x-xss-protection
1; mode=block
last-modified
Wed, 09 Oct 2019 23:21:06 GMT
server
nginx
cache-control
max-age=315360000
etag
"4291b-594828a0c96ec-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/core/admin/js/
1 KB
972 B
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/core/admin/js/common.js?ver=3.26.3&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
577
x-xss-protection
1; mode=block
last-modified
Wed, 09 Oct 2019 23:21:09 GMT
server
nginx
cache-control
max-age=315360000
etag
"550-594828a402a6d-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
740
x-xss-protection
1; mode=block
last-modified
Sat, 05 Oct 2019 19:49:10 GMT
server
nginx
cache-control
max-age=315360000
etag
"577-5942f1cbbd980-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68770
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
4626
x-xss-protection
1; mode=block
last-modified
Tue, 05 Nov 2019 22:16:02 GMT
server
nginx
cache-control
max-age=315360000
etag
"362a-596a0c70cec80-gzip"
strict-transport-security
max-age=300
content-type
application/javascript
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
tzL5/53CYwYP8UQvUk8Jniyu3WUVzeo4OGYewDsX+VgQvWX4PeSoYiTdv4x+GcNZvaUjCmNuFy0saaQY11EZUw==
x-fb-trip-id
420120009
date
Fri, 27 Dec 2019 15:45:22 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin
https://www.pluck-a-duck.com

Response headers

date
Fri, 20 Dec 2019 05:36:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
641335
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Sat, 19 Dec 2020 05:36:27 GMT
modules.ttf
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/core/admin/fonts/
90 KB
91 KB
Font
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/style.css?ver=8976338fafb1e506cd371326f9a699ab&time=1571764671
Origin
https://www.pluck-a-duck.com

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
x-content-type-options
nosniff
x-cacheable
YES:Forced
x-backend
all_requests
age
82884
x-cache
cached
status
200
x-sucuri-cache
MISS
vary
User-Agent
content-length
92400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Oct 2019 23:21:09 GMT
server
nginx
cache-control
max-age=315360000
etag
"168f0-594828a418cdf"
strict-transport-security
max-age=300
content-type
font/ttf
access-control-allow-origin
*
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin
https://www.pluck-a-duck.com

Response headers

date
Wed, 20 Nov 2019 01:09:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
3249371
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:09:11 GMT
vm8vdRfvXFLG3OLnsO15WYS5DG74wNJVMJ8b.woff2
fonts.gstatic.com/s/kaushanscript/v8/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/kaushanscript/v8/vm8vdRfvXFLG3OLnsO15WYS5DG74wNJVMJ8b.woff2
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1929dab7d2cb32760115d8f0ae635b45c22e8329cbb224b149c81bd9b752f51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Kaushan+Script&display=swap
Origin
https://www.pluck-a-duck.com

Response headers

date
Fri, 20 Dec 2019 03:34:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:52:15 GMT
server
sffe
age
648677
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
23792
x-xss-protection
0
expires
Sat, 19 Dec 2020 03:34:05 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin
https://www.pluck-a-duck.com

Response headers

date
Wed, 20 Nov 2019 01:28:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
3248199
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:28:43 GMT
/
fareharbor.com/embeds/cart/ Frame BB58
0
0
Document
General
Full URL
https://fareharbor.com/embeds/cart/?u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/script/calendar/pluckaduck/?fallback=simple&full-items=yes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.115.137 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-8-115-137.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fareharbor.com
:scheme
https
:path
/embeds/cart/?u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.pluck-a-duck.com/duck-hunts/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pluck-a-duck.com/duck-hunts/

Response headers

status
200
date
Fri, 27 Dec 2019 15:45:22 GMT
content-type
text/html; charset=utf-8
server
nginx
vary
Accept-Encoding Cookie
x-amzn-trace-id
Root=1-5e062712-801e4a108e8f25bed9012024
p3p
CP="This is not a P3P policy."
content-language
en-us
set-cookie
csrftoken=49HSiTBwj1On7l1vjGLHL38YJIwitBuY; expires=Fri, 25-Dec-2020 15:45:22 GMT; Max-Age=31449600; Path=/; secure
expires
Fri, 27 Dec 2019 15:45:21 GMT
cache-control
no-cache must-revalidate
x-fh-appserver
production-appservers-a-1
content-encoding
gzip
x-fh-loadbalancer
production-loadbalancers-b-0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy-report-only
default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com; object-src 'none'; report-uri /csp-report/
/
fareharbor.com/embeds/calendar/pluckaduck/ Frame 63BF
0
0
Document
General
Full URL
https://fareharbor.com/embeds/calendar/pluckaduck/?full-items=yes&u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/script/calendar/pluckaduck/?fallback=simple&full-items=yes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.115.137 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-8-115-137.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fareharbor.com
:scheme
https
:path
/embeds/calendar/pluckaduck/?full-items=yes&u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.pluck-a-duck.com/duck-hunts/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pluck-a-duck.com/duck-hunts/

Response headers

status
200
date
Fri, 27 Dec 2019 15:45:22 GMT
content-type
text/html; charset=utf-8
server
nginx
vary
Accept-Encoding Cookie
x-amzn-trace-id
Root=1-5e062712-1d92d4806a453154177df900
p3p
CP="This is not a P3P policy."
content-language
en-us
set-cookie
csrftoken=TLHIAIvzVqJO5b6YumP8xDL9NWsSafwq; expires=Fri, 25-Dec-2020 15:45:22 GMT; Max-Age=31449600; Path=/; secure fh-units-language=en-us; Path=/ fh-preview-language=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ fh-target-language=en-us; Path=/ fh-content-language=en-us; Path=/
expires
Fri, 27 Dec 2019 15:45:21 GMT
cache-control
no-cache must-revalidate
x-fh-appserver
production-appservers-a-7
content-encoding
gzip
x-fh-loadbalancer
production-loadbalancers-a-0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy-report-only
default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com; object-src 'none'; report-uri /csp-report/
embed
www.google.com/maps/ Frame DE91
0
0
Document
General
Full URL
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d1977486.9516225988!2d-91.54934849506098!3d35.504166546764644!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xa0789cddb3279bc8!2sPluck-A-Duck%20Lodge!5e0!3m2!1sen!2sus!4v1568049643861!5m2!1sen!2sus
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-bZZ2+Cv+BpYpD+BYBLgU3g==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/maps/embed?pb=!1m14!1m8!1m3!1d1977486.9516225988!2d-91.54934849506098!3d35.504166546764644!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xa0789cddb3279bc8!2sPluck-A-Duck%20Lodge!5e0!3m2!1sen!2sus!4v1568049643861!5m2!1sen!2sus
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.pluck-a-duck.com/duck-hunts/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pluck-a-duck.com/duck-hunts/

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Fri, 27 Dec 2019 15:45:22 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-bZZ2+Cv+BpYpD+BYBLgU3g==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding
gzip
server
mafe
content-length
1502
x-xss-protection
0
server-timing
gfet4t7; dur=134
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34063123-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4305
date
Fri, 27 Dec 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 27 Dec 2019 16:33:37 GMT
truncated
/
944 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10af556f1b170b3c6184b01eab13cb1c9d07b991649539d9d9eabe322cc40b09

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
39bcbe3f-4af1-44b8-8105-bc35310519d9_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9.js
  • https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9_eu.js
98 KB
33 KB
Script
General
Full URL
https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9_eu.js
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8cdecb935d2b94786d405a6f88016387d82a9b7eb81496d74f6580296e598dd5

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
content-encoding
gzip
last-modified
Mon, 20 Feb 2017 14:57:05 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"654cdd99898bd21:0"
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=86400

Redirect headers

status
301
date
Fri, 27 Dec 2019 15:45:22 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
content-length
178
location
https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9_eu.js
content-type
text/html
main.5d7c9b55.js
connect.podium.com/static/js/
790 KB
232 KB
Script
General
Full URL
https://connect.podium.com/static/js/main.5d7c9b55.js
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a97fa54f6021ee0f787f58a718309db3bdef5efb7ed5d149a97f755a5206b579

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 17:21:59 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:41 GMT
server
AmazonS3
age
598998
etag
"177cc2c4dee9321d40993c998d452c15"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
content-length
237367
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
n8Ke3ZBQLy9YZxCZanOVRKO-oHD1n7enT-BbIXE156npnR7DnXKRtQ==
identity.js
connect.facebook.net/signals/plugins/
42 KB
10 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
10620
x-xss-protection
0
pragma
public
x-fb-debug
jZCoclRfTVD7ZCq6NK0drUqZbwPPFWyWxcBZA1JW9w1Bd3RmoOrUS8RocyzBP21smOp2eDkjfik5JkXb/3d5Kg==
x-fb-trip-id
420120009
date
Fri, 27 Dec 2019 15:45:22 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
3063527177022851
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/3063527177022851?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
dded578f0054d560e129a6bb72878b1c87bc173e99e3fd2ea6b8c16372370c5b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114919
x-xss-protection
0
pragma
public
x-fb-debug
YKsUs6czdGlEqGo1z/PQTwc51t6i20Nx3dkbIy/n70eCwgXW0we22wjpHIvxNWakcrmhItn3TjktIle8g4YGxw==
x-fb-trip-id
420120009
date
Fri, 27 Dec 2019 15:45:22 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=793555511&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F&ul=en-us&de=UTF-8&dt=Duck%20Hunts%20%7C%20Pluck-A-Duck%20Lodg...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_gid=1861235886.1577461523&gjid=1405212499&_v=j79&z=805438105
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105&slf_rd=1&random=3690944939
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105&slf_rd=1&random=3690944939
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Dec 2019 15:45:22 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Dec 2019 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105&slf_rd=1&random=3690944939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
mind-flayer.podium.com/
0
465 B
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.pluck-a-duck.com
Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
server
Cowboy
vary
origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
Content-Length
0
x-request-id
FeRE5c7wY7nI_jEBIOID
/
www.facebook.com/tr/
44 B
247 B
Image
General
Full URL
https://www.facebook.com/tr/?id=3063527177022851&ev=PageView&dl=https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F&rl=&if=false&ts=1577461522710&sw=1600&sh=1200&v=2.9.15&r=stable&a=wordpress-5.3.2-1.7.25&ec=0&o=30&fbp=fb.1.1577461522709.1336182553&it=1577461522608&coo=false&rqm=GET
Requested by
Host: www.pluck-a-duck.com
URL: https://www.pluck-a-duck.com/duck-hunts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Fri, 27 Dec 2019 15:45:22 GMT
pluck-a-duck-logo.png
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/10/
79 KB
79 KB
Image
General
Full URL
https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/10/pluck-a-duck-logo.png
Requested by
Host: secureservercdn.net
URL: https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1571764671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
Software
nginx /
Resource Hash
cc24d9b06905c5ebc3e14d0a57d62fd20dee67f153639b296929d73dee04641d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:23 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
all_requests
age
68771
x-cache
cached
status
200
x-sucuri-cache
HIT
content-length
80587
x-xss-protection
1; mode=block
last-modified
Wed, 09 Oct 2019 23:36:10 GMT
server
nginx
cache-control
max-age=315360000
etag
"13acb-59482bff84b9e"
strict-transport-security
max-age=300
content-type
image/png
x-cache-hit
HIT
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/
44 B
146 B
Image
General
Full URL
https://www.facebook.com/tr/?id=3063527177022851&ev=Microdata&dl=https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F&rl=&if=false&ts=1577461523212&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Duck%20Hunts%20%7C%20Pluck-A-Duck%20Lodge%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Duck%20Hunts%20%7C%20Pluck-A-Duck%20Lodge%22%2C%22og%3Atype%22%3A%22activity%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fsecureservercdn.net%2F198.71.233.106%2Fono.38c.myftpupload.com%2Fwp-content%2Fplugins%2Fall-in-one-seo-pack-pro%2Fimages%2Fdefault-user-image.png%22%2C%22og%3Asite_name%22%3A%22Pluck-A-Duck%20Lodge%22%2C%22og%3Adescription%22%3A%22On%20Dec.%2023%2C%201956%2C%204%20million%20viewers%20of%20NBC%27s%20Wide%20Wide%20World%2C%20hosted%20by%20Dave%20Garroway%2C%20watched%20one%20of%20the%20most%20amazing%20hunting%20shows%20ever%20broadcast%20on%20live%20television.%20An%20estimated%20300%2C000%20mallar%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fsecureservercdn.net%2F198.71.233.106%2Fono.38c.myftpupload.com%2Fwp-content%2Fplugins%2Fall-in-one-seo-pack-pro%2Fimages%2Fdefault-user-image.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=wordpress-5.3.2-1.7.25&ec=1&o=30&fbp=fb.1.1577461522709.1336182553&it=1577461522608&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Fri, 27 Dec 2019 15:45:23 GMT
graphql
mind-flayer.podium.com/
3 KB
3 KB
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
d70e6a14e60edf558b639153a68905346078aa6d539ad47ef0ba0d3c823a27e5

Request headers

Accept
application/json
Referer
https://www.pluck-a-duck.com/duck-hunts/
Origin
https://www.pluck-a-duck.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2577
x-request-id
FeRE5djQmvqscE0QMSuB
graphql
mind-flayer.podium.com/
0
465 B
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.pluck-a-duck.com
Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Fri, 27 Dec 2019 15:45:22 GMT
server
Cowboy
vary
origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
Content-Length
0
x-request-id
FeRE5eQfYiz5ezMBIPHD
graphql
mind-flayer.podium.com/
0
465 B
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.pluck-a-duck.com
Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Fri, 27 Dec 2019 15:45:23 GMT
server
Cowboy
vary
origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
Content-Length
0
x-request-id
FeRE5e4GK9qZt8UCjg0F
reset.css
connect.podium.com/styles/ Frame 52AD
1 KB
987 B
Stylesheet
General
Full URL
https://connect.podium.com/styles/reset.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fae8f67e860a44b8ee6b4ff8b9aaf2ed9ca1cfd1ffc7b305ed0d76046beb53d3

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 17:21:48 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:41 GMT
server
AmazonS3
age
598998
etag
"4e6c790074d30a533490fb75220f00d5"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
content-length
639
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
nfoIngyEGoxa08BFD4XKY7_-Hqd-ERHxJG5vgdKoGWdgA6_RW4fq_A==
all.css
connect.podium.com/styles/ Frame 52AD
34 KB
7 KB
Stylesheet
General
Full URL
https://connect.podium.com/styles/all.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9764ea9d6e05d8f02892f2c52eb4ca9888e3c4d5f0a2b4037fa9d38f5dba259e

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:38:55 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:43 GMT
server
AmazonS3
age
388
etag
"e42f90770ad42736826b66e8293ef80a"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
content-length
6453
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
CjHDRGj7qkxbFIl2Yw1MAv_o77xZ2Owak7hasBJeluCanSXp-jo69w==
reset.css
connect.podium.com/styles/ Frame 14AD
1 KB
987 B
Stylesheet
General
Full URL
https://connect.podium.com/styles/reset.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fae8f67e860a44b8ee6b4ff8b9aaf2ed9ca1cfd1ffc7b305ed0d76046beb53d3

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 17:21:48 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:41 GMT
server
AmazonS3
age
598998
etag
"4e6c790074d30a533490fb75220f00d5"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
content-length
639
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
gNZeCjZulk2bc7uzJqpZjCRLnuUY0e-R64rzmjuAc4uj7ook2G-ETA==
all.css
connect.podium.com/styles/ Frame 14AD
34 KB
7 KB
Stylesheet
General
Full URL
https://connect.podium.com/styles/all.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9764ea9d6e05d8f02892f2c52eb4ca9888e3c4d5f0a2b4037fa9d38f5dba259e

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 11:38:07 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"e42f90770ad42736826b66e8293ef80a"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=3600
content-length
6453
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
RpT4KaSmQr0iv0VeID1B8EBOcAIkCV5C_-Qd2y0UHB52bJbvRI8wzg==
reset.css
connect.podium.com/styles/ Frame 6046
1 KB
988 B
Stylesheet
General
Full URL
https://connect.podium.com/styles/reset.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fae8f67e860a44b8ee6b4ff8b9aaf2ed9ca1cfd1ffc7b305ed0d76046beb53d3

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 17:21:48 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:41 GMT
server
AmazonS3
age
598998
etag
"4e6c790074d30a533490fb75220f00d5"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
content-length
639
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
3uhvVm58HEDz-bkfRP46YwbzjdRIElBG2ZAmB5JFNlBEbYnjFQ8loA==
all.css
connect.podium.com/styles/ Frame 6046
34 KB
7 KB
Stylesheet
General
Full URL
https://connect.podium.com/styles/all.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9764ea9d6e05d8f02892f2c52eb4ca9888e3c4d5f0a2b4037fa9d38f5dba259e

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"e42f90770ad42736826b66e8293ef80a"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=3600
content-length
6453
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
qhhjzl96rw2dtubaaCMLjRzdQvwM6zY2B6nAldAHP08yuLPT1H4puQ==
Graphik-Regular.woff
assets.podium.com/fonts/ Frame 6046
47 KB
48 KB
Font
General
Full URL
https://assets.podium.com/fonts/Graphik-Regular.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2200:1f:7c97:a480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c387136ca55cf33a793e73eef1fdf8cb41a553293c60380d6860435896aaa9f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://connect.podium.com/styles/all.css
Origin
https://www.pluck-a-duck.com

Response headers

date
Fri, 27 Dec 2019 15:45:24 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-max-age
86400
content-length
48539
last-modified
Fri, 15 Feb 2019 16:52:48 GMT
server
AmazonS3
etag
"5c7b80e1b58e4530dca10f70b8031c54"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
content-type
application/font-woff
x-amz-cf-id
Km_ongLWiywfbgx-VGBUXISPKcZgGLBtv77GB4QQGr_wxU7u9wigTg==
graphql
mind-flayer.podium.com/
210 B
575 B
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
70e13dd839f950cf267f796c34a93b3a4ba88ce8331001bd6b9dbfaa1641944e

Request headers

Accept
application/json
Referer
https://www.pluck-a-duck.com/duck-hunts/
Origin
https://www.pluck-a-duck.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Dec 2019 15:45:23 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
210
x-request-id
FeRE5ffriw4y0UcBIQTD
graphql
mind-flayer.podium.com/
36 B
400 B
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c

Request headers

Accept
application/json
Referer
https://www.pluck-a-duck.com/duck-hunts/
Origin
https://www.pluck-a-duck.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Dec 2019 15:45:23 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
36
x-request-id
FeRE5fmIi1GscE0DhP_E
reset.css
connect.podium.com/styles/ Frame C421
1 KB
988 B
Stylesheet
General
Full URL
https://connect.podium.com/styles/reset.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fae8f67e860a44b8ee6b4ff8b9aaf2ed9ca1cfd1ffc7b305ed0d76046beb53d3

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 17:21:48 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:41 GMT
server
AmazonS3
age
599000
etag
"4e6c790074d30a533490fb75220f00d5"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
content-length
639
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
zQWNP-vPpnsFTW6wIV5a8r6ojyh0IyZCkDPnBMufOTLWBUvAAedmtQ==
all.css
connect.podium.com/styles/ Frame C421
34 KB
7 KB
Stylesheet
General
Full URL
https://connect.podium.com/styles/all.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9764ea9d6e05d8f02892f2c52eb4ca9888e3c4d5f0a2b4037fa9d38f5dba259e

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Dec 2019 15:45:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:21:43 GMT
server
AmazonS3
age
390
etag
"e42f90770ad42736826b66e8293ef80a"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
content-length
6453
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
kRTEcEVSSW6Ca9MzT6V3s3zQAfxy88SdfCHnF5eNIyKWgzLyWNTC7Q==
graphql
mind-flayer.podium.com/
0
465 B
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/static/js/main.5d7c9b55.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.pluck-a-duck.com
Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Fri, 27 Dec 2019 15:45:24 GMT
server
Cowboy
vary
origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
Content-Length
0
x-request-id
FeRE5l5LkRGscE0KNMyD
avatar.jpeg
avatars.podium.com/2313073/094f7263-faf2-4031-b06d-bcbd612be533/ Frame C421
652 KB
653 KB
Image
General
Full URL
https://avatars.podium.com/2313073/094f7263-faf2-4031-b06d-bcbd612be533/avatar.jpeg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:ec00:1c:e48e:5600:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
001edabb32586908a2b12675bf32417a1fdae91ef8984ac51ef229db13d10960

Request headers

Referer
https://www.pluck-a-duck.com/duck-hunts/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 17:10:14 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jun 2019 15:24:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"5a3f1ce64fc114e14740371be5431e6e"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
status
200
accept-ranges
bytes
content-length
667615
x-amz-cf-id
daM7Auz7j7tuWh2smLzNq3ZS-s-tMWFfVwB546aY1136FA04L-sGFg==
Graphik-Medium.woff
assets.podium.com/fonts/ Frame C421
46 KB
47 KB
Font
General
Full URL
https://assets.podium.com/fonts/Graphik-Medium.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2200:1f:7c97:a480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e23049eb432f619ac9ab93cdeaa5bb4debd09e10ebd0fc21960f6cc2bb5b598c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://connect.podium.com/styles/all.css
Origin
https://www.pluck-a-duck.com

Response headers

date
Fri, 27 Dec 2019 15:45:26 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-max-age
86400
content-length
47214
last-modified
Fri, 15 Feb 2019 16:52:48 GMT
server
AmazonS3
etag
"58dd3d4a8c153d3360459ebdb4b62348"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
content-type
application/font-woff
x-amz-cf-id
DQLQVNXrKLyZ_Fc1Jkicb3L8oG2PX-JNRj1ZOXDdvtU3DFp_bAKuyg==
Graphik-Regular.woff
assets.podium.com/fonts/ Frame C421
47 KB
48 KB
Font
General
Full URL
https://assets.podium.com/fonts/Graphik-Regular.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2200:1f:7c97:a480:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c387136ca55cf33a793e73eef1fdf8cb41a553293c60380d6860435896aaa9f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://connect.podium.com/styles/all.css
Origin
https://www.pluck-a-duck.com

Response headers

date
Fri, 27 Dec 2019 15:45:24 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
status
200
access-control-max-age
86400
content-length
48539
last-modified
Fri, 15 Feb 2019 16:52:48 GMT
server
AmazonS3
etag
"5c7b80e1b58e4530dca10f70b8031c54"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
content-type
application/font-woff
x-amz-cf-id
LUDO2PXg3bUrCmUt5-Y9wZjDIycHmfkXI3fSkz944jrsovoN3QAUDg==
graphql
mind-flayer.podium.com/
36 B
400 B
XHR
General
Full URL
https://mind-flayer.podium.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.61.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-61-207.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c

Request headers

Accept
application/json
Referer
https://www.pluck-a-duck.com/duck-hunts/
Origin
https://www.pluck-a-duck.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 Dec 2019 15:45:25 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pluck-a-duck.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
36
x-request-id
FeRE5mhbHQaJiuUO-wgE

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| et_site_url string| et_post_id function| et_core_page_resource_fallback object| _wpemojiSettings undefined| $ function| jQuery function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| rlArgs function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| FH string| GoogleAnalyticsObject function| ga string| sbiajaxurl object| _mfq object| sb_instagram_js_options boolean| sbi_js_exists object| sbIconSVG object| addLinks function| sbSVGify function| sbiSizeSVG function| addLinksToPage function| sbi_init function| sbiAddTokenToExpiredList function| sbiCachePhotos function| sbiGetColumnCount function| sbiGetWidthForResType function| sbiGetBestResolutionForAuto function| sbiNeedToRaiseRes function| sbiGetResolutionSettings function| sbi_cache_all function| iFrameResize object| DIVI object| et_shortcodes_strings object| et_pb_custom object| et_pb_box_shadow_elements boolean| isBuilder function| et_shortcodes_init function| Waypoint object| salvattore function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_modules function| et_pb_debounce object| jQuery112407436274258718749 object| ET_SmoothScroll boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| wp function| insertJS number| start number| interval function| main number| sbiCommentCacheStatus object| sbiCacheStatuses object| sbiFeedMeta object| sbiUseBackup object| $et_tooltip object| $et_learn_more function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height number| window_width function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| rl_view_image function| rl_hide_image object| twemoji object| $element object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate object| regeneratorRuntime undefined| _ undefined| register boolean| podiumWebsiteWidgetLoaded object| mouseflow string| waypointContextKey object| PodiumWebChat

13 Cookies

Domain/Path Name / Value
.fareharbor.com/ Name: mp_ac6482ea6d5da620bb15ce24d0d328ca_mixpanel
Value: %7B%22distinct_id%22%3A%20%2216f4808a2ea59c-03d58036c409e2-31641f72-1d4c00-16f4808a2ebe79%22%2C%22%24device_id%22%3A%20%2216f4808a2ea59c-03d58036c409e2-31641f72-1d4c00-16f4808a2ebe79%22%7D
.fareharbor.com/ Name: mp_ec17ab267df6688013d497b75ddd3308_mixpanel
Value: %7B%22distinct_id%22%3A%20%227b27a00c-ea3d-453e-a1a8-139db0951d1d%22%2C%22%24device_id%22%3A%20%2216f4808a2e3c6-004be08cb670cb-31641f72-1d4c00-16f4808a2e4dcd%22%2C%22%24user_id%22%3A%20%227b27a00c-ea3d-453e-a1a8-139db0951d1d%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F%22%2C%22%24initial_referring_domain%22%3A%20%22www.pluck-a-duck.com%22%2C%22company%22%3A%20null%2C%22userType%22%3A%20%22anonymous%22%2C%22mp_name_tag%22%3A%20%22Guest%22%7D
.pluck-a-duck.com/ Name: _gat_gtag_UA_34063123_1
Value: 1
.fareharbor.com/ Name: _gid
Value: GA1.2.1048723075.1577461523
.pluck-a-duck.com/ Name: _gid
Value: GA1.2.1861235886.1577461523
fareharbor.com/ Name: fh-units-language
Value: en-us
.pluck-a-duck.com/ Name: _fbp
Value: fb.1.1577461522709.1336182553
fareharbor.com/ Name: csrftoken
Value: TLHIAIvzVqJO5b6YumP8xDL9NWsSafwq
.pluck-a-duck.com/ Name: mf_39bcbe3f-4af1-44b8-8105-bc35310519d9
Value: -1
.fareharbor.com/ Name: _ga
Value: GA1.2.1591825676.1577461523
fareharbor.com/ Name: fh-target-language
Value: en-us
fareharbor.com/ Name: fh-content-language
Value: en-us
.pluck-a-duck.com/ Name: _ga
Value: GA1.2.1510325970.1577461523

3 Console Messages

Source Level URL
Text
console-api log URL: https://secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1571764671(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Call to "fbq('init', '3063527177022851', []);" with parameter "user_data" has an invalid value of "[]"
console-api debug URL: https://connect.podium.com/static/js/main.5d7c9b55.js(Line 1)
Message:
[bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.podium.com
avatars.podium.com
cdn.mouseflow.com
connect.facebook.net
connect.podium.com
d2xcq4qphg1ge9.cloudfront.net
fareharbor.com
fh-kit.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mind-flayer.podium.com
secureservercdn.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.pluck-a-duck.com
143.204.208.127
198.71.233.106
2001:4de0:ac19::1:b:3b
23.111.9.38
2600:9000:2057:dc00:1a:3af:f5c0:93a1
2600:9000:2057:ec00:1c:e48e:5600:93a1
2600:9000:214f:2200:1f:7c97:a480:93a1
2606:4700:20::681a:820
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9b
2a02:fe80:1010::16
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.8.115.137
52.88.61.207
001edabb32586908a2b12675bf32417a1fdae91ef8984ac51ef229db13d10960
006398cc82fdeb956ce5829ef9d1e96a4bdb8e8e454357737a658289114522d7
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
03cb807237aa856f32609d565a6ba551d0f1501e121bf93ec2206468ec40dd60
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
0b8396fe547e788e635527ec83f22991f9c342bc541308a4a0042ae3c0acf09b
0f121f077faf50471f147e9e98167a479f12ebd5c5cf825372a22ed83fa38b1c
10af556f1b170b3c6184b01eab13cb1c9d07b991649539d9d9eabe322cc40b09
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16dfd97ce7080f706ab99b1d8d407a7d8a607160dc785bcf9217fc6b7c543424
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1929dab7d2cb32760115d8f0ae635b45c22e8329cbb224b149c81bd9b752f51c
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
281e59760f2788262969e8ba7ba2fb9270fa10b7f7bfa020cc81dc16f0fa8d6d
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
3458486489eeb3606df97e3ff5dc1d9a91bdc76a28b913cae6e7f5a6329e1855
3b9710af8338002657e41f95ca4b3230620ee4f5b634fd49538a09abff367997
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c9206b54656256361147be4115c2e24a94fce825f37b5d47715942a1dafc4d3
4ee3a46c7e627f7d03216cb93719a12739500bb7600c34bea9a8d30947629d59
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
556539a94582edc4064ee6830f3c2d902d6034626594ca53def5e135f8b15759
69fd68d4233a0c8733c0f1d26d0c1ebda9aaebfc72068ec3904cda8d5ce8dd0b
70e13dd839f950cf267f796c34a93b3a4ba88ce8331001bd6b9dbfaa1641944e
74adb490a877cc15e0a6d0adc6d0e6bffc0462c1de37cb99ad103663af6a296c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b590c659e185eea4128e5014d0d47ee569f1d5ac5a3f13fc842eb3e32f11f8f
856481a6aa5b2680185bb1781faad70e008bc52e29357dcd4ce437684b8b694c
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c
8c387136ca55cf33a793e73eef1fdf8cb41a553293c60380d6860435896aaa9f
8cdecb935d2b94786d405a6f88016387d82a9b7eb81496d74f6580296e598dd5
937ea91a15942209923f2ae9ea6d9114a978c85c4f531dd7074f59b66c575bff
93fbfa7dfb5327b1a49c19630843ac9aaad1707151f24e5cb165cef12aea2424
9764ea9d6e05d8f02892f2c52eb4ca9888e3c4d5f0a2b4037fa9d38f5dba259e
97af939acbc5ac48df9d3f461c83849d5eafee3557bdbe75372013148da8d5d9
9ae5e48a8fc471786854e0630f109d08c0cdf21808f94ddb2c75daf075093efa
a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a82d4f70aa50c4d00557c3f314259be8e49173553c5cf8fc5edb7add6e07014d
a97fa54f6021ee0f787f58a718309db3bdef5efb7ed5d149a97f755a5206b579
a9e94833815b622b7c62cbde72a3c14586b45c1ec7950e991831153477b6adce
acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10
af55b54e6fb342bae213c5bab5f09d3ec57be10fd0f2fdb9f6b1c6e7a5571070
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
be95ee2038d07c32b9ff21c3284d47c19ff7129e90f2f25a0f96663cbee4ecca
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
cc24d9b06905c5ebc3e14d0a57d62fd20dee67f153639b296929d73dee04641d
d188ce0e476bf4994827347d4433fec168619bb7eb2adf13aaec6fced0caf7eb
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d70e6a14e60edf558b639153a68905346078aa6d539ad47ef0ba0d3c823a27e5
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dded578f0054d560e129a6bb72878b1c87bc173e99e3fd2ea6b8c16372370c5b
e23049eb432f619ac9ab93cdeaa5bb4debd09e10ebd0fc21960f6cc2bb5b598c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fae8f67e860a44b8ee6b4ff8b9aaf2ed9ca1cfd1ffc7b305ed0d76046beb53d3
fffd052be112c4f900919c55d9fe90e138594b8567a448ae433ef82227f9c62d