www.ducks.ca Open in urlscan Pro
192.124.249.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ducks.ca/
Effective URL:
https://www.ducks.ca/
Submission: On May 03 via api (May 3rd 2024, 11:37:12 pm UTC) from US — Scanned from CA

Summary HTTP 110 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 19 domains to perform 110 HTTP transactions. The main IP is 192.124.249.12, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.ducks.ca.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 5th 2023. Valid for: a year.

This is the only time www.ducks.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	192.124.249.12 192.124.249.12	30148 (SUCURI-SEC) (SUCURI-SEC)
9	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::6816:3a5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:1408:c40... 2600:1408:c400:29::17da:da44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.214.65 13.224.214.65	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::ac43:2be9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:be27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.214.78.235 52.214.78.235	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4004:c07::65	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c19::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	13.224.214.90 13.224.214.90	16509 (AMAZON-02) (AMAZON-02)
1	208.95.112.2 208.95.112.2	53334 (TUT-AS) (TUT-AS)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::67	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.238.4.127 18.238.4.127	16509 (AMAZON-02) (AMAZON-02)
2	13.224.208.114 13.224.208.114	16509 (AMAZON-02) (AMAZON-02)
110	23

52 192.124.249.12 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10012.sucuri.net

ducks.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ducks.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:3a5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1408:c400:29::17da:da44 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-65.phl50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2be9 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:be27 (United States)

ASN13335 (CLOUDFLARENET, US)

ducks.donordrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.78.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-78-235.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c07::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-90.phl50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.112.2 (United States)

ASN53334 (TUT-AS, US)

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-127.phl51.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.208.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-114.phl50.r.cloudfront.net

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	ducks.ca 1 redirects ducks.ca www.ducks.ca	2 MB
9	typekit.net use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 565	230 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	733 KB
7	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 8201	78 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 11230	32 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 10035	190 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	2 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	370 B
3	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 17842	79 KB
2	cloudfront.net d3hb14vkzrxvla.cloudfront.net	9 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9403 prism.app-us1.com — Cisco Umbrella Rank: 9486	8 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 8989	305 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 988	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	72 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9557	315 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	274 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6182	312 B
1	donordrive.com ducks.donordrive.com	4 KB
110	19

	Domain	Requested by
51	www.ducks.ca	www.ducks.ca
9	www.googletagmanager.com	www.ducks.ca www.googletagmanager.com
8	use.typekit.net	www.ducks.ca use.typekit.net
7	cdn-cookieyes.com	www.ducks.ca cdn-cookieyes.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	beacon-v2.helpscout.net	www.ducks.ca beacon-v2.helpscout.net
3	www.google.ca	www.ducks.ca
3	my.hellobar.com	www.ducks.ca my.hellobar.com
2	d3hb14vkzrxvla.cloudfront.net	beacon-v2.helpscout.net
2	www.google.com	www.ducks.ca
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	log.cookieyes.com	cdn-cookieyes.com
2	connect.facebook.net	www.ducks.ca connect.facebook.net
1	trackcmp.net	diffuser-cdn.app-us1.com
1	www.facebook.com	www.ducks.ca
1	pro.ip-api.com	my.hellobar.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	diffuser-cdn.app-us1.com	www.ducks.ca
1	p.typekit.net	use.typekit.net
1	ducks.donordrive.com	www.ducks.ca
1	static.hotjar.com	www.ducks.ca
1	ducks.ca	1 redirects
110	25

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
facebook.com
www.youtube.com
x.com
www.linkedin.com
www.canards.ca
iwwr.ducks.ca
ag.ducks.ca
shop.ducks.ca
help.ducks.ca
ducks.donordrive.com

Subject Issuer	Validity	Valid
www.ducks.ca Go Daddy Secure Certificate Authority - G2	`2023-06-05` - `2024-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-11` - `2024-05-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-25` - `2024-08-24`	a year	crt.sh
*.donordrive.com Thawte TLS RSA CA G1	`2024-02-14` - `2025-03-05`	a year	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2024-03-26` - `2025-04-25`	a year	crt.sh
diffuser-cdn.app-us1.com E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
prism.app-us1.com E1	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh
*.helpscout.net Amazon RSA 2048 M03	`2024-03-18` - `2025-04-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ducks.ca/
Frame ID: 2BE3EE5985003DEF43C9535CEFF380A9
Requests: 112 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Conserving Canada’s Wetlands | Ducks Unlimited Canada

Page URL History Show full URLs

http://ducks.ca/ HTTP 307
https://ducks.ca/ HTTP 302
https://www.ducks.ca/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

100 %
HTTPS

68 %
IPv6

19
Domains

25
Subdomains

23
IPs

2
Countries

3159 kB
Transfer

8425 kB
Size

12
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/ducksunlimitedcanada/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: http://facebook.com/ducksunlimitedcanada
Title: Follow us Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCR5V5lumfBOHkGOYxKbghsg
Title: Subscribe to us on YouTube

Search URL Search Domain Scan URL

URL: https://x.com/ducanada
Title: Follow us on X

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ducks-unlimited-canada/
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.canards.ca/
Title: Français

Search URL Search Domain Scan URL

URL: http://iwwr.ducks.ca/
Title: Institute for Wetland & Waterfowl Research

Search URL Search Domain Scan URL

URL: https://ag.ducks.ca/
Title: Agriculture Programs

Search URL Search Domain Scan URL

URL: https://shop.ducks.ca/
Title: Shop DUCGear

Search URL Search Domain Scan URL

URL: https://help.ducks.ca/
Title: Frequently Asked Questions

Search URL Search Domain Scan URL

URL: https://ducks.donordrive.com/?fuseaction=donate.event&eventID=538&language=en
Title: Make a monthly donation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ducks.ca/ HTTP 307
https://ducks.ca/ HTTP 302
https://www.ducks.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ducks.ca/
Redirect Chain

http://ducks.ca/
https://ducks.ca/
https://www.ducks.ca/

156 KB
27 KB

172ms
98ms

Document
text/html

192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

421eda352ea8fb2b325a66965d0392a4826b551ef7f2be5a647d2ae3f46a0a0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: help.ducks.ca
content-encoding: gzip
content-length: 26858
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 23:37:02 GMT
link: <https://www.ducks.ca/wp-json/>; rel="https://api.w.org/", <https://www.ducks.ca/wp-json/wp/v2/pages/805>; rel="alternate"; type="application/json", <https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=4e06d1a7>; rel=preload; as=style
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-sucuri-cache: HIT
x-sucuri-id: 20012
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

content-length: 205
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=iso-8859-1
date: Fri, 03 May 2024 23:37:02 GMT
location: https://www.ducks.ca/
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-sucuri-cache: EXPIRED
x-sucuri-id: 20012
x-xss-protection: 1; mode=block

GET
H2 200 smartslider.min.css
www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ 22 KB
4 KB 94ms
94ms Stylesheet
text/css 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=4e06d1a7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

970a471f91ad8bc60848134b6630c76d5300caa1e88e6ebed454174022dec0af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:02 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 4067
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:20 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 1090ms
129ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5817337-29

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6274259b91c00bd9e24b5a00112127ff51270ad3c1d8cbb10f3ecbd33a440b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74658
x-xss-protection: 0
last-modified: Fri, 03 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 May 2024 23:37:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 148ms
142ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156587635-6

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0ac52fa142baa6321119f0eac89c89044d4431444922fb682b863e365c6ac6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74645
x-xss-protection: 0
last-modified: Fri, 03 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 May 2024 23:37:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 202ms
197ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1011148027

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a0ea440512858d438a637dc47192e56809aefa2278f7869d8f63536643f24e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79046
x-xss-protection: 0
last-modified: Fri, 03 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 May 2024 23:37:04 GMT

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/ 98 KB
34 KB 1064ms
109ms Script
application/javascript 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/script.js
Requested by: Host: www.ducks.ca
URL: https://www.ducks.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d5c736b9f0ba1b209a2483201fd42bdd6fc9017cd19480317482ff33f7036b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2024 00:33:19 GMT
server: cloudflare
age: 376988
etag: "18724-6167c59daefe6-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 87e413a8bd11ac0f-YYZ
content-length: 34974

GET
H2 200 style.min.css
www.ducks.ca/wp-includes/css/dist/block-library/ 102 KB
14 KB 113ms
111ms Stylesheet
text/css 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.3.4

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:02 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 13841
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 19:03:30 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d438e446304ea3b3d27d77d96641f5d9.css
www.ducks.ca/assets/hummingbird-assets/ 109 B
552 B 116ms
115ms Stylesheet
text/css 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/d438e446304ea3b3d27d77d96641f5d9.css

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

e5df7236dd99e061a39dc02418170062a6e807829afd5e1b683d1b4eea7afcbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:02 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 84
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:46:07 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 44babd40b74e105b998ced7295d44724.css
www.ducks.ca/assets/hummingbird-assets/ 2 KB
1 KB 118ms
116ms Stylesheet
text/css 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/44babd40b74e105b998ced7295d44724.css

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

fb4eaa04b4e471705026e27577227b787117605ca4aa48f203bcfec1503af3fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:02 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 608
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:44:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uds6bcz.css
use.typekit.net/ 12 KB
2 KB 1175ms
210ms Stylesheet
text/css 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uds6bcz.css

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f50c3c8126205132077e808fb8c8ba20ede201e51a543c96777473cdbc7c4946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 03 May 2024 23:37:04 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1393

GET
H2 200 8f8e8e8ab978bcf96538fe34eeedd02d.css
www.ducks.ca/assets/hummingbird-assets/ 420 KB
63 KB 123ms
122ms Stylesheet
text/css 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

99a4041bc29919eb5fe97c70073e2874a5520e3225e82a03a329bc060d193d33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:02 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:46:09 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3f69598f91c221baa66dc3f404ebc714.css
www.ducks.ca/assets/hummingbird-assets/ 197 KB
23 KB 169ms
168ms Stylesheet
text/css 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/3f69598f91c221baa66dc3f404ebc714.css

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

901780cbe4df8410f5aeb1d3848cd62e2c63cf731e308536176cbe9c34e8a8aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:02 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 22593
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:46:11 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
82 KB 209ms
204ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8L7GJN

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3c1d8f8747a02b8ca061d34d195069fb88e8f573505e572f4ea1065f13e837b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83807
x-xss-protection: 0
last-modified: Fri, 03 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 May 2024 23:37:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 527ms
117ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 May 2024 23:37:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1392, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: kBVSXCg6p66qf+bIqq4PouLTXrsF/PeLLceDekE7RtFInT3UJL9YqIkdWxs4t25I1M+DKCTSaqzHxurlY7+WCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-859241.js Show response
static.hotjar.com/c/ 9 KB
4 KB 525ms
185ms Script
application/javascript 13.224.214.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-859241.js?sv=6

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-65.phl50.r.cloudfront.net

Software

Resource Hash

1bc31a98b94208d481ea9b12fbde6e8b4b3246cf12d6cffff5ce520f543338d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
etag: W/9c20925e6ca777dcd6ad6e757f9a6a3c
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: H87i0FtnMQcF5WLXn373JW-ya-6f1KR5ACWsKtwCMPuRlSIezKNU6Q==

GET
H2 200 a2646bfa105bf9ed235dd60d0419338c.js Show response
www.ducks.ca/assets/hummingbird-assets/ 99 KB
34 KB 141ms
141ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/a2646bfa105bf9ed235dd60d0419338c.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

0cf06b9a7ddb392b40aee567af3e440496ca5b9f03f95a6b47167a518c17c317

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:02 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 34607
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:44:16 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.json.min.js Show response
www.ducks.ca/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 104ms
101ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.7.16

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 899
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:44:55 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gravityforms.min.js Show response
www.ducks.ca/wp-content/plugins/gravityforms/js/ 46 KB
14 KB 106ms
103ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.7.16

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

5829bd353f174161be7db1c4451d0ef7991da02ee832b4b092e849ee3395a0bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 13785
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:44:55 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utils.min.js Show response
www.ducks.ca/wp-content/plugins/gravityforms/assets/js/dist/ 38 KB
12 KB 94ms
94ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=59d951b75d934ae23e0ea7f9776264aa

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

7734306b24719e59158e81abe7849cd4323df1fcee4364b190808b8e761a3255

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 11761
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:44:55 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xdomain-data.js Show response
www.ducks.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/ 3 KB
2 KB 95ms
95ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/sitepress-multilingual-cms/res/js/xdomain-data.js?ver=4.6.10

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

68b324a6179651d56917d3b1f3f5d0a1e71b08550b1468790826dde5e22b2b56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1307
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:43:05 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 n2.min.js Show response
www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ 40 KB
13 KB 101ms
101ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=4e06d1a7

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

ec4eb1d43feb1ff5d46ff8fceb2ff6a7447a604bdbbe0e2c0e3fce9545954736

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 12380
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:20 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smartslider-frontend.min.js Show response
www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ 111 KB
26 KB 109ms
108ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=4e06d1a7

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

866ce0557c25a351783f1f5287f6cee1332efafe406194195fb9c98234b8e162

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 26355
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:20 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ss-simple.min.js Show response
www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ 13 KB
4 KB 111ms
110ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=4e06d1a7

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

ca6ef142765010507ac8c344ee29295e28bf2b93a06c536f14fdd91deff6a697

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 3151
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:20 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 w-arrow-image.min.js Show response
www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/ 1 KB
1 KB 93ms
93ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=4e06d1a7

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

11f4b1c5b48fa0100ba180a2e7ffc3296a59ecd4b210351bb452130979c8582c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 669
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:20 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 w-bullet.min.js Show response
www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/ 5 KB
2 KB 94ms
93ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=4e06d1a7

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

d6f3358743b370d0292e2c8db3820b32eb5ea5f8f4cac004b3d3a34c6557ee7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1981
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:20 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20200303_scenic3-620x410-c-default.jpg
www.ducks.ca/assets/2021/02/ 63 KB
64 KB 95ms
95ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2021/02/20200303_scenic3-620x410-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

3ed4efa1381df6fbe5afc46dea3071259c30d3f1439cf85603335540cd5d8ca8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:03 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 64761
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 23 Oct 2023 22:17:38 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 brick-ponds-450x600-c-default.jpg
www.ducks.ca/assets/2019/12/ 70 KB
71 KB 113ms
113ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2019/12/brick-ponds-450x600-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

3f68164b027ff40a3f90cf02fef265a2e0c4ef094b1b5fd840f2ab8b17f4e1dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:03 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 71704
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 23 Oct 2023 20:48:56 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lena-gallant-450x600-c-default.jpg
www.ducks.ca/assets/2020/12/ 48 KB
48 KB 720ms
719ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2020/12/lena-gallant-450x600-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

3d757a659bc5590e41fd3c60d3be6b9cfae8604841c622c8ad44b230ffe87b23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:03 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 48728
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 23 Oct 2023 22:17:38 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 future-biodiversity-450x600-c-default.jpg
www.ducks.ca/assets/2023/06/ 34 KB
34 KB 709ms
709ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2023/06/future-biodiversity-450x600-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

d60f18eb9305421e4251812de02413ea448fb3e5c8d6f115287b8a0656924c73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:03 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 34419
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 24 Oct 2023 02:51:55 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raising-roof-intro-450x600-c-default.jpg
www.ducks.ca/assets/2023/06/ 77 KB
78 KB 94ms
94ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2023/06/raising-roof-intro-450x600-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

507d5200350e05ed546632ded04d261107b47db1d7e487bc4f62843750e8659e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:03 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 79257
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 24 Oct 2023 02:51:55 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3a51606d223208a94acacef7a4700e6f.js Show response
www.ducks.ca/assets/hummingbird-assets/ 1 KB
1 KB 129ms
129ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/3a51606d223208a94acacef7a4700e6f.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

4fc883f7a9605520c08a98517823fc186356c6f4ad443affbdaadadd5fa529b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:03 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 571
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:46:12 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.21ea5f10.js Show response
www.ducks.ca/wp-content/themes/duc/dist/static/js/ 289 KB
90 KB 95ms
94ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/static/js/main.21ea5f10.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

f01437673e72399e4bca1ec0be3ae0885a98ad24a498532b102c936eef1bdaee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:03 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 15 Jan 2024 17:49:51 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4a7f9e667ce833bf10472ccdd922fa72.js Show response
www.ducks.ca/assets/hummingbird-assets/ 14 KB
5 KB 96ms
95ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/4a7f9e667ce833bf10472ccdd922fa72.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

97613efe15da32355d912f7d1958ec86306184e245c9bf8c3451c71ec97fddfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 4830
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:44:17 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.ducks.ca/wp-includes/js/dist/vendor/ 16 KB
6 KB 103ms
103ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 5889
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 19:03:30 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aa0d7554c856834fd0491843ae50a480.js Show response
www.ducks.ca/assets/hummingbird-assets/ 14 KB
5 KB 106ms
106ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/aa0d7554c856834fd0491843ae50a480.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

e71add29e7812882dd4f0da91fe58706315acbcde9a46c3d7555e3d07c04aedb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 5130
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:44:17 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a11y.min.js Show response
www.ducks.ca/wp-includes/js/dist/ 2 KB
1 KB 96ms
96ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 960
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 19:03:30 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d123d799fafa538484100efc9d90a643.js Show response
www.ducks.ca/assets/hummingbird-assets/ 25 KB
10 KB 103ms
103ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/assets/hummingbird-assets/d123d799fafa538484100efc9d90a643.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

1ffe77d6de7930a2df2c5d1a896f402c331dae1b3e242279d49d399350a33e04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 9583
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 May 2024 18:46:13 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts-theme.min.js Show response
www.ducks.ca/wp-content/plugins/gravityforms/assets/js/dist/ 4 KB
2 KB 111ms
110ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

a894dbb6e181fc9a70bf4453dc3571e0b5a0b068356310b3139abd081cb80d24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1752
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:44:55 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 new-tab.js Show response
www.ducks.ca/wp-content/plugins/page-links-to/dist/ 24 KB
9 KB 105ms
99ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 8819
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 04 Mar 2022 19:56:38 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smush-lazy-load-native.min.js Show response
www.ducks.ca/wp-content/plugins/wp-smush-pro/app/assets/js/ 9 KB
5 KB 106ms
100ms Script
text/javascript 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load-native.min.js?ver=3.15.0

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

be6782a8a0617c64e1eaf887f6771ac1e4ead25232ffcf133e5cba77b7379e76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 4156
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:01 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a55138b7269cff6cd54d267e38fb48b41779f9a2.js Show response
my.hellobar.com/ 23 KB
4 KB 533ms
167ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/a55138b7269cff6cd54d267e38fb48b41779f9a2.js
Requested by: Host: www.ducks.ca
URL: https://www.ducks.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8baa9de7a0de2144fc6a07f45e8d36925d54ff3541c6d4d7bedc08df866e70

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 03 May 2024 13:49:30 GMT
server: cloudflare
x-amz-request-id: G4FCTQJPV2ZSYHB8
etag: W/"5baaec57b24d9ea66aed9043ff981867"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 87e413ad6cf436cc-YYZ
x-amz-id-2: vTkNz2V4bwoHBR7DuI3H4E52LnqOW/tnrtw6Hq21RW6xB38rtzcI0FEjSQY49/o4aAjsuIVDECo=

GET
H2 200 embed-donate.js Show response
ducks.donordrive.com/resources/js/ 12 KB
4 KB 486ms
112ms Script
application/javascript 2606:4700::6812:be27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ducks.donordrive.com/resources/js/embed-donate.js?v=20240325113912

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:be27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

251cc4163dd7a6fc1d8413d9e9ade1b74b4bcb5d4dd74adb9a60f4a1e77cf57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 6216
cf-polished: origSize=13798
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 03 May 2024 03:05:31 GMT
server: cloudflare
etag: W/"6634547b-35e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 87e413ae2992ab54-YYZ
expires: Sat, 04 May 2024 03:37:04 GMT

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 937ms
402ms Ping
text/plain 52.214.78.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.78.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-78-235.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarynBIbT7gl1g5Zfy3U

Response headers

access-control-allow-origin: *
date: Fri, 03 May 2024 23:37:04 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/ 95 KB
32 KB 116ms
114ms Script
application/javascript 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc708fdee593bd96cf3473e6096eb6fd22220d71122d5a4f46c1d08796dfe3ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2024 00:33:19 GMT
server: cloudflare
age: 376988
etag: "17dbc-6167c59daefe6-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 87e413ab3fd0ac0f-YYZ
content-length: 32727

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 127ms
117ms Stylesheet
text/css 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uds6bcz&ht=tk&f=10954.13453.13454.13464.13465.13466.13467.18480.18481.18482.18483.18488.18489.24349.24350.24351.24354&a=107013823&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
last-modified: Fri, 14 Jul 2023 12:44:31 GMT
server: nginx
etag: "64b1432f-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
94 KB 236ms
235ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-398XHC6YN5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5817337-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8ddd941006bdc3d6a1bf6c594cdbf67955bdd60688738bdd1edab9155a0687a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 May 2024 23:37:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 548ms
151ms Script
text/javascript 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5817337-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 May 2024 22:19:27 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 04 May 2024 00:19:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 160ms
159ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156587635-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5817337-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

411dbece89e2cc59824318fbbad46298af05fec0957a113ae4c1d5bd55934cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74645
x-xss-protection: 0
last-modified: Fri, 03 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 May 2024 23:37:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 274ms
273ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1011148027&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5817337-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5716710d7466e34272f305ae4e8e8068f4b53eeffcc15c8db9f157b7334891d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79111
x-xss-protection: 0
last-modified: Fri, 03 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 May 2024 23:37:04 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 374 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f68361193d90603a25d438f72f3497c2a4c3deaf087df0e8ecac48b8a58aaf55

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7485684ab40601d4a059a0553f57645611c29e78e77c140b21327af71106c15

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 x-logo.svg
www.ducks.ca/wp-content/themes/duc/dist/images/ 430 B
869 B 109ms
108ms Image
image/svg+xml 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/images/x-logo.svg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

dd46f96b6f47fcd33683b79ddfaf3daca1d4f8aeba3c0f2bde1584c69cc699d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 430
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 15 Jan 2024 17:49:45 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maple-leaf.svg
www.ducks.ca/wp-content/themes/duc/dist/images/ 2 KB
2 KB 116ms
116ms Image
image/svg+xml 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/images/maple-leaf.svg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

032e3c1bfe3408c36ea47292f5f0ef72bedaf1911a1cc0d6f4d9ca2af5c8064a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 1928
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 15 Jan 2024 17:49:45 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 help-hands.svg
www.ducks.ca/wp-content/themes/duc/dist/images/ 795 B
1 KB 117ms
117ms Image
image/svg+xml 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/images/help-hands.svg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

34a04e0f1b9a0ba5c447ba518329c10e00576a337188203f51e322605605156f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 795
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 15 Jan 2024 17:49:45 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 leaf.svg
www.ducks.ca/wp-content/themes/duc/dist/images/ 577 B
1016 B 156ms
156ms Image
image/svg+xml 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/images/leaf.svg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

01c8a16999c28817d96d89fb0bf37990ca6da03d00f3ef32d6896081482a90fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 577
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 15 Jan 2024 17:49:45 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 goose-icon.svg
www.ducks.ca/wp-content/themes/duc/dist/images/ 994 B
1 KB 118ms
117ms Image
image/svg+xml 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/images/goose-icon.svg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

72a0f2acf42ef7005c85f459f7656248ecdb3412ea4260f8c1c0c7359aff5544

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/assets/hummingbird-assets/8f8e8e8ab978bcf96538fe34eeedd02d.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 994
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 15 Jan 2024 17:49:45 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 l
use.typekit.net/af/1709eb/000000000000000000010b60/27/ 31 KB
31 KB 885ms
344ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1709eb/000000000000000000010b60/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8b87f68e11485a97091ca246e20406fb58aa627bb5d8fe9c8451be9a3f980c05

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/uds6bcz.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
server: nginx
etag: "1e6fba0f6749f0f4d655f48653813eff46fe2e2a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31400

GET
H2 200 fontello.woff2
www.ducks.ca/wp-content/themes/duc/dist/fonts/ 6 KB
6 KB 104ms
97ms Font
font/woff2 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/fonts/fontello.woff2?79526452

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

5ccab72d7341e1c256d8e3b5d646a7d9cee9ffdd61731a8b854e2bd758bcb5ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 6032
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 11 Aug 2022 21:30:38 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 l
use.typekit.net/af/442215/000000000000000000010b5a/27/ 30 KB
30 KB 896ms
356ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/442215/000000000000000000010b5a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5153dcdd92287fc7014a3a4610c6714b94da7cbdf5df3d5947179419868be9ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/uds6bcz.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
server: nginx
etag: "2022472bf1f127ce6fb8eca653e355a7d2498f09"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30216

GET
H2 200 l
use.typekit.net/af/ac6334/000000000000000000012059/27/ 36 KB
37 KB 816ms
276ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac6334/000000000000000000012059/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 74c5874adefb264e299942f86f07a1e36da99223933c2612ffdcc36e05387c76

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/uds6bcz.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
server: nginx
etag: "a9584cd1dff14f617679e757fe0ece2393559e38"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37280

GET
H2 200 l
use.typekit.net/af/650441/000000000000000077359f96/30/ 30 KB
30 KB 898ms
358ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/650441/000000000000000077359f96/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a29bd28623630b2f573a62ea55880f6762120f081305f5b4d4dfa7db343d0a9b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/uds6bcz.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
server: nginx
etag: "030ee7d57ca9eb85f7e0fd158eea209071f0e328"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30280

GET
H2 200 l
use.typekit.net/af/a91824/000000000000000077359f9d/30/ 28 KB
28 KB 685ms
146ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a91824/000000000000000077359f9d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2ec777f2100d609871dcc11b7c2a2ba25e993de36065caea5d2c2e176b51b65f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/uds6bcz.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
server: nginx
etag: "9f5cd0d33f9035395e683d8a70b68f1ea7fc2f0b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28500

GET
H2 200 l
use.typekit.net/af/5464d5/00000000000000000001205a/27/ 37 KB
37 KB 786ms
247ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5464d5/00000000000000000001205a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c7b8cc6bae254c5cb333bb3bbc504f2b983af359003db57ba2bbdf55fa48e02d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/uds6bcz.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
server: nginx
etag: "31a391671144f4a8e6b64969af5f0f769427e3bf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37892

GET
H2 200 l
use.typekit.net/af/04ec74/00000000000000000001205b/27/ 36 KB
36 KB 928ms
391ms Font
application/font-woff2 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/04ec74/00000000000000000001205b/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uds6bcz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 775871982d4a6e5ce130a7bfe4aef3e7ecc9b16bf290a593800a8ac5f3c5910f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/uds6bcz.css
Origin: https://www.ducks.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
server: nginx
etag: "cdc369c75195a38445fd0106d43c70ff0e373dd8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36688

GET
H2 206 duc-water.mp4
www.ducks.ca/wp-content/themes/duc/dist/video/ 80 KB
0 94ms
94ms Media
video/mp4 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/video/duc-water.mp4

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://www.ducks.ca/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
Content-Range: bytes 0-1749345/1749346
x-sucuri-cache: HIT
Content-Length: 1749346
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 11 Aug 2022 21:30:19 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: video/mp4
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 480ms
108ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/assets/hummingbird-assets/3a51606d223208a94acacef7a4700e6f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: gzip
via: 1.1 56afed1ff867622bc96040c761f69a64.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-C1
age: 78
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 87e413ae2f93ab6f-YYZ
x-amz-cf-id: cAKXtS-m41oPtLUp5PLlHDZPkU4IYqd76Fh0sClbRbX0PY3xpvSfCw==

GET
H2 200 smush-lazyloader-2.gif
www.ducks.ca/wp-content/plugins/wp-smush-pro/app/assets/images/ 6 KB
6 KB 103ms
103ms Image
image/gif 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/wp-content/plugins/wp-smush-pro/app/assets/images/smush-lazyloader-2.gif

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

6bb4f9f946f5c4451ae843398c2db24fc84180325bd9c524d52e22f73431d341

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 5842
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 03 Nov 2023 18:19:01 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/gif
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 duc-logo-en.svg
www.ducks.ca/wp-content/themes/duc/dist/images/ 11 KB
12 KB 246ms
246ms Image
image/svg+xml 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/images/duc-logo-en.svg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

ddeaa5e0d316737100fbbb41456d7c53a5ee83c2d7d1b7f189dcdf510d251f79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 11702
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 15 Jan 2024 17:49:45 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20151016_IMG0028-310x198-c-default.jpg
www.ducks.ca/assets/2021/02/ 25 KB
25 KB 231ms
230ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2021/02/20151016_IMG0028-310x198-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

b419678817a0bcd3a32bfc2a0631d0818e2cf71471e989b317d7d4815ca115b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 25160
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 23 Oct 2023 22:17:38 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HJE-scaled-540x370-c-default.jpg
www.ducks.ca/assets/2024/03/ 43 KB
43 KB 167ms
166ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2024/03/HJE-scaled-540x370-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

487ebff43ecce3dba1f68d1c4dbb163828064c62780aa35b2e8f3596944e8fcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 43969
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 22 Mar 2024 14:33:05 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hero_wetlands-840x670-c-default.jpg
www.ducks.ca/assets/2024/02/ 129 KB
130 KB 145ms
145ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2024/02/hero_wetlands-840x670-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

92a7e8048bdf43fa053f28b42afd22c6703d4b54536b96fe40f394436526b690

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 132601
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 08 Feb 2024 17:26:26 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hero_approach_education-840x670-c-default.jpg
www.ducks.ca/assets/2024/02/ 141 KB
142 KB 94ms
94ms Image
image/jpeg 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2024/02/hero_approach_education-840x670-c-default.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

c71ca41d619ce8e6b1920a96c9b58ecdaea194f2ed8c72726a327cb44f150c4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 144363
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 08 Feb 2024 15:05:26 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 138ms
137ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X72X8TM4ZF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156587635-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87019bdb959ed0dadc3649eaad7ca55c4a4e1cacbc8c622b91d0be148f92eae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92228
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 May 2024 23:37:04 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
243 B 595ms
178ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-398XHC6YN5&gtm=45je4510v9138487833za200&_p=1714779423153&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1348151749.1714779425&ul=en-ca&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1714779424&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducks.ca%2F&dt=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=2615
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-398XHC6YN5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 637ms
204ms Ping
text/plain 2607:f8b0:4004:c19::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-398XHC6YN5&cid=1348151749.1714779425&gtm=45je4510v9138487833za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-398XHC6YN5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 522ms
176ms Image
image/gif 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-398XHC6YN5&cid=1348151749.1714779425&gtm=45je4510v9138487833za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=2065831693

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011148027/ 3 KB
1 KB 578ms
126ms Script
text/javascript 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011148027/?random=1714779424834&cv=11&fst=1714779424834&bg=ffffff&guid=ON&async=1&gtm=45be4510za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ducks.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&npa=0&pscdl=noapi&auid=1456874747.1714779425&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1011148027

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ec268f68b833d8f8e8fb24bdb0982d41cc22f707313349685c7e4f628cd8e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1433
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
92 KB 134ms
134ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RFDJN393CL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8L7GJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e617a15d4cdaf915a53d2146a319ede50c5b4c5afaf6122969eabd46aab0ea9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 May 2024 23:37:04 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 143ms
142ms Ping
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X72X8TM4ZF&gtm=45je4510v9117277502za200&_p=1714779423153&gcd=13l3l3l3l1&npa=0&dma=0&cid=1348151749.1714779425&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1714779424&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducks.ca%2F&dt=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&en=page_view&_fv=1&_ss=1&tfd=2730
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X72X8TM4ZF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 duc-water.mp4
www.ducks.ca/wp-content/themes/duc/dist/video/ 12 KB
13 KB 104ms
103ms Media
video/mp4 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/video/duc-water.mp4

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

e062535f4aa636780693e363edad633d8c32ad7f078501ca85448d48b4b31f31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://www.ducks.ca/
Range: bytes=1736704-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
Content-Range: bytes 1736704-1749345/1749346
x-sucuri-cache: HIT
Content-Length: 12642
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 11 Aug 2022 21:30:19 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: video/mp4
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dR.jpg
www.ducks.ca/assets/2024/04/ 201 KB
202 KB 147ms
146ms Image
image/webp 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2024/04/dR.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=4e06d1a7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

2785e1110a15a2c715b8a2f2798e5ed275fe914ca8128f9e8bc73ce8d4075682

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 205792
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 25 Apr 2024 15:33:40 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept
content-type: image/webp
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 clean-water-wetlands-1.jpg
www.ducks.ca/assets/2024/03/ 62 KB
63 KB 144ms
143ms Image
image/webp 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2024/03/clean-water-wetlands-1.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=4e06d1a7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

6facf3829aa0a620319fec50b8daaad89e8f9b7bc66e3d4f9bdf06cec313aa7a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 63898
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 22 Mar 2024 16:03:00 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept
content-type: image/webp
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wetlands-spring.jpg
www.ducks.ca/assets/2024/03/ 509 KB
510 KB 165ms
164ms Image
image/webp 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.ca/assets/2024/03/wetlands-spring.jpg

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=4e06d1a7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

1bd8945b4da20581b69f356052faa35bb9dc55f983cc6652d8b62800792ad816

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 521596
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 15 Mar 2024 18:59:20 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept
content-type: image/webp
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modules.842bcec28f9fd12bb79e.js Show response
script.hotjar.com/ 221 KB
55 KB 503ms
162ms Script
application/javascript 13.224.214.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.842bcec28f9fd12bb79e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-859241.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-90.phl50.r.cloudfront.net

Software

Resource Hash

1d85a9a8a0c664f61a19377e5846769cce64d963e29001f56403926e63033f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 13:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 121919
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55872
last-modified: Thu, 02 May 2024 13:44:30 GMT
etag: "f27d2d9a453e162eec63180cf358c726"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: T1fKAgC-NsenZClPVrgfTs_GFGv6m4k5syEiqBRHhwTEZ9_BkEogDQ==

GET
H2 200 modules-v2.js Show response
my.hellobar.com/ 299 KB
74 KB 170ms
169ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v2.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/a55138b7269cff6cd54d267e38fb48b41779f9a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0cf06c1d63117bc542e5349d068018b4c926e5b1d5a8b20d5b942d66305048e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QM3DKBYVSG5A881X
age: 4917
cf-polished: origSize=306628
x-amz-server-side-encryption: AES256
x-amz-id-2: u6IjNoXciM+XmOqd6xH7WGgGWXyef+uC2qnC5mPPxEIf3TAgbHtFveeySX4XxH/ZWQGyCbmUVcaqj6GdAVbdeOacR7H4p2RrjeG703WaRys=
cf-bgj: minify
last-modified: Thu, 02 May 2024 18:14:41 GMT
server: cloudflare
etag: W/"161e17583089782b2d3d381d8fbdc42c"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 87e413aebe2e36cc-YYZ

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 128ms
128ms Ping
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RFDJN393CL&gtm=45je4510v9127142201z877391919za200&_p=1714779423153&gcd=13l3l3l3l1&npa=0&dma=0&cid=1348151749.1714779425&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714779425&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducks.ca%2F&dt=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&en=page_view&_fv=1&_ss=1&ep.content_group=ducks&tfd=2877
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RFDJN393CL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
496 B 597ms
185ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=68518862&u=https%3A%2F%2Fwww.ducks.ca%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

5620736733d08739821b0ce0257ae0bb0a303147964677d67e3988f83d56f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 63
cf-ray: 87e413b1df6cac3f-YYZ

GET
H2 200 1307598842655627 Show response
connect.facebook.net/signals/config/ 65 KB
14 KB 176ms
175ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1307598842655627?v=2.9.155&r=stable&domain=www.ducks.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8562b27eb425db2bacfa3ffd58ae61deb4db56b392ef9ff09cc03097a556298

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 May 2024 23:37:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=61, mss=1392, tbw=63266, tp=-1, tpl=-1, uplat=63, ullat=0
pragma: public
x-fb-debug: Djsra7apdSVro5hZmjVfIGcgTDk8xnEQTXwuaAOuVrownQt9d93QXbZmerCSmssHk3n/3ha7gQImcLDX4qXl8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 124ms
123ms XHR
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=59796401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ducks.ca%2F&ul=en-ca&de=UTF-8&dt=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=3206412&gjid=1696144845&cid=1348151749.1714779425&tid=UA-5817337-29&_gid=231057135.1714779425&_r=1&gtm=457e4510za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1892424992

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 190ms
190ms XHR
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=59796401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ducks.ca%2F&ul=en-ca&de=UTF-8&dt=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1790534024&gjid=488445277&cid=1348151749.1714779425&tid=UA-156587635-6&_gid=231057135.1714779425&_r=1&gtm=457e4510za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1445912134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 duc-water.mp4
www.ducks.ca/wp-content/themes/duc/dist/video/ 2 MB
0 0ms
0ms Media
video/mp4 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/wp-content/themes/duc/dist/video/duc-water.mp4

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://www.ducks.ca/
Range: bytes=65536-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:04 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 11 Aug 2022 21:30:19 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: video/mp4
access-control-allow-origin: help.ducks.ca
Content-Range: bytes 65536-1749345/1749346
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 20012
Content-Length: 1683810
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 156 B
312 B 548ms
104ms Fetch
application/json 208.95.112.2
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=pAcPOWCUJWo5Gcp&fields=status,country,countryCode,regionName,region,city,timezone,mobile
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: c3e22b3259fb10a7fe983e703a406f99aff383bcb57533d001f9ee079e203725

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 May 2024 23:37:05 GMT
Content-Length: 156
Content-Type: application/json; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 599ms
204ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1307598842655627&ev=PageView&dl=https%3A%2F%2Fwww.ducks.ca%2F&rl=&if=false&ts=1714779425390&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4126&fbp=fb.1.1714779425388.1006054062&cs_est=true&ler=empty&cdl=API_unavailable&it=1714779425150&coo=false&rqm=GET

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1392, tbw=2755, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 May 2024 23:37:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 321ms
205ms XHR
text/plain 2607:f8b0:4004:c19::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5817337-29&cid=1348151749.1714779425&jid=3206412&gjid=1696144845&_gid=231057135.1714779425&_u=YADAAUAAAAAAACAAI~&z=2012723749

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 May 2024 23:37:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011148027/ 42 B
64 B 553ms
130ms Image
image/gif 2607:f8b0:4004:c0b::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011148027/?random=1714779424834&cv=11&fst=1714777200000&bg=ffffff&guid=ON&async=1&gtm=45be4510za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ducks.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&npa=0&pscdl=noapi&auid=1456874747.1714779425&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqdUt6h8KiK3X3QJKDXRqOrVwJHkXoDg&random=2842012420&rmt_tld=0&ipr=y

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1011148027/ 42 B
64 B 131ms
130ms Image
image/gif 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1011148027/?random=1714779424834&cv=11&fst=1714777200000&bg=ffffff&guid=ON&async=1&gtm=45be4510za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ducks.ca%2F&hn=www.googleadservices.com&frm=0&tiba=Conserving%20Canada%E2%80%99s%20Wetlands%20%7C%20Ducks%20Unlimited%20Canada&npa=0&pscdl=noapi&auid=1456874747.1714779425&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqdUt6h8KiK3X3QJKDXRqOrVwJHkXoDg&random=2842012420&rmt_tld=1&ipr=y

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 533ms
181ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=68518862&prismid=e8d6d090-254b-4646-a10c-42618d8df33d&url=https%3A%2F%2Fwww.ducks.ca%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.27
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 16
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 87e413b53c78ab66-YYZ
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 507ms
177ms Image
image/gif 2607:f8b0:4004:c0b::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5817337-29&cid=1348151749.1714779425&jid=3206412&_u=YADAAUAAAAAAACAAI~&z=1500846999

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 174ms
174ms Image
image/gif 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5817337-29&cid=1348151749.1714779425&jid=3206412&_u=YADAAUAAAAAAACAAI~&z=1500846999

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 23:37:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clever_ads.js Show response
my.hellobar.com/ 43 B
271 B 104ms
103ms Script
application/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/clever_ads.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:05 GMT
cf-cache-status: HIT
x-amz-request-id: G5HB881NR8APBM55
age: 77
cf-polished: origSize=45
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: ScJRQ8JYvseRaP63iDnjr7WpCTd0y173xvWMwzIdQZk0rJIIo9vlCW3PwjcsAvKSKg5/S+ngrKU=
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 07:47:23 GMT
server: cloudflare
etag: "7e9ec97ef70197804a968a2b2c74d155"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87e413b44b8736cc-YYZ

GET
H2 200 FdHPYFYd.json Show response
cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/ 43 B
335 B 545ms
185ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/FdHPYFYd.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6a8f08a25fdca7284d51d50b0360fed017c47857048e04e17984bf9d63a92c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2024 00:33:19 GMT
server: cloudflare
age: 376972
etag: W/"2b-6167c59dac106"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 87e413b8d93aac46-YYZ

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
903 B 495ms
169ms Script
application/javascript 18.238.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/

Requested by

Host: www.ducks.ca
URL: https://www.ducks.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-127.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

be20c5c0d38e8f821b824d88c5358ecbc794f000f7a6782586c91a0d489fa98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:36:53 GMT
content-encoding: gzip
via: 1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PHL51-P1
age: 54
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 328
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 09:02:06 GMT
server: AmazonS3
etag: "6954bef8cfc6a6ab13d60d02135ad187"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: x3lPPkfq0qpxzo_9yzDXoExhYFYQ0m6cPTli1yBUFSfJAuneLr_EaA==

GET
H2 200 favicon-32x32.png
www.ducks.ca/ 2 KB
2 KB 93ms
93ms Other
image/png 192.124.249.12
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.ca/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.12 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10012.sucuri.net

Software

nginx /

Resource Hash

011e3a6ff7e1d5bb318dc2da14268320ace55f2087dd440339c74f418187d213

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:06 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 1936
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 13 Dec 2023 17:35:05 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
access-control-allow-origin: help.ducks.ca
cache-control: max-age=315360000
x-sucuri-id: 20012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor.0c11f266.js Show response
beacon-v2.helpscout.net/static/js/ 51 KB
18 KB 115ms
114ms Script
application/javascript 18.238.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/vendor.0c11f266.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-127.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

14d3eea2bbe24e151d544e67883a6635ce7d9b0cf6175517980fe444ad373f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:53:07 GMT
content-encoding: gzip
via: 1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PHL51-P1
age: 2640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17765
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 09:02:07 GMT
server: AmazonS3
etag: "e0eaa5e68d866fd2edde772ad7db7720"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: bY_pu-CnsLMICKWLiiWblouB7L5-47oD5q3f1iWP_0_klwCBMEU3LQ==

GET
H2 200 main.5db76a65.js Show response
beacon-v2.helpscout.net/static/js/ 31 KB
13 KB 144ms
143ms Script
application/javascript 18.238.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/main.5db76a65.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-127.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7bdb4689706c8ae335d3753008d4863272ce46a5fe10caeaf0631ff87624818e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:31:01 GMT
content-encoding: gzip
via: 1.1 d9cb2cc28f0170090b851fc36d4c091e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PHL51-P1
age: 3966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12630
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 09:02:06 GMT
server: AmazonS3
etag: "a70c53131633dc37fdbf7a1a9d2d5363"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Xagh10rZwvzHV_hpt1IMaKRI85iIt7O0Lf9vBx7vZry5Sec9lATCvQ==

GET
H2 200 3MedW5QX.json Show response
cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/config/ 30 KB
5 KB 105ms
105ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/config/3MedW5QX.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d332f0b7b6313a3bde597a76ac2e83438df870df6186c1a6956ce0fa3c8917a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2024 00:33:19 GMT
server: cloudflare
age: 376972
etag: W/"799d-6167c59daefe6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 87e413ba0a90ac46-YYZ

OPTIONS
H2 200 45ecdc53-66fd-4801-8e58-4226a059686c
d3hb14vkzrxvla.cloudfront.net/v1/ 0
0 520ms
185ms Preflight 13.224.208.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/45ecdc53-66fd-4801-8e58-4226a059686c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.208.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-208-114.phl50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: beacon-device-id,beacon-device-instance-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method: GET
Origin: https://www.ducks.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: beacon-device-id, beacon-device-instance-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods: GET
access-control-allow-origin: https://www.ducks.ca
age: 20
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Fri, 03 May 2024 23:36:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
via: 1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
x-amz-cf-id: deFhpaWHDY0qopwGmw7NZgbkAp4DOBd1mq6uHunOQK7TPbCR44CKDw==
x-amz-cf-pop: PHL50-C1
x-cache: Hit from cloudfront
x-ratelimit-limit-ai-ask-hour: 25
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-general-minute: 60
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-remaining-general-minute: 60
x-ratelimit-remaining-identify-hour: 25

GET
H2 200 45ecdc53-66fd-4801-8e58-4226a059686c Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 8 KB
9 KB 340ms
339ms XHR
application/json 13.224.208.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/45ecdc53-66fd-4801-8e58-4226a059686c

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.0c11f266.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.208.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-208-114.phl50.r.cloudfront.net

Software

Resource Hash

498a010f39d4fcd3639218512fbee315324ed0f8a7cce261078904bba7b295f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: 0f9e422a-ba3b-4f15-ac77-fb957f53b22b
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Helpscout-Release: 2.2.185
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Beacon-Device-ID: bbbc7064-7e65-4ace-8b41-df2b21ddb1c9
Referer: https://www.ducks.ca/
Beacon-Device-Instance-ID: 42455c22-a9fc-4ddc-a7e2-5dde06ceb0c4
Helpscout-Origin: Beacon-Embed
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
x-cache: Miss from cloudfront
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
vary: Origin,Access-Control-Request-Method
content-type: application/json
access-control-allow-origin: https://www.ducks.ca
x-ratelimit-remaining-general-minute: 60
access-control-expose-headers: Resource-ID
cache-control: max-age=300
access-control-allow-credentials: true
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-ai-ask-hour: 25
x-amz-cf-id: sID4snc_EaJ-3Mo0ZvhU6SFzD1QWPQ0A_R5goRdMkAYcDfHTJatW3g==
x-ratelimit-limit-chat-tokens-hour: 25

GET
H2 200 IlDsuTWE.json Show response
cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/translations/ 2 KB
872 B 102ms
102ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/translations/IlDsuTWE.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545d17de5e8f8f30f91b2e49749b90fd35b6101297f72e1b3ff0c15453e437d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2024 00:33:19 GMT
server: cloudflare
age: 376973
etag: W/"6fe-6167c59db1ec7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 87e413babb5cac46-YYZ

GET
H2 200 LjI-Ty-X.json Show response
cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/audit-table/ 15 KB
4 KB 103ms
102ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/audit-table/LjI-Ty-X.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ccff1f09d396dc37d1123bf92deef4b6015e2478dcb013decba2d5fea5509e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 20 Apr 2024 00:33:19 GMT
server: cloudflare
age: 376972
etag: W/"3d08-6167c59daefe6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 87e413bbfcc2ac46-YYZ

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
841 B 113ms
112ms Image
image/svg+xml 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 23:37:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:50 GMT
server: cloudflare
age: 377121
etag: W/"541-5da3a66c769d4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 87e413bcbb27ac0f-YYZ

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
152 B 181ms
181ms Ping
text/plain 52.214.78.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/5334ec02d5456ff7ca9b73bf/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.78.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-78-235.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHpBgDuL3uHQsOgGk

Response headers

access-control-allow-origin: *
date: Fri, 03 May 2024 23:37:07 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ducks.ca/	1970-01-20 21:02:26	Name: ac_enable_tracking Value: 1
.ducks.ca/	1970-01-21 05:55:39	Name: _ga_398XHC6YN5 Value: GS1.1.1714779424.1.0.1714779424.60.0.0
.ducks.ca/	1970-01-21 05:55:39	Name: _ga_X72X8TM4ZF Value: GS1.1.1714779424.1.0.1714779424.0.0.0
.donordrive.com/	1970-01-20 20:19:41	Name: __cf_bm Value: qAaCi62Lc9eorSrdNJpLZQ84r7cQ3pLPt7s8M_13mz8-1714779424-1.0.1.1-Equn5aJbONR0O.fKSyTftJU33g_Opy4Bm7IyEa1xwZqB0RFvDOEc8RQkORoKqj2r0Z0Q30dwzjT.9aRJbmX3HA
.donordrive.com/	1969-12-31 23:59:59	Name: _cfuvid Value: oU2h.2VyQUKvW7oPc089pb4qQTh90HD81mkovSrZI3U-1714779424997-0.0.1.1-604800000
.ducks.ca/	1970-01-21 05:55:39	Name: _ga_RFDJN393CL Value: GS1.1.1714779425.1.0.1714779425.0.0.0
.doubleclick.net/	1970-01-20 20:19:40	Name: test_cookie Value: CheckForPermission
.ducks.ca/	1970-01-21 05:05:15	Name: _hjSessionUser_859241 Value: eyJpZCI6ImE2MGE5YzFkLWM5ZDItNWIzMS1iOWEzLTQ1MmYzOGVhOWUyNSIsImNyZWF0ZWQiOjE3MTQ3Nzk0MjU2NzUsImV4aXN0aW5nIjpmYWxzZX0=
.ducks.ca/	1970-01-20 20:19:41	Name: _hjSession_859241 Value: eyJpZCI6ImRhMWQyYzQ5LTI0ZjUtNGIyYi04MzUxLTFhMzI4MTZmMTFlNSIsImMiOjE3MTQ3Nzk0MjU2NzYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
prism.app-us1.com/	1970-01-20 21:02:51	Name: prism_68518862 Value: e8d6d090-254b-4646-a10c-42618d8df33d
.ducks.ca/	1970-01-20 21:02:51	Name: prism_68518862 Value: e8d6d090-254b-4646-a10c-42618d8df33d
www.ducks.ca/	1970-01-21 05:05:15	Name: cookieyes-consent Value: consentid:dWNCS2x6Q0xtdzNnV2hEVDdzeFJjTE1ZVTBPSFJSbG8,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.ducks.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1307598842655627?v=2.9.155&r=stable&domain=www.ducks.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.ducks.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
beacon-v2.helpscout.net
cdn-cookieyes.com
connect.facebook.net
d3hb14vkzrxvla.cloudfront.net
diffuser-cdn.app-us1.com
ducks.ca
ducks.donordrive.com
googleads.g.doubleclick.net
log.cookieyes.com
my.hellobar.com
p.typekit.net
prism.app-us1.com
pro.ip-api.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
trackcmp.net
use.typekit.net
www.ducks.ca
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
13.224.208.114
13.224.214.65
13.224.214.90
18.238.4.127
192.124.249.12
2001:4860:4802:34::181
208.95.112.2
2600:1408:c400:29::17da:da44
2606:4700:10::6816:3a5b
2606:4700:10::ac43:2be9
2606:4700:4400::6812:22d6
2606:4700::6811:1fae
2606:4700::6812:be27
2607:f8b0:4004:c07::65
2607:f8b0:4004:c0b::67
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c19::61
2607:f8b0:4004:c19::9d
2607:f8b0:4004:c1d::9c
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
52.214.78.235
011e3a6ff7e1d5bb318dc2da14268320ace55f2087dd440339c74f418187d213
01c8a16999c28817d96d89fb0bf37990ca6da03d00f3ef32d6896081482a90fd
032e3c1bfe3408c36ea47292f5f0ef72bedaf1911a1cc0d6f4d9ca2af5c8064a
089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f
0cf06b9a7ddb392b40aee567af3e440496ca5b9f03f95a6b47167a518c17c317
11f4b1c5b48fa0100ba180a2e7ffc3296a59ecd4b210351bb452130979c8582c
14d3eea2bbe24e151d544e67883a6635ce7d9b0cf6175517980fe444ad373f77
1bc31a98b94208d481ea9b12fbde6e8b4b3246cf12d6cffff5ce520f543338d2
1bd8945b4da20581b69f356052faa35bb9dc55f983cc6652d8b62800792ad816
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d85a9a8a0c664f61a19377e5846769cce64d963e29001f56403926e63033f31
1ec268f68b833d8f8e8fb24bdb0982d41cc22f707313349685c7e4f628cd8e38
1ffe77d6de7930a2df2c5d1a896f402c331dae1b3e242279d49d399350a33e04
251cc4163dd7a6fc1d8413d9e9ade1b74b4bcb5d4dd74adb9a60f4a1e77cf57c
2785e1110a15a2c715b8a2f2798e5ed275fe914ca8128f9e8bc73ce8d4075682
2ec777f2100d609871dcc11b7c2a2ba25e993de36065caea5d2c2e176b51b65f
34a04e0f1b9a0ba5c447ba518329c10e00576a337188203f51e322605605156f
3d757a659bc5590e41fd3c60d3be6b9cfae8604841c622c8ad44b230ffe87b23
3ed4efa1381df6fbe5afc46dea3071259c30d3f1439cf85603335540cd5d8ca8
3f68164b027ff40a3f90cf02fef265a2e0c4ef094b1b5fd840f2ab8b17f4e1dc
411dbece89e2cc59824318fbbad46298af05fec0957a113ae4c1d5bd55934cb8
421eda352ea8fb2b325a66965d0392a4826b551ef7f2be5a647d2ae3f46a0a0b
487ebff43ecce3dba1f68d1c4dbb163828064c62780aa35b2e8f3596944e8fcd
498a010f39d4fcd3639218512fbee315324ed0f8a7cce261078904bba7b295f9
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4fc883f7a9605520c08a98517823fc186356c6f4ad443affbdaadadd5fa529b9
507d5200350e05ed546632ded04d261107b47db1d7e487bc4f62843750e8659e
5153dcdd92287fc7014a3a4610c6714b94da7cbdf5df3d5947179419868be9ca
545d17de5e8f8f30f91b2e49749b90fd35b6101297f72e1b3ff0c15453e437d6
5620736733d08739821b0ce0257ae0bb0a303147964677d67e3988f83d56f814
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5829bd353f174161be7db1c4451d0ef7991da02ee832b4b092e849ee3395a0bb
5ccab72d7341e1c256d8e3b5d646a7d9cee9ffdd61731a8b854e2bd758bcb5ef
6274259b91c00bd9e24b5a00112127ff51270ad3c1d8cbb10f3ecbd33a440b70
63d5c736b9f0ba1b209a2483201fd42bdd6fc9017cd19480317482ff33f7036b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68b324a6179651d56917d3b1f3f5d0a1e71b08550b1468790826dde5e22b2b56
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb4f9f946f5c4451ae843398c2db24fc84180325bd9c524d52e22f73431d341
6facf3829aa0a620319fec50b8daaad89e8f9b7bc66e3d4f9bdf06cec313aa7a
72a0f2acf42ef7005c85f459f7656248ecdb3412ea4260f8c1c0c7359aff5544
74c5874adefb264e299942f86f07a1e36da99223933c2612ffdcc36e05387c76
7734306b24719e59158e81abe7849cd4323df1fcee4364b190808b8e761a3255
775871982d4a6e5ce130a7bfe4aef3e7ecc9b16bf290a593800a8ac5f3c5910f
7bdb4689706c8ae335d3753008d4863272ce46a5fe10caeaf0631ff87624818e
866ce0557c25a351783f1f5287f6cee1332efafe406194195fb9c98234b8e162
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87019bdb959ed0dadc3649eaad7ca55c4a4e1cacbc8c622b91d0be148f92eae6
8b87f68e11485a97091ca246e20406fb58aa627bb5d8fe9c8451be9a3f980c05
901780cbe4df8410f5aeb1d3848cd62e2c63cf731e308536176cbe9c34e8a8aa
92a7e8048bdf43fa053f28b42afd22c6703d4b54536b96fe40f394436526b690
96ccff1f09d396dc37d1123bf92deef4b6015e2478dcb013decba2d5fea5509e
970a471f91ad8bc60848134b6630c76d5300caa1e88e6ebed454174022dec0af
97613efe15da32355d912f7d1958ec86306184e245c9bf8c3451c71ec97fddfe
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
99a4041bc29919eb5fe97c70073e2874a5520e3225e82a03a329bc060d193d33
9a0ea440512858d438a637dc47192e56809aefa2278f7869d8f63536643f24e1
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a29bd28623630b2f573a62ea55880f6762120f081305f5b4d4dfa7db343d0a9b
a6a8f08a25fdca7284d51d50b0360fed017c47857048e04e17984bf9d63a92c5
a8562b27eb425db2bacfa3ffd58ae61deb4db56b392ef9ff09cc03097a556298
a894dbb6e181fc9a70bf4453dc3571e0b5a0b068356310b3139abd081cb80d24
b0ac52fa142baa6321119f0eac89c89044d4431444922fb682b863e365c6ac6d
b419678817a0bcd3a32bfc2a0631d0818e2cf71471e989b317d7d4815ca115b5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be20c5c0d38e8f821b824d88c5358ecbc794f000f7a6782586c91a0d489fa98c
be6782a8a0617c64e1eaf887f6771ac1e4ead25232ffcf133e5cba77b7379e76
c3e22b3259fb10a7fe983e703a406f99aff383bcb57533d001f9ee079e203725
c71ca41d619ce8e6b1920a96c9b58ecdaea194f2ed8c72726a327cb44f150c4c
c7b8cc6bae254c5cb333bb3bbc504f2b983af359003db57ba2bbdf55fa48e02d
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
ca6ef142765010507ac8c344ee29295e28bf2b93a06c536f14fdd91deff6a697
cc708fdee593bd96cf3473e6096eb6fd22220d71122d5a4f46c1d08796dfe3ec
d332f0b7b6313a3bde597a76ac2e83438df870df6186c1a6956ce0fa3c8917a3
d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df
d3c1d8f8747a02b8ca061d34d195069fb88e8f573505e572f4ea1065f13e837b
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d5716710d7466e34272f305ae4e8e8068f4b53eeffcc15c8db9f157b7334891d
d60f18eb9305421e4251812de02413ea448fb3e5c8d6f115287b8a0656924c73
d6f3358743b370d0292e2c8db3820b32eb5ea5f8f4cac004b3d3a34c6557ee7d
d7485684ab40601d4a059a0553f57645611c29e78e77c140b21327af71106c15
dd46f96b6f47fcd33683b79ddfaf3daca1d4f8aeba3c0f2bde1584c69cc699d4
ddeaa5e0d316737100fbbb41456d7c53a5ee83c2d7d1b7f189dcdf510d251f79
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e062535f4aa636780693e363edad633d8c32ad7f078501ca85448d48b4b31f31
e0cf06c1d63117bc542e5349d068018b4c926e5b1d5a8b20d5b942d66305048e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5df7236dd99e061a39dc02418170062a6e807829afd5e1b683d1b4eea7afcbc
e617a15d4cdaf915a53d2146a319ede50c5b4c5afaf6122969eabd46aab0ea9b
e71add29e7812882dd4f0da91fe58706315acbcde9a46c3d7555e3d07c04aedb
ec4eb1d43feb1ff5d46ff8fceb2ff6a7447a604bdbbe0e2c0e3fce9545954736
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8baa9de7a0de2144fc6a07f45e8d36925d54ff3541c6d4d7bedc08df866e70
f01437673e72399e4bca1ec0be3ae0885a98ad24a498532b102c936eef1bdaee
f50c3c8126205132077e808fb8c8ba20ede201e51a543c96777473cdbc7c4946
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
f68361193d90603a25d438f72f3497c2a4c3deaf087df0e8ecac48b8a58aaf55
f8ddd941006bdc3d6a1bf6c594cdbf67955bdd60688738bdd1edab9155a0687a
fb4eaa04b4e471705026e27577227b787117605ca4aa48f203bcfec1503af3fa

www.ducks.ca Open in urlscan Pro 192.124.249.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

100 %HTTPS

68 %IPv6

19 Domains

25 Subdomains

23 IPs

2 Countries

3159 kBTransfer

8425 kBSize

12 Cookies

11 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ducks.ca Open in urlscan Pro
192.124.249.12 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

100 %
HTTPS

68 %
IPv6

19
Domains

25
Subdomains

23
IPs

2
Countries

3159 kB
Transfer

8425 kB
Size

12
Cookies

110 HTTP transactions
3 data transactions