urlscan.io logo urlscan.io
SecurityTrails logo

www.ducks.org Open in urlscan Pro
104.214.108.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ducks.org/support/yearend/ye2020/donateOnlineSecure.aspx?pro
Effective URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Submission: On January 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 17 domains to perform 52 HTTP transactions. The main IP is 104.214.108.93, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.ducks.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 20th 2020. Valid for: a year.
This is the only time www.ducks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 104.214.108.93 8075 (MICROSOFT...)
6 13.85.88.16 8075 (MICROSOFT...)
5 104.75.88.112 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
1 216.58.205.226 15169 (GOOGLE)
2 4 172.217.16.134 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2600:9000:210... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
52 22
10    104.214.108.93 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.ducks.org
6    13.85.88.16 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
duckscdn.blob.core.windows.net
5    104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
1    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net
www.googleadservices.com
4    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
10231870.fls.doubleclick.net
5083104.fls.doubleclick.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2606:4700:10::6816:e17 (United States)

ASN13335 (CLOUDFLARENET, US)
my.hellobar.com
3    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
fonts.googleapis.com
3    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
2    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:2104:8a00:1b:45dc:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)
hi.hellobar.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
10 www.ducks.org 2 redirects www.ducks.org
6 www.google.com cse.google.com
www.ducks.org
6 duckscdn.blob.core.windows.net www.ducks.org
3 my.hellobar.com www.googletagmanager.com
my.hellobar.com
www.ducks.org
3 s7.addthis.com www.ducks.org
s7.addthis.com
2 5083104.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.facebook.com www.ducks.org
2 www.google.de www.ducks.org
2 googleads.g.doubleclick.net www.googleadservices.com
2 px.ads.linkedin.com 1 redirects www.ducks.org
2 connect.facebook.net www.ducks.org
connect.facebook.net
2 10231870.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 cse.google.com www.ducks.org
www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 hi.hellobar.com www.ducks.org
1 fonts.googleapis.com my.hellobar.com
1 clients1.google.com www.ducks.org
1 www.googleapis.com www.ducks.org
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.ducks.org
1 www.googleadservices.com www.googletagmanager.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.googletagmanager.com www.ducks.org
52 25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.addthis.com
Subject Issuer Validity Valid
*.ducks.org
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-20 -
2021-12-21		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2020-11-14 -
2021-11-14		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2021-04-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-25 -
2021-11-24		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.hellobar.com
Amazon		 2020-12-15 -
2022-01-13		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Frame ID: AF14E93AB7DEDDA71FD326A4A46D312B
Requests: 46 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2D6FDE3D68C4FE402660DB22C20CE224
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6BA8DC306CB21ECFF51CC60673024E1C
Requests: 1 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/activityi;dc_pre=CNTYpMaQsu4CFc0nGAodM2oA2A;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation
Frame ID: 1DB245682181E8393D26DCDAB6A8D99C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato
Frame ID: FDE49939124BFEB08897A2BE29F86D7B
Requests: 4 HTTP requests in this frame

Frame: https://5083104.fls.doubleclick.net/activityi;dc_pre=CL_2_MaQsu4CFUWBGAodWSYJJg;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation
Frame ID: 32C7AA2B77FC86D68ACFFCF4C1A96B9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.ducks.org/support/yearend/ye2020/donateOnlineSecure.aspx?pro HTTP 301
    https://www.ducks.org/support/yearend/ye2020/donateOnlineSecure.aspx?pro HTTP 302
    https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Page Statistics

52
Requests

96 %
HTTPS

73 %
IPv6

17
Domains

25
Subdomains

22
IPs

5
Countries

2662 kB
Transfer

4652 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ducks.org/support/yearend/ye2020/donateOnlineSecure.aspx?pro HTTP 301
    https://www.ducks.org/support/yearend/ye2020/donateOnlineSecure.aspx?pro HTTP 302
    https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation HTTP 302
  • https://10231870.fls.doubleclick.net/activityi;dc_pre=CNTYpMaQsu4CFc0nGAodM2oA2A;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation
Request Chain 30
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1611407452337&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26time%3D1611407452337%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252FdonateOnlineSecure.aspx%253FpromoKey%253DGeneralDonation%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1611407452337&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&liSync=true
Request Chain 51
  • https://5083104.fls.doubleclick.net/activityi;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation HTTP 302
  • https://5083104.fls.doubleclick.net/activityi;dc_pre=CL_2_MaQsu4CFUWBGAodWSYJJg;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set donateOnlineSecure.aspx
www.ducks.org/
Redirect Chain
  • http://www.ducks.org/support/yearend/ye2020/donateOnlineSecure.aspx?pro
  • https://www.ducks.org/support/yearend/ye2020/donateOnlineSecure.aspx?pro
  • https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
82 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8e66f6047224ed6e12f7590ae3aae3dfafa130df642090c89a3a3bdc62a78d1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.ducks.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ASP.NET_SessionId=grcl3g1xjqimsdpefqcnsopj; ReferringUrl=UNKNOWN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
X-Result-Reason
Not Redirected
X-UrlRewriter-404
404 Rewritten to DNN Tab : 404 - Page Not Found(Tabid:8507) : Reason Requested_404
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge IE=10
Set-Cookie
dnn_IsMobile=False; path=/; HttpOnly language=en-US; path=/; HttpOnly DU_SESSION_VIEW_COUNT=1; path=/; HttpOnly __RequestVerificationToken=aDrp_dmr9yPGrmMdTwSrDCTYcpxiLCxdHD3ipL_6-SPGAjyc-afh-6VLR3ViOlLsAvHdnQ2; path=/; HttpOnly
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
*
Date
Sat, 23 Jan 2021 13:10:50 GMT
Content-Length
84125

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
/donateOnlineSecure.aspx?promoKey=GeneralDonation
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=grcl3g1xjqimsdpefqcnsopj; path=/; HttpOnly ReferringUrl=UNKNOWN; path=/
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Sat, 23 Jan 2021 13:10:50 GMT
Content-Length
166
DependencyHandler.axd
www.ducks.org/ 		278 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1399
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8c0cf5808decc25d2055ef50a113f5c03508823860e4373d4f0cb3bbfd465578

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Jan 2021 08:59:21 GMT
ETag
"7d65160bf6d007c9febbc0832f319a37"
Access-Control-Allow-Methods
*
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=848910, s-maxage=848910
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
42635
Expires
Tue, 02 Feb 2021 08:59:21 GMT
DependencyHandler.axd
www.ducks.org/ 		451 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9saWJyYXJpZXMvalF1ZXJ5LzAxXzA5XzAxL2pxdWVyeS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktTWlncmF0ZS8wMV8wMl8wMS9qcXVlcnktbWlncmF0ZS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktVUkvMDFfMTFfMDMvanF1ZXJ5LXVpLmpzOw&t=Javascript&cdv=1399
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d3cb488888e9ea75771482ea8d142de6a4b3846f7bc7e49a3b90b6c9f041cae3

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Jan 2021 06:39:08 GMT
ETag
"1543aa30ffe2174318651201bb1e859c"
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=840496, s-maxage=840496
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
117658
Expires
Tue, 02 Feb 2021 06:39:08 GMT
WebResource.axd
www.ducks.org/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/WebResource.axd?d=pynGkmcFUV30wkr0VxdaLepze5QkbZPFrxJ5iedrC6BgKY57PpfKNc0GycQ1&t=636996002731294402
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Jul 2019 02:24:33 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
6007
Expires
Sun, 23 Jan 2022 05:24:09 GMT
Telerik.Web.UI.WebResource.axd
www.ducks.org/ 		140 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ScriptManager_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a22727c22-244c-4537-8243-3c42cc5b20e2%3aea597d4b%3ab25378d2
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
70444fe7a3a0b50db2a0e01e060adbdbfd51294f3fca39be4ba0be287cd32a4d

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2013 00:00:00 GMT
Vary
User-Agent
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
35151
Expires
Sun, 23 Jan 2022 13:10:51 GMT
DependencyHandler.axd
www.ducks.org/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy90aGlyZExldmVsLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9tb2Rlcm5penItY3VzdG9tLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9za2luLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1399
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a0f292cfc768426a641a341b12b0a881bd99244adc50d25f8e09d75627d9bdc

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Jan 2021 06:40:11 GMT
ETag
"ec4bd743a9610ac74a29ed31e4f34e9e"
Access-Control-Allow-Methods
*
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=840559, s-maxage=840559
X-UA-Compatible
IE=10
Access-Control-Allow-Headers
*
Content-Length
30259
Expires
Tue, 02 Feb 2021 06:40:11 GMT
promo-habitat-pullover.jpg
duckscdn.blob.core.windows.net/imagescontainer/_global/nav/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/nav/promo-habitat-pullover.jpg?cb=1
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bfe2e4f6c9f082836611193605add8397f00156056152a878b3052d05e01a2ec

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 23 Jan 2021 13:10:51 GMT
Last-Modified
Thu, 03 Dec 2020 04:03:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
n1g4F3y6YW1VKiquvt96vw==
ETag
"0x8D89740636D193E"
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
ba7e0cab-a01e-002a-5789-f10d2d000000
x-ms-version
2014-02-14
Content-Disposition
Accept-Ranges
bytes
Content-Length
12259
x-ms-lease-state
available
ic_facebook.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		748 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_facebook.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
08a63ff052869fd7bc5c160e0fa136076500451675562f99f5cbba799498ad99

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 23 Jan 2021 13:10:51 GMT
Last-Modified
Mon, 08 Jan 2018 19:41:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2kX1Bo5N5krR4GIUjZ85gA==
ETag
"0x8D556CFD4FAA918"
Vary
Origin
Content-Type
image/png
x-ms-request-id
d39b79d4-d01e-0121-7089-f1530c000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
748
x-ms-lease-state
available
ic_twitter.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_twitter.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5e6da4379a25cc190a0ce4c38b816a8d20f20161d57825feb1adcec75cf539c5

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 23 Jan 2021 13:10:52 GMT
Last-Modified
Mon, 08 Jan 2018 19:45:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
0LXFZWWY2yEbWHqRUbcrZA==
ETag
"0x8D556D05553CD44"
Vary
Origin
Content-Type
image/png
x-ms-request-id
73e872f9-501e-0034-3c89-f1d7c0000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
1052
x-ms-lease-state
available
ic_youtube.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_youtube.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
295a9a73e8b5839b4db4ed0b0e4784a058cb25ac2dd8bbcd59b062038e831708

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 23 Jan 2021 13:10:52 GMT
Last-Modified
Mon, 08 Jan 2018 19:45:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
m1ZFKOk+KwvXcGe4ke5MLQ==
ETag
"0x8D556D058CD9A76"
Vary
Origin
Content-Type
image/png
x-ms-request-id
02ba8574-301e-0060-7589-f13d4a000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
1651
x-ms-lease-state
available
ic_instagram.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_instagram.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3e6bd1ed9d844e4f8aea6ada75aa9b5f16c9698de108d181d1f2db9de86047ea

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 23 Jan 2021 13:10:51 GMT
Last-Modified
Mon, 08 Jan 2018 19:45:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
BrEjXway920P8TyB9Bq62A==
ETag
"0x8D556D0520B7BFD"
Vary
Origin
Content-Type
image/png
x-ms-request-id
92d77467-901e-0104-3589-f1cbbf000000
Cache-Control
max-age=2592000, public
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
1718
x-ms-lease-state
available
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
date
Sat, 23 Jan 2021 13:10:52 GMT
x-host
s7.addthis.com
content-length
116325
gtm.js
www.googletagmanager.com/ 		97 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5cc8bb84ff1537f173a217b94cd91e1d527f639bd4fe2a7828948da868daa28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35664
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Jan 2021 13:10:52 GMT
g-logo-vert-green.png
duckscdn.blob.core.windows.net/imagescontainer/_global/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckscdn.blob.core.windows.net/imagescontainer/_global/logos/g-logo-vert-green.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1399
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a81755bd2468f9738069c47b54e2d936d51cf482a3351c184c213d448ba9650

Request headers

Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1399
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Sat, 23 Jan 2021 13:10:52 GMT
Content-MD5
p2gi8omVVGDWlcFL3R74dA==
x-ms-copy-progress
6023/6023
x-ms-copy-source
https://duckscdn.blob.core.windows.net/imagescontainer/_global%2Flogos%2Fg-logo-vert-green-orig.png?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-07-05T14%3A59%3A50Z&se=2018-07-06T15%3A14%3A50Z
x-ms-copy-status
success
Content-Length
6023
x-ms-lease-state
available
x-ms-lease-status
unlocked
Accept-Ranges
bytes
Last-Modified
Thu, 05 Jul 2018 15:14:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D5E28A0DB7F667"
Vary
Origin
Content-Type
image/png
x-ms-request-id
a790fbd5-a01e-0107-4a89-f1c8b8000000
x-ms-version
2014-02-14
x-ms-copy-id
7207a82f-f543-4d77-8fd6-63f83dbc58ed
x-ms-copy-completion-time
Thu, 05 Jul 2018 15:14:50 GMT
glyphicons-halflings-regular.woff2
www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1399
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Origin
https://www.ducks.org
Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1399
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:51 GMT
Cache-Control
max-age=259200
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
1245
Content-Type
text/html
cse.js
cse.google.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
bd8a8399f88395c4d56021ea3eac6309bf9bd13d53e9330b07ee886875d255b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Sat, 23 Jan 2021 13:10:52 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=26016
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/rmead/ 		1 KB
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/rmead/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48af02cc1c6d72a0a5057b8739df9c0cbd8fc43a274b35d87fd90db76f138b0c

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
gzip
etag
-228177025--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=17, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
534
300lo.json
m.addthis.com/live/red_lojson/ 		88 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=600c205c141f16ff&bkl=0&bl=1&pdt=1458&sid=600c205c141f16ff&pub=rmead&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.ducks.org&fp=404&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1611407452278&jsl=1&uvs=600c205c4a352ea3000&skipb=1&callback=addthis.cbs.jsonp__4314702957156020
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c921aab2b41fcf1a684d72b13378ec5982eddfe82b236f09e162b6ca6bc65fc7

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:10:52 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
88
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2D6F 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 6BA8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
etag
W/"5ed917ff-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Sat, 23 Jan 2021 13:10:52 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
conversion_async.js
www.googleadservices.com/pagead/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f226.1e100.net
Software
cafe /
Resource Hash
34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12189
x-xss-protection
0
server
cafe
etag
8926089356025331971
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Jan 2021 13:10:52 GMT
activityi;dc_pre=CNTYpMaQsu4CFc0nGAodM2oA2A;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure...
10231870.fls.doubleclick.net/ Frame 1DB2
Redirect Chain
  • https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSec...
  • https://10231870.fls.doubleclick.net/activityi;dc_pre=CNTYpMaQsu4CFc0nGAodM2oA2A;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10231870.fls.doubleclick.net/activityi;dc_pre=CNTYpMaQsu4CFc0nGAodM2oA2A;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10231870.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNTYpMaQsu4CFc0nGAodM2oA2A;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jan 2021 13:10:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
421
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Jan-2021 13:25:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jan 2021 13:10:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10231870.fls.doubleclick.net/activityi;dc_pre=CNTYpMaQsu4CFc0nGAodM2oA2A;src=10231870;type=pagev0;cat=allpa0;ord=1;num=8918797876045;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
Xs+FzjE1HWjdQKXo6BnEE91yxdz+eZrLFEw8XaxHyU7z7at7S1pAPzHBy9o3W9kSlBznGr4k03w1xZzV1GsXDg==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 23 Jan 2021 13:10:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=39849
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
my.hellobar.com/ 		52 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd9c1ae9e579a443087a1bde6b95a80107390416b6d4572a0db7851a1a8d483f

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Jan 2021 09:42:18 GMT
server
cloudflare
x-amz-request-id
2C47FEBFD2917155
etag
W/"e709fc2b50d511540da2750e652d90a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
TnoVWfobAHOmq53jpRP9rJ5dz9YZy+gX7dzT1JSoCGiy+hN3xH9Ms6q+90lRGsTHiWMIHMTySbM=
content-type
text/javascript
cache-control
max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray
6161c1e10ba24abd-FRA
cf-request-id
07d0f780a300004abdb3930000000001
cf-bgj
minify
cse_element__en.js
www.google.com/cse/static/element/a57bc5975bc720b0/ 		275 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/a57bc5975bc720b0/cse_element__en.js?usqp=CAM%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ce5619a84bf7d3e559a5b45aa7f56fee491dd3f648775bbb7b42cb1f6f3c6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 18:04:24 GMT
server
sffe
age
87075
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92399
x-xss-protection
0
expires
Sat, 22 Jan 2022 12:59:37 GMT
default+en.css
www.google.com/cse/static/element/a57bc5975bc720b0/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/a57bc5975bc720b0/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 18:04:24 GMT
server
sffe
age
162309
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9032
x-xss-protection
0
expires
Fri, 21 Jan 2022 16:05:43 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
age
52
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
expires
Sat, 23 Jan 2021 14:00:00 GMT
1431799027060769
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1431799027060769?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b09b02c3876713e965a6af40c5afe5bbda53dfd87dcbd7bfe877e5e2e3306882
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70582
x-fb-rlafr
0
pragma
public
x-fb-debug
MPmtLh6BYNVGmbXMfYe26xV5UJYDdj6XUkUByDqxH6gIYsrGXU+GEKzG/5ZsgnHD1M8A3omyLCAaZx1ZfbIjRw==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 23 Jan 2021 13:10:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1974417786
expires
Sat, 01 Jan 2000 00:00:00 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Sat, 23 Jan 2021 13:10:52 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1611407452337&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26time%3D1611407452337%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252Fdonat...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1611407452337&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&liSync=true
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1611407452337&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&liSync=true
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:53 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
95eOaoreXBYQfUbLIysAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
AY+8Y4reXBaQEkjYQisAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: 4D8EEC0179ED4BB48E59C0633E487731 Ref B: FRAEDGE1206 Ref C: 2021-01-23T13:10:52Z
x-frame-options
sameorigin
date
Sat, 23 Jan 2021 13:10:52 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1611407452337&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
async-ads.js
cse.google.com/adsense/search/ 		182 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/a57bc5975bc720b0/cse_element__en.js?usqp=CAM%3D
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5de2d935236175ec5fbb45a219dcc80c5ab8250ec7de3050b2509632baa6bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"13878497225270027185"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 23 Jan 2021 13:10:52 GMT
generate_204
www.googleapis.com/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 05:49:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
age
372070
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
expires
Wed, 19 Jan 2022 05:49:42 GMT
generate_204
clients1.google.com/ 		0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
glyphicons-halflings-regular.woff
www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1399
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Request headers

Origin
https://www.ducks.org
Referer
https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1399
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:10:51 GMT
Last-Modified
Wed, 30 Dec 2020 19:46:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"12b42c89e4ded61:0"
Content-Type
font/x-woff
Cache-Control
max-age=259200
Accept-Ranges
bytes
Content-Length
23424
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1040837785/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1040837785/?random=1611407452372&cv=9&fst=1611407452372&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&tiba=404%20-%20Page%20Not%20Found&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
048d3ced83660b188e3ed32137737ebce75740e1b0712efa135b5731cb1b12e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1038
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976631994/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976631994/?random=1611407452375&cv=9&fst=1611407452375&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&tiba=404%20-%20Page%20Not%20Found&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7542e3db9cacebdb00a5969c7cc15a181e226eb48cd5a63545a6b1660984fcc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
/
www.google.com/pagead/1p-user-list/1040837785/ 		42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1040837785/?random=1611407452372&cv=9&fst=1611406800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&tiba=404%20-%20Page%20Not%20Found&async=1&fmt=3&is_vtc=1&random=1584344328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1040837785/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1040837785/?random=1611407452372&cv=9&fst=1611406800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&tiba=404%20-%20Page%20Not%20Found&async=1&fmt=3&is_vtc=1&random=1584344328&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976631994/ 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976631994/?random=1611407452375&cv=9&fst=1611406800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&tiba=404%20-%20Page%20Not%20Found&async=1&fmt=3&is_vtc=1&random=1137492106&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/976631994/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/976631994/?random=1611407452375&cv=9&fst=1611406800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&tiba=404%20-%20Page%20Not%20Found&async=1&fmt=3&is_vtc=1&random=1137492106&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 13:10:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1431799027060769&ev=PageView&dl=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&rl=&if=false&ts=1611407452471&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611407452470.1242664604&it=1611407452324&coo=false&rqm=GET
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 23 Jan 2021 13:10:52 GMT
modules-v62.js
my.hellobar.com/ 		141 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.hellobar.com/modules-v62.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c685937740c376910ed9be834e97ea9ee5aa92cdb143db7896afa5f29b926f

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
content-encoding
br
cf-cache-status
HIT
age
4562986
x-amz-request-id
525813296A51CCD1
x-amz-id-2
1J6Eq8NtYKKWvPvi48YrvMyqiW4OWItBhVowYkplsWTeNc+nI+jgomrKO8AkzpprOgQNW1KRv+4=
last-modified
Tue, 01 Dec 2020 17:20:58 GMT
server
cloudflare
etag
W/"938daf06ac0b68c972fa0929870792dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31557600, must-revalidate, proxy-revalidate, s-maxage=31557600
cf-request-id
07d0f7818600004abdb839e000000001
cf-ray
6161c1e26fc24abd-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame FDE4 		675 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v62.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa8bc6afa7e5d6454a8d64e4d68015529dcc2221d4f8ee9f0194f71dc2ee3586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 Jan 2021 12:00:29 GMT
server
ESF
date
Sat, 23 Jan 2021 13:10:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Jan 2021 13:10:52 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1431799027060769&ev=Microdata&dl=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&rl=&if=false&ts=1611407452974&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct404%20-%20Page%20Not%20Found%5Cn%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ducks.org%2F404%22%2C%22og%3Atitle%22%3A%22404%20-%20Page%20Not%20Found%22%2C%22og%3Aimage%3Awidth%22%3A%22480%22%2C%22og%3Aimage%3Aheight%22%3A%22226%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611407452470.1242664604&it=1611407452324&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 23 Jan 2021 13:10:52 GMT
Kw9yLSbe0TbDzZDYgBjAi5s3xR6zV3mAZ-TpsKZeIf86p
hi.hellobar.com/v/hJNd5iLQmT5IS8R6-GBS8QwBBM0gDS/ 		35 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.hellobar.com/v/hJNd5iLQmT5IS8R6-GBS8QwBBM0gDS/Kw9yLSbe0TbDzZDYgBjAi5s3xR6zV3mAZ-TpsKZeIf86p?t=1611407453&v=f3b5057f-d1fd-42be-9c62-84fba11c36ed&f=i&s=5cebab5da22836fd743e433dab69de725c449ef08313e0d51a305bf9b4ce152348162007f70026d85df5c6efa3d5a62d7d89dcdf6cf3cd4b6e43a7a3d0b59759
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:8a00:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 02:01:35 GMT
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
last-modified
Tue, 10 Apr 2018 13:15:02 GMT
server
AmazonS3
age
87923
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Error from cloudfront
content-type
image/gif
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
pBTbaB3GdRyu8R__p3oiod0R2_Fv0_s230FbkFMiK0kDygw4ymHUMQ==
Habitat_Pullover_SIDE_Dark_8.4.20.jpg
my.hellobar.com/image_uploads/images/000/212/489/large/ Frame FDE4 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.hellobar.com/image_uploads/images/000/212/489/large/Habitat_Pullover_SIDE_Dark_8.4.20.jpg?1609863352
Requested by
Host: www.ducks.org
URL: https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f88177f9d4353e0d38252b4f4a4042c560e9a3dac38467f6fa5219d8efb65dd

Request headers

Referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 13:10:53 GMT
cf-cache-status
HIT
age
37
cf-ray
6161c1e60a9f4abd-FRA
content-length
1772522
x-amz-id-2
m+cEkV0uoeAPSRSECP3QtTXsClqePRZROeDfBjyFgcFW5KOJ1/JqKXj+u5CEsfG8pylT2TwctmM=
last-modified
Tue, 05 Jan 2021 16:15:57 GMT
server
cloudflare
etag
"c06ae4395c0d098ae461f956a1f11d2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
BA204E2B8CB305D1
cache-control
max-age=14400
cf-request-id
07d0f783c000004abdd48fe000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
truncated
/ Frame FDE4 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728

Request headers

Origin
https://www.ducks.org
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ Frame FDE4 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ducks.org
Referer
https://fonts.googleapis.com/css?family=Lato
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 06:30:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
24028
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Sun, 23 Jan 2022 06:30:25 GMT
activityi;dc_pre=CL_2_MaQsu4CFUWBGAodWSYJJg;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3...
5083104.fls.doubleclick.net/ Frame 32C7
Redirect Chain
  • https://5083104.fls.doubleclick.net/activityi;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx...
  • https://5083104.fls.doubleclick.net/activityi;dc_pre=CL_2_MaQsu4CFUWBGAodWSYJJg;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.d...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5083104.fls.doubleclick.net/activityi;dc_pre=CL_2_MaQsu4CFUWBGAodWSYJJg;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5083104.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CL_2_MaQsu4CFUWBGAodWSYJJg;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ducks.org/donateOnlineSecure.aspx?promoKey=GeneralDonation
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn7ZPCo4PZcOeEmrCCkF1F3nXykyIhJIk-Vh5tQsEQUpjS7BsfQYO7unBDf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jan 2021 13:10:53 GMT
expires
Sat, 23 Jan 2021 13:10:53 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
359
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jan 2021 13:10:53 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5083104.fls.doubleclick.net/activityi;dc_pre=CL_2_MaQsu4CFUWBGAodWSYJJg;src=5083104;type=donat0;cat=donat0;ord=3399407573498;gtm=2wg1d0;auiddc=246194058.1611407452;~oref=https%3A%2F%2Fwww.ducks.org%2FdonateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
100eng.json
m.addthis.com/live/red_lojson/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
m.addthis.com
URL
https://m.addthis.com/live/red_lojson/100eng.json?sh=0&ph=1200&ivh=1200&dt=13104&pdt=1458&ict=&pct=0&perf=widget%7C1459%7C568%2Clojson%7C2245%7C207%2Csh%7C2247%7C59&rndr=render_toolbox%7C2301%2Crender_layers_share%7C2356%2Crender_layers_thankyou%7C2367&cmenu=null&ppd=0&ppl=0&fbe=&xmv=0&xms=0&xmlc=0&jsfw=jquery&jsfwv=jquery-1.9.1&al=men%2Csmlsh%2Csmlty&scr=0&scv=0&apiu=1&ba=3&sid=600c205c141f16ff&rev=v8.28.8-wp&pub=rmead&dp=www.ducks.org&fp=donateOnlineSecure.aspx%3FpromoKey%3DGeneralDonation&pfm=0&icns=facebook%2Ctwitter%2Cemail%2Caddthis

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery number| analytics_page_startTime object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events string| dnnJscriptVersion string| DNN_HIGHLIGHT_COLOR string| COL_DELIMITER string| ROW_DELIMITER string| QUOTE_REPLACEMENT number| KEY_LEFT_ARROW number| KEY_UP_ARROW number| KEY_RIGHT_ARROW number| KEY_DOWN_ARROW number| KEY_RETURN number| KEY_ESCAPE boolean| hasRelatedStories function| Init function| DisablePinchZoom function| FrameMediaImage function| SetThirdLevelSlideUp function| IsInEditMode function| ShowThirdLevelSlider function| EmbedAds function| SetTimeToRead function| get_text object| $window number| vpw number| vph string| bp boolean| isInEdit boolean| isIpad boolean| isSportingDog boolean| isRecipes boolean| isMobile function| ImageRandomizer function| AttachHandlers function| DetectDevice function| IsDeviceIpad function| IsDeviceMobile function| AnimateHeader function| SetMobileMenuHeight function| CreateRibbons function| GetBreakpoint function| SetGlobalNavActiveItem function| ThirdLevelMediaInit function| ScrollDirectionInit string| DNN_COL_DELIMITER string| DNN_ROW_DELIMITER boolean| __dnn_m_bPageLoaded function| __dnn_ClientAPIEnabled function| __dnn_Page_OnLoad function| __dnn_KeyDown function| __dnn_bodyscroll function| __dnn_setScrollTop function| __dnn_SetInitialFocus function| __dnn_CanReceiveFocus function| __dnn_ContainerMaxMin_OnClick function| __dnn_Help_OnClick function| __dnn_SectionMaxMin function| __dnn_enableDragDrop undefined| __dnn_oPrevSelPane undefined| __dnn_oPrevSelModule number| __dnn_dragEventCount function| __dnn_dragOver function| __dnn_dragComplete function| __dnn_MoveToPane function| __dnn_RefreshPanes undefined| __dnn_m_aryPanes undefined| __dnn_m_aryModules function| __dnn_Panes function| __dnn_Modules function| __dnn_getMostSelectedPane function| __dnn_getPaneControlIndex function| __dnn_Pane function| __dnn_PaneControl function| __dnn_ShowModalPage function| __dnncore object| dnncore object| jQuery19105652181946127521 object| dnn string| s object| dnnModal object| picturefillCFG function| picturefill number| tlsw number| tlsh object| Modernizr number| width object| dataLayer boolean| isHovered function| mouseOverItem function| mouseOutItem function| mouseClickItem function| GetSvgItem function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto string| adUnit1 string| adUnit2 string| adUnit3 string| adUnit4 string| ret object| addthis_share object| addthis_config object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids object| __gcse function| lintrk boolean| _already_called_lintrk object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| closure_lm_450456 function| _googCsa number| nextSearchboxId boolean| __@@##MUH function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpa number| _googEnablePurposeOneEnforcement number| _googEnableQup number| _googErrorTurnOffPersonalization number| _googTimeoutTurnOffPersonalization string| _googLazyLoadingEnableList number| _googLazyLoadingRootMargin number| _googTcfApiTimeout number| _googUspApiTimeout number| googleAltLoader function| bootstrap object| hellobarSiteSettings object| script function| hellobar

15 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUn7ZPCo4PZcOeEmrCCkF1F3nXykyIhJIk-Vh5tQsEQUpjS7BsfQYO7unBDf
.addthis.com/ Name: uvc
Value: 1%7C3
.google.com/ Name: NID
Value: 207=hXdhdu0-Tjyq-BLgda527DaVflWlOKpNoYr8H7cLttaTeogEnuKwbeB_GGNGsvgFJr5OP_GEoi5sppNlkrsimcjvTkUF0vGGLnq5eN6qaHatn3DN6bmhjmM2CcUZSSToxM51XooHOLsY22PVzxfO99-qLs8ymxw-qBTq2oraOPI
www.ducks.org/ Name: __atuvs
Value: 600c205c4a352ea3000
www.ducks.org/ Name: .ASPXANONYMOUS
Value: WtYM5OqUR8v2n7vUTCh0GDenbGWUyAz2sVpRsV6R4AIz91kksbai_gcon-nFi1U_Q4lJAlRPPOG03qa9O1oxvoHhMS9LexGnZvhNuDbz0XFMgR_x0
www.ducks.org/ Name: __atuvc
Value: 1%7C3
.addthis.com/ Name: loc
Value: MDAwMDBFVUZSMDAyMjU0MTg1OTAzODAwMDBDSA==
www.ducks.org/ Name: __RequestVerificationToken
Value: aDrp_dmr9yPGrmMdTwSrDCTYcpxiLCxdHD3ipL_6-SPGAjyc-afh-6VLR3ViOlLsAvHdnQ2
www.ducks.org/ Name: ReferringUrl
Value: UNKNOWN
www.ducks.org/ Name: DU_SESSION_VIEW_COUNT
Value: 1
www.ducks.org/ Name: language
Value: en-US
.ducks.org/ Name: _gcl_au
Value: 1.1.246194058.1611407452
www.ducks.org/ Name: dnn_IsMobile
Value: False
.ducks.org/ Name: _fbp
Value: fb.1.1611407452470.1242664604
www.ducks.org/ Name: ASP.NET_SessionId
Value: grcl3g1xjqimsdpefqcnsopj

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy90aGlyZExldmVsLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9tb2Rlcm5penItY3VzdG9tLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9za2luLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1399(Line 74)
Message:
Width: 1600
console-api log URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy90aGlyZExldmVsLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9tb2Rlcm5penItY3VzdG9tLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9za2luLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1399(Line 73)
Message:
Creating ribbons.
console-api log URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy90aGlyZExldmVsLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9tb2Rlcm5penItY3VzdG9tLmpzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9qcy9za2luLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1399(Line 80)
Message:
Setting active menu item.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10231870.fls.doubleclick.net
5083104.fls.doubleclick.net
clients1.google.com
connect.facebook.net
cse.google.com
duckscdn.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hi.hellobar.com
m.addthis.com
my.hellobar.com
px.ads.linkedin.com
s7.addthis.com
snap.licdn.com
v1.addthisedge.com
www.ducks.org
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagmanager.com
www.linkedin.com
z.moatads.com
m.addthis.com
s7.addthis.com
104.214.108.93
104.75.88.112
13.85.88.16
172.217.16.134
2.18.235.40
216.58.205.226
2600:9000:2104:8a00:1b:45dc:7080:93a1
2606:4700:10::6816:e17
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:802::2008
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:808::200a
2a00:1450:4001:815::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:825::200e
2a02:26f0:6c00:28c::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
048d3ced83660b188e3ed32137737ebce75740e1b0712efa135b5731cb1b12e7
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
08a63ff052869fd7bc5c160e0fa136076500451675562f99f5cbba799498ad99
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f88177f9d4353e0d38252b4f4a4042c560e9a3dac38467f6fa5219d8efb65dd
295a9a73e8b5839b4db4ed0b0e4784a058cb25ac2dd8bbcd59b062038e831708
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0
3a0f292cfc768426a641a341b12b0a881bd99244adc50d25f8e09d75627d9bdc
3e6bd1ed9d844e4f8aea6ada75aa9b5f16c9698de108d181d1f2db9de86047ea
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
48af02cc1c6d72a0a5057b8739df9c0cbd8fc43a274b35d87fd90db76f138b0c
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5e6da4379a25cc190a0ce4c38b816a8d20f20161d57825feb1adcec75cf539c5
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ce5619a84bf7d3e559a5b45aa7f56fee491dd3f648775bbb7b42cb1f6f3c6fc
70444fe7a3a0b50db2a0e01e060adbdbfd51294f3fca39be4ba0be287cd32a4d
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728
7542e3db9cacebdb00a5969c7cc15a181e226eb48cd5a63545a6b1660984fcc1
8a81755bd2468f9738069c47b54e2d936d51cf482a3351c184c213d448ba9650
8c0cf5808decc25d2055ef50a113f5c03508823860e4373d4f0cb3bbfd465578
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b09b02c3876713e965a6af40c5afe5bbda53dfd87dcbd7bfe877e5e2e3306882
bd8a8399f88395c4d56021ea3eac6309bf9bd13d53e9330b07ee886875d255b8
bfe2e4f6c9f082836611193605add8397f00156056152a878b3052d05e01a2ec
c8e66f6047224ed6e12f7590ae3aae3dfafa130df642090c89a3a3bdc62a78d1
c921aab2b41fcf1a684d72b13378ec5982eddfe82b236f09e162b6ca6bc65fc7
cd9c1ae9e579a443087a1bde6b95a80107390416b6d4572a0db7851a1a8d483f
d3cb488888e9ea75771482ea8d142de6a4b3846f7bc7e49a3b90b6c9f041cae3
d5cc8bb84ff1537f173a217b94cd91e1d527f639bd4fe2a7828948da868daa28
d5de2d935236175ec5fbb45a219dcc80c5ab8250ec7de3050b2509632baa6bd8
d7c685937740c376910ed9be834e97ea9ee5aa92cdb143db7896afa5f29b926f
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa8bc6afa7e5d6454a8d64e4d68015529dcc2221d4f8ee9f0194f71dc2ee3586