www.ducks.org Open in urlscan Pro
3.233.88.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portal.criticalimpact.com/go/1/483a53beaa1a8891a6473c7b9fa19141/25997/86eb09a5667862993947229f28c3afba/9e24e899d679d643a64...
Effective URL:
https://www.ducks.org/
Submission: On April 09 via manual (April 9th 2024, 3:44:18 pm UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 24 domains to perform 115 HTTP transactions. The main IP is 3.233.88.158, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.ducks.org. The Cisco Umbrella rank of the primary domain is 597930.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 5th 2024. Valid for: a year.

This is the only time www.ducks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.167.225.41 199.167.225.41	174 (COGENT-174) (COGENT-174)
1 47	3.233.88.158 3.233.88.158	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.192.32 18.66.192.32	16509 (AMAZON-02) (AMAZON-02)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	3.213.234.199 3.213.234.199	14618 (AMAZON-AES) (AMAZON-AES)
2	34.111.186.1 34.111.186.1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:10:... 2606:4700:10::6816:f17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.126.37.129 104.126.37.129	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1 1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
1	18.173.154.61 18.173.154.61	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3 6	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
1	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
115	37

1 199.167.225.41 (United States) 1 redirects

ASN174 (COGENT-174, US)
PTR: portal.cisend.com

portal.criticalimpact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 3.233.88.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-88-158.compute-1.amazonaws.com

www.ducks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-32.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.234.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-234-199.compute-1.amazonaws.com

unomiproduction-ducks.cloud.jahia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.186.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.186.111.34.bc.googleusercontent.com

evnt.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:f17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.129 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-129.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

jelly-v6.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-61.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fe6c1186ab8748349a4e400a6b1c89f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

10231870.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5083104.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:22::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	ducks.org 1 redirects www.ducks.org — Cisco Umbrella Rank: 597930	5 MB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 268 10231870.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195 5083104.fls.doubleclick.net	170 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	670 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116 maps.googleapis.com — Cisco Umbrella Rank: 674	193 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 750 www.linkedin.com — Cisco Umbrella Rank: 900 px4.ads.linkedin.com — Cisco Umbrella Rank: 6909	3 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 142 fe6c1186ab8748349a4e400a6b1c89f6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 200	19 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 849	150 KB
4	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 31745	393 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 99	22 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 623	14 KB
3	gstatic.com fonts.gstatic.com	63 KB
3	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 15437 evnt.byspotify.com — Cisco Umbrella Rank: 15383	7 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4622	126 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2227 www.google.com — Cisco Umbrella Rank: 5	316 B
2	mdhv.io 1 redirects jelly.mdhv.io — Cisco Umbrella Rank: 9221 jelly-v6.mdhv.io — Cisco Umbrella Rank: 16549	453 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2522 insight.adsrvr.org — Cisco Umbrella Rank: 985	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 248	70 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1372 script.hotjar.com — Cisco Umbrella Rank: 1732	59 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 454	47 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5967	313 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	273 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1860	17 KB
1	jahia.com unomiproduction-ducks.cloud.jahia.com	971 B
1	criticalimpact.com 1 redirects portal.criticalimpact.com — Cisco Umbrella Rank: 510403	861 B
115	24

	Domain	Requested by
47	www.ducks.org	1 redirects www.ducks.org
8	www.googletagmanager.com	www.ducks.org www.googletagmanager.com
5	analytics.tiktok.com	www.ducks.org analytics.tiktok.com
5	maps.googleapis.com	www.ducks.org maps.googleapis.com
4	px.ads.linkedin.com	3 redirects www.ducks.org
4	10231870.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	my.hellobar.com	www.googletagmanager.com my.hellobar.com www.ducks.org
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.ducks.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ducks.org
3	bat.bing.com	www.ducks.org bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	5083104.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.de	www.ducks.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.ducks.org
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	evnt.byspotify.com	pixel.byspotify.com
2	securepubads.g.doubleclick.net	www.ducks.org securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	www.ducks.org
2	fonts.googleapis.com	www.ducks.org my.hellobar.com
1	insight.adsrvr.org	js.adsrvr.org
1	pro.ip-api.com	my.hellobar.com
1	www.facebook.com	www.ducks.org
1	www.google.com	www.ducks.org
1	px4.ads.linkedin.com	www.ducks.org
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	fe6c1186ab8748349a4e400a6b1c89f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	jelly-v6.mdhv.io	www.ducks.org
1	jelly.mdhv.io	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	snap.licdn.com	www.ducks.org
1	unomiproduction-ducks.cloud.jahia.com	www.ducks.org
1	pixel.byspotify.com	www.ducks.org
1	static.hotjar.com	www.ducks.org
1	portal.criticalimpact.com	1 redirects
115	37

This site contains links to these domains. Also see Links.

Domain
convention.ducks.org
migrationmap.ducks.org
volunteers.ducks.org
www.youtube.com
donate.ducks.org
workforcenow.adp.com
www.wetlandsamericatrust.org
www.duckdna.com
www.duckexpo.com
duckscdn.blob.core.windows.net
giving.ducks.org
www.card.fnbo.com
www.alpsoutdoorz.com
itunes.apple.com
play.google.com
podcasts.apple.com
open.spotify.com
podcasts.google.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.ducks.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-05` - `2025-01-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
pixel.byspotify.com GTS CA 1D4	`2024-02-29` - `2024-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloud.jahia.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
prfx.byspotify.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-17` - `2024-04-16`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-09` - `2024-06-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.ducks.org/
Frame ID: A370249AA69165FB8505A3EB5C1EDA29
Requests: 108 HTTP requests in this frame

Frame: https://fe6c1186ab8748349a4e400a6b1c89f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BD1CE45ABB822916DFC47AEE30E3F584
Requests: 1 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/activityi;dc_pre=CIb1u9m8tYUDFf1FHgIdjDYAEg;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: A3C9F845AFFB030A6C2F695E722E970E
Requests: 1 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/activityi;dc_pre=CJz1u9m8tYUDFYlOHgId64MJ5Q;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 53561410F618E1C95EA44704AC873C35
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=7mxs1ri&ref=https%3A%2F%2Fwww.ducks.org%2F&upid=ltldgpr&upv=1.1.0
Frame ID: 9106E6725348B28F4C9D8290A13C8952
Requests: 1 HTTP requests in this frame

Frame: https://5083104.fls.doubleclick.net/activityi;dc_pre=CJ6OyNq8tYUDFU9FHgIdalcMgA;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: F3C4C672C62228D80A73A5BBF370B449
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18D39F7236A43597341A7AFC40FE23C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Ducks Unlimited

Page URL History Show full URLs

http://portal.criticalimpact.com/go/1/483a53beaa1a8891a6473c7b9fa19141/25997/86eb09a5667862993947229f28c3afba... HTTP 307
https://portal.criticalimpact.com/go/1/483a53beaa1a8891a6473c7b9fa19141/25997/86eb09a5667862993947229f28c3afba... HTTP 302
https://www.ducks.org/?utm_medium=email&utm_source=CI&utm_campaign=20240409_fundraisingeg_events_g... HTTP 302
https://www.ducks.org/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

115
Requests

97 %
HTTPS

45 %
IPv6

24
Domains

37
Subdomains

37
IPs

4
Countries

6879 kB
Transfer

10764 kB
Size

39
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://convention.ducks.org/
Title: DU Convention

Search URL Search Domain Scan URL

URL: https://migrationmap.ducks.org/
Title: Migration Map

Search URL Search Domain Scan URL

URL: https://volunteers.ducks.org/
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCa__m0TOnZ587xHMch0IPdA
Title: DU YouTube

Search URL Search Domain Scan URL

URL: https://donate.ducks.org/donateonlinesecure.aspx?promokey=fishingshirtacq1937&responsecode=xqc1aaaa&id=14111&or=1
Title: DU Fishing Shirt Join today

Search URL Search Domain Scan URL

URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=7deee1c0-b159-4fdc-8bdb-3f1d87c47510&ccId=19000101_000001&lang=en_US
Title: DU Careers

Search URL Search Domain Scan URL

URL: https://www.wetlandsamericatrust.org/
Title: Wetlands America Trust

Search URL Search Domain Scan URL

URL: https://www.duckdna.com/
Title: duckDNA

Search URL Search Domain Scan URL

URL: https://www.duckexpo.com/
Title: DU Expo

Search URL Search Domain Scan URL

URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/aboutDU/2023-2028-du-strategic-plan.pdf
Title: 2023-28 Plan

Search URL Search Domain Scan URL

URL: https://duckscdn.blob.core.windows.net/imagescontainer/media/global/statefactsheets/NationalFactSheet.pdf
Title: Fact Sheet

Search URL Search Domain Scan URL

URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/aboutDU/du-bylaws.pdf
Title: Bylaws

Search URL Search Domain Scan URL

URL: https://donate.ducks.org/donateOnlineSecure.aspx?promoKey=MemorialHonorGiving
Title: Honor & Memorial Giving

Search URL Search Domain Scan URL

URL: https://donate.ducks.org/yearend/ye2023/donateonlinesecure.aspx?promokey=yearend23&id=13906
Title: Donate Now

Search URL Search Domain Scan URL

URL: https://giving.ducks.org/?ID=13467
Title: Give Monthly

Search URL Search Domain Scan URL

URL: https://www.card.fnbo.com/landing/ducksunlimited/visa-platinum
Title: DU Visa® card

Search URL Search Domain Scan URL

URL: http://www.alpsoutdoorz.com/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/id563665674

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.ducks.android.du.official

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/ducks-unlimited-podcast/id1483983112

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/0YgJh4E6Zdae1zYVifFgPa

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy50cmFuc2lzdG9yLmZtL2R1Y2tzLXVubGltaXRlZC1wb2RjYXN0?hl=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCCynl0EGfexjkayx02tBgiw

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DucksUnlimited

Search URL Search Domain Scan URL

URL: https://twitter.com/DucksUnlimited

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ducksunlimitedinc

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DucksUnlimitedInc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ducks-unlimited/jobs/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portal.criticalimpact.com/go/1/483a53beaa1a8891a6473c7b9fa19141/25997/86eb09a5667862993947229f28c3afba/9e24e899d679d643a6473c7b9fa19141/25997 HTTP 307
https://portal.criticalimpact.com/go/1/483a53beaa1a8891a6473c7b9fa19141/25997/86eb09a5667862993947229f28c3afba/9e24e899d679d643a6473c7b9fa19141/25997 HTTP 302
https://www.ducks.org/?utm_medium=email&utm_source=CI&utm_campaign=20240409_fundraisingeg_events_garthsweepstuestopt1 HTTP 302
https://www.ducks.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://jelly.mdhv.io/v1/star.gif?pid=VeyTa07IwUHIJHbvty1l6y9yE8BK&src=mh&evt=hi HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=VeyTa07IwUHIJHbvty1l6y9yE8BK&src=mh&tx=9017604f-6299-458a-b33e-28956eadd57f

Request Chain 80

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://10231870.fls.doubleclick.net/activityi;dc_pre=CIb1u9m8tYUDFf1FHgIdjDYAEg;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F

Request Chain 81

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://10231870.fls.doubleclick.net/activityi;dc_pre=CJz1u9m8tYUDFYlOHgId64MJ5Q;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F

Request Chain 86

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26time%3D1712677452722%26li_adsId%3D5fb99a6d-7d21-4c76-a22e-87ff4747db49%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQK27dJfop8GyQAAAY7Dh_47kIA_99hm5dFATEsl3omHzSfsnbGaPAyLrOsNhi5O

Request Chain 110

https://5083104.fls.doubleclick.net/activityi;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://5083104.fls.doubleclick.net/activityi;dc_pre=CJ6OyNq8tYUDFU9FHgIdalcMgA;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ducks.org/
Redirect Chain

http://portal.criticalimpact.com/go/1/483a53beaa1a8891a6473c7b9fa19141/25997/86eb09a5667862993947229f28c3afba/9e24e899d679d643a6473c7b9fa19141/25997
https://portal.criticalimpact.com/go/1/483a53beaa1a8891a6473c7b9fa19141/25997/86eb09a5667862993947229f28c3afba/9e24e899d679d643a6473c7b9fa19141/25997
https://www.ducks.org/?utm_medium=email&utm_source=CI&utm_campaign=20240409_fundraisingeg_events_garthsweepstuestopt1
https://www.ducks.org/

136 KB
27 KB

136ms
136ms

Document
text/html

3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

f40d196b2d49762571622521ff89e8ed66d93e1097b35d5fac6c0ff2056f33c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 09 Apr 2024 15:44:11 GMT
expires: Wed, 09 May 1979 05:30:00 GMT
pragma: no-cache
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-resolver-ip: 3.233.88.158
x-xss-protection: 1; mode=block;

Redirect headers

cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
date: Tue, 09 Apr 2024 15:44:11 GMT
expires: Wed, 09 May 1979 05:30:00 GMT
location: /
pragma: no-cache
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-resolver-ip: 3.233.88.158
x-xss-protection: 1; mode=block;

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 49ms
25ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10231870

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f98779c6050ff57503a69f359bbb725a04c8f9c1ae6c0252ea99ad91399c65f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72215
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 50ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;700&display=swap

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582afe464c07a7ee24040b456208ddee12789e4eafae8c800050f54dcb15a76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:40:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H3 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ 16 KB
5 KB 30ms
16ms Stylesheet
text/css 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37999
x-jsd-version: 8.4.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220040-FRA, cache-lga21959-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eKIKU8PgfDovQn2m%2F%2FRJZtL0Mafe7d%2Fkha9p%2B1JRg5Za9f%2FVVeWnDe6uN3yAliXz7CSMru%2BdnUuWHOH0FRBCwJmlHNw6dFuCbRAGehaY7v64EXhy%2FcdmNa1qRLQvl9q675g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 871b9dfb7fba2bf3-FRA

GET
H3 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@8/ 140 KB
42 KB 20ms
19ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13551
x-jsd-version: 8.4.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 41862
x-served-by: cache-fra-etou8220133-FRA, cache-lga21921-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVggN%2FVmBTs2e%2Fr1KyTMAmYPiU2t7%2BYdbhu8r8Ouq5X9RAqjJQfcTr6r%2Fr39IDmLfFcPPmMNGjngBK9mQanr6jSsJ2Fo0ykQCfZ5SRtzlmO%2B6ruELRmOsNOB6rX3N51x%2Fhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 871b9dfd492c2bf3-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 75ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5b344d1c8c4f5fabefe6a858cac59d2588e02d824cdf56cfe4188051059a236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29331
x-xss-protection: 0
server: cafe
etag: 11 / 19822 / m202404040101 / config-hash: 2451296325098054353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H2 200 initJahiaContext.js Show response
www.ducks.org/javascript/ 896 B
737 B 176ms
174ms Script
text/javascript 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/javascript/initJahiaContext.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

e0fcb87986908d6bdd7123e108fc1142b80f2c04b19c8c63b2cdfa5035586848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 08 Jun 2023 18:52:36 GMT
server: openresty
etag: W/"896-1686250356000"
vary: accept-encoding
content-type: text/javascript
cache-control: public, max-age=2678400
accept-ranges: bytes
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 7bc7d564385464962c6379de5e5cb2f.min.css
www.ducks.org/generated-resources/ 337 KB
57 KB 207ms
206ms Stylesheet
text/css 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/generated-resources/7bc7d564385464962c6379de5e5cb2f.min.css

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

8605370eea1bb4fd69da1043ed6bc717f3c22c789f277c08076bfd7bcee80090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 13 Mar 2024 02:51:44 GMT
server: openresty
etag: 7bc7d564385464962c6379de5e5cb2f.min.css_345424_1710298304257
content-type: text/css;charset=UTF-8
content-range: bytes 0-345423/345424
content-disposition: inline;filename="7bc7d564385464962c6379de5e5cb2f.min.css"
accept-ranges: bytes
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Tue, 16 Apr 2024 15:44:12 GMT

GET
H2 200 a2f7c6d693496e204b7e3b1daec83760.min.js Show response
www.ducks.org/generated-resources/ 175 KB
52 KB 175ms
174ms Script
text/javascript 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/generated-resources/a2f7c6d693496e204b7e3b1daec83760.min.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

8437b3480c805871e231e38d0b1a0b54e509079d4829d459f30df9a657565258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 13 Mar 2024 02:52:00 GMT
server: openresty
etag: a2f7c6d693496e204b7e3b1daec83760.min.js_179315_1710298320023
content-type: text/javascript;charset=UTF-8
content-range: bytes 0-179314/179315
content-disposition: inline;filename="a2f7c6d693496e204b7e3b1daec83760.min.js"
accept-ranges: bytes
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Tue, 16 Apr 2024 15:44:12 GMT

GET
H2 200 CsrfServlet Show response
www.ducks.org/modules/ 8 KB
3 KB 116ms
115ms Script
text/javascript 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/modules/CsrfServlet

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

66b541ff9a5841136dca161cae617e5e687153daa1ce0988fbd405bc348ded78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: openresty
vary: accept-encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 icon-location.svg
www.ducks.org/modules/du-templates/images/ui/ 1 KB
900 B 176ms
175ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-location.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

9c0c9871e17c01315738923db55b38c3437fc294f271f6c48de5e422034b2d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 333 KB
110 KB 39ms
33ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92eac0c66d129786bdcdc086993d0f6cb06ca30ec551e620a0744fc22b8fa275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112034
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H2 200 hotjar-3607994.js Show response
static.hotjar.com/c/ 9 KB
4 KB 78ms
46ms Script
application/javascript 18.66.192.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3607994.js?sv=6

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-32.muc50.r.cloudfront.net

Software

Resource Hash

86f4851c9c317383b781c2c35f9c47907992ac03de276fc2f23d55268c24b76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/c7e49cb34c7ca567ef002db130ebc80e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: l32TvU_CUey7ysYwY7sRBhfVmlPbHZVV7gPMU8KVaRREvwzSCSLyKw==

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 32 KB
7 KB 34ms
8ms Script
application/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:05:50 GMT
content-encoding: gzip
via: 1.1 google
age: 2302
x-guploader-uploadid: ABPtcPq7M1e9igfTRkOcoSumIA9LshQ6bwqSQXSvJeszZCUjBVI8dUF5kQ8NTNxZhnK8afST3leW2R9eRw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6158
last-modified: Wed, 11 Oct 2023 19:00:35 GMT
server: UploadServer
etag: "13069f74108a788c598831c3a4ff2cdf"
vary: Accept-Encoding
x-goog-generation: 1697050835633914
x-goog-hash: crc32c=We0+rw==, md5=EwafdBCKeIxZiDHDpP8s3w==
content-type: application/javascript;
cache-control: public, max-age=3600
x-goog-stored-content-length: 6158
accept-ranges: bytes
expires: Tue, 09 Apr 2024 16:05:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
85 KB 27ms
22ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-976631994&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10231870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76e8929a8d76548163b13ab46186d5ac1e37217fd8b241ebc010c8543870df83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86750
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H2 200 250x152_DUFishingShirt-Sage-MigMap_Feb2024.jpg
www.ducks.org/files/live/sites/ducksorg/files/products/ 52 KB
52 KB 211ms
211ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/products/250x152_DUFishingShirt-Sage-MigMap_Feb2024.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

83aba103f4008332fbab6aa2c3783aeed421c00b1327d928ea659b7787757d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 29 Feb 2024 18:16:55 GMT
server: openresty
etag: "ef1e4466-5d41-4d76-9473-9eca341cc177-1709230615258"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 52921
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 icon-magnify-expand.svg
www.ducks.org/modules/du-templates/images/ui/ 1019 B
924 B 239ms
234ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-magnify-expand.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

21da3bc8033c202b60ee31d184a605bba75e1347157f02225ebad03d3ff7bc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 Rectangle%201188.png
www.ducks.org/files/live/sites/ducksorg/files/components/home/card-list/ 478 KB
479 KB 239ms
234ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/components/home/card-list/Rectangle%201188.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

a37f0791d9f4f14252e706399a7df54afb12da778d5092c846a77f57a41a2a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 04:15:42 GMT
server: openresty
etag: "405a4ed6-871c-496d-b0d7-56c46c2ceb8c-1677039342616"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 489335
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Rectangle%201189.png
www.ducks.org/files/live/sites/ducksorg/files/components/home/card-list/ 477 KB
478 KB 148ms
143ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/components/home/card-list/Rectangle%201189.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

5cf7f575ac323e3fa52a66157f7952cdecdfcd92e75cd261c9561146b0be794a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 04:15:32 GMT
server: openresty
etag: "2deb321c-a95d-42f6-9af3-fe27a6e573a0-1677039332935"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 488246
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 event.jpeg
www.ducks.org/files/live/sites/ducksorg/files/components/home/card-list/ 64 KB
65 KB 147ms
142ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/components/home/card-list/event.jpeg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

09c8587db76a7b78b7436a8bd182df1772a52a61745675784d71e4ed8b2d730d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 27 Mar 2023 16:55:10 GMT
server: openresty
etag: "6343dfd0-f1b9-49ee-976b-6c85ca829b9e-1679936110072"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 66007
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 CFAC.webp
www.ducks.org/files/live/sites/ducksorg/files/get-involved/Cons.%20for%20a%20Continent/ 173 KB
173 KB 151ms
146ms Image
image/webp 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/get-involved/Cons.%20for%20a%20Continent/CFAC.webp

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

99f969268e64a9aaa1b1b63c53f2171bbfe064ee44784fd2628a57c9ad067ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 06 Mar 2024 15:56:01 GMT
server: openresty
etag: "f835f11b-db7f-4bc3-940e-69028a24b8b5-1709740561150"
content-type: image/webp
cache-control: public, must-revalidate, max-age=1
content-length: 177002
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 conservation_for_a_continent.png
www.ducks.org/files/live/sites/ducksorg/files/house-ads/ 269 KB
270 KB 239ms
234ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/house-ads/conservation_for_a_continent.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

718e5c6101fd2a26ac6b775e246931ef1abdafdd0fae5e0bd8310542f561c29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 06 Mar 2024 16:28:38 GMT
server: openresty
etag: "4efd190c-0ae3-4344-aab6-01583d455ad1-1709742518563"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 275455
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 CFAC_.jpg
www.ducks.org/files/live/sites/ducksorg/files/Comms%20Articles/%242%20Billion%20CFAC/ 83 KB
83 KB 239ms
234ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/Comms%20Articles/%242%20Billion%20CFAC/CFAC_.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

4db67129ea4c491c0373cd5d18cac66111c05827a9602c829b5f23d83b8bdda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:04:55 GMT
server: openresty
etag: "742bd5a3-572b-4a82-b259-428f607e0035-1712073895156"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 84667
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Michael%20Furtman_Mallards.jpg
www.ducks.org/files/live/sites/ducksorg/files/Conservation/Waterfowl%20Surveys/ 362 KB
362 KB 239ms
235ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/Conservation/Waterfowl%20Surveys/Michael%20Furtman_Mallards.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

c8a5e202f07474fff2bf088e4c896e5ac520150dfe4106e18e1702d00a38b329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 27 Mar 2024 18:01:01 GMT
server: openresty
etag: "e8bda104-1b9b-4834-b3bd-deaee480e4fa-1711562461480"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 370261
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Ben%20Romans%2c%20DU.jpg
www.ducks.org/files/live/sites/ducksorg/files/Hunting/Destinations/Exploring%20the%20Duck%20Factory/ 320 KB
320 KB 239ms
235ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/Hunting/Destinations/Exploring%20the%20Duck%20Factory/Ben%20Romans%2c%20DU.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

5de01085f48b7e07260e4cf47a95f0d93384c4c94a01fb08ff81eb1908dc90f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 20 Feb 2024 20:22:47 GMT
server: openresty
etag: "1803d338-8e00-4f27-990b-9ad5cfb7b8ab-1708460567763"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 327174
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Furtman_Mallards_Sunrise.jpg
www.ducks.org/files/live/sites/ducksorg/files/press-release/ 241 KB
242 KB 147ms
143ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/press-release/Furtman_Mallards_Sunrise.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

c64c59c88b597f0c016ec17354b493b5b894ccf3d6aac24d8a381d1838f929db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 01 Apr 2024 21:10:03 GMT
server: openresty
etag: "e0dedb55-04bb-494b-aaff-3bedd2c64f82-1712005803808"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 247017
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Dorsey%20Pictures.jpg
www.ducks.org/files/live/sites/ducksorg/files/Conservation/National/Rescuing%20the%20Great%20Salt%20Lake/ 315 KB
315 KB 239ms
235ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/Conservation/National/Rescuing%20the%20Great%20Salt%20Lake/Dorsey%20Pictures.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

c4219f752860959add1d7256bef1509e11a8ef7078eb433b663452f90b1ece34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 27 Mar 2024 19:05:35 GMT
server: openresty
etag: "2c86c1b1-e10c-4b82-a0d9-fa817c948d1d-1711566335432"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 322237
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 pexels-thomas-lin-teaser.jpg
www.ducks.org/files/live/sites/ducksorg/files/articles/ 110 KB
110 KB 238ms
235ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/articles/pexels-thomas-lin-teaser.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

57d1046780b43f20062b1e246ce76b3217c270e13e6175a3bc297506ab2e3269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 27 Feb 2023 03:55:41 GMT
server: openresty
etag: "2fc22b9e-e1c1-4c00-80c5-8312bb680f65-1677470141243"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 112321
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 18Mil%20graph-VERT.png
www.ducks.org/files/live/sites/ducksorg/files/components/home/large-callout/ 227 KB
227 KB 239ms
235ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/components/home/large-callout/18Mil%20graph-VERT.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

3fbab5b97e8b49eeeb039db93a5b4f6c3658f4034033de4d3b253f708a619153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 16:25:28 GMT
server: openresty
etag: "7d76fb19-33e5-4f0b-9fd0-595735301591-1704299128595"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 232065
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 DU5SG_VISA_sm.jpeg
www.ducks.org/files/live/sites/ducksorg/files/ 98 KB
98 KB 237ms
234ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/DU5SG_VISA_sm.jpeg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

d7d2e2bb82f8a0247d92cfe23a8e9cbac3ebc03a82381d3c884536952fd2e721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 03 Apr 2023 20:07:48 GMT
server: openresty
etag: "3d0e3b16-1018-4ff1-b3f4-c7e0476b5a04-1680552468562"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 99867
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 icon-close.svg
www.ducks.org/modules/du-templates/images/ui/ 234 B
534 B 237ms
234ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-close.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

37e15056c2639942fa3072fc00363a3536529bc7a55ea09c751f139d2e004eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 dropdown-arrow.svg
www.ducks.org/modules/du-base-components/images/ 152 B
481 B 1100ms
1096ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-base-components/images/dropdown-arrow.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

77cb8ad87f43ae7ebcbeb49721cee249836f425195644da54daf56b01a53b8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:53:38 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 ALPS-OutdoorZ.png
www.ducks.org/files/live/sites/ducksorg/files/logos/ 62 KB
62 KB 1098ms
1095ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/ALPS-OutdoorZ.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

d0d83ecd5ee9ce05a99b244fcf64eb33415a2d56c83bc9d60d9a801a28a56fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 12 Feb 2024 17:41:32 GMT
server: openresty
etag: "20fe8e61-904f-4e03-8ad7-a3d15789c254-1707759692418"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 63087
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 GUNNER%255B10%255D.jpg
www.ducks.org/files/live/sites/ducksorg/files/logos/ 26 KB
26 KB 1099ms
1096ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/GUNNER%255B10%255D.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

f7aca2ba984b64f85f3665f63c13807f5a0613f542aa9edfc4e435d843d945e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 16:14:19 GMT
server: openresty
etag: "39aa6c86-8dc3-4874-89be-1d28b7dfeae6-1694621659369"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-disposition: inline; filename="GUNNER[10].jpg""
content-length: 26198
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 bps-cab-jlm%20(t).png
www.ducks.org/files/live/sites/ducksorg/files/logos/ 180 KB
180 KB 1097ms
1094ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/bps-cab-jlm%20(t).png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

dabf873b1c5e393d13ffb60dcb69427219a3c05f12879ca6c2349784a79b4dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 14:57:06 GMT
server: openresty
etag: "9fc70ad6-69e2-4dde-8b6c-7ebc9894d1ca-1710773826187"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 183994
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 winchester.png
www.ducks.org/files/live/sites/ducksorg/files/logos/ 182 KB
183 KB 1102ms
1099ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/winchester.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

60d0512e9e77928097160f741d5225f6aac1648e5efe8f77090cd5352f5930c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 11 Sep 2023 18:32:21 GMT
server: openresty
etag: "31451bc7-8f86-406e-8126-b3f0dccf8e0d-1694457141582"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 186871
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 arrow-down.svg
www.ducks.org/modules/du-templates/images/ui/ 230 B
523 B 1100ms
1097ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/arrow-down.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

28a0bd767b3d8f19d96a913ef0cfbe66a8b5d8e685c51a639043985bc5ab39fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 du-magazine.png
www.ducks.org/modules/du-templates/images/ui/ 67 KB
67 KB 334ms
331ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/du-magazine.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

ff85205ab1c4fe5e1510568c420432d785275715c23d3f611671a92b6ecfb220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
content-type: image/png
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 badge-apple-store.png
www.ducks.org/modules/du-templates/images/ui/ 2 KB
2 KB 1099ms
1096ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/badge-apple-store.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

e8e2bcc73dd1482eb119c643aa5c60e1c52e5c1469c003993eeb26675e980aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
content-type: image/png
cache-control: public, max-age=2678400
content-length: 1948
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 badge-google-store.png
www.ducks.org/modules/du-templates/images/ui/ 2 KB
3 KB 1098ms
1096ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/badge-google-store.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

ee11ea7fd40e017a0f38cbfa61d575f8942cc46ed684352b04b31fb689dfe576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
content-type: image/png
cache-control: public, max-age=2678400
content-length: 2362
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 Apple-Podcasts.png
www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/ 3 KB
4 KB 1096ms
1094ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/Apple-Podcasts.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

a43888d0f7f3c84e8dc4c57d846989bcb0d97a96fe72212db8b9ab29eaffcb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 04:08:31 GMT
server: openresty
etag: "57cd73d2-e222-4708-8611-944c701b1715-1677038911584"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 3467
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Spotify.png
www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/ 2 KB
3 KB 1096ms
1093ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/Spotify.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

c0cf6e482137a2b89de217e472c0fd200e55e9cd3ea8a5ae4c7ce30603d07a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 04:08:31 GMT
server: openresty
etag: "1ed87faf-8f09-434e-a439-7517b95e161c-1677038911389"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 2315
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Google-Podcasts.png
www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/ 3 KB
3 KB 1099ms
1097ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/Google-Podcasts.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

1c7c841145000f58837715f8def2afd33cdf227ebe262803c796122cd75bb791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 04:08:31 GMT
server: openresty
etag: "8a0f91ec-8e17-488c-ad61-b331ddb2753f-1677038911285"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 2748
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 YouTube.png
www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/ 2 KB
2 KB 1100ms
1098ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/logos/social-media/YouTube.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

69d72f4f5abb3e30b705273a1b8f9ef7adfeaa861d063dc41a1776f43b4213fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 04:08:31 GMT
server: openresty
etag: "eb00d98e-f609-4deb-8699-8c647eb0cfd8-1677038911484"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 1868
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 nationalbblogowin23_rgb.png
www.ducks.org/files/live/sites/ducksorg/files/Footer/ 28 KB
28 KB 1100ms
1098ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/Footer/nationalbblogowin23_rgb.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

faa4a82cd95d8230f6fa5024685dfd36e06f1b8085bab44b98193bb14f021add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 29 Sep 2023 19:27:06 GMT
server: openresty
etag: "7fb59d97-dc75-42fb-a5cd-0b880a1cc44e-1696015626100"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 28367
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 icon-facebook.svg
www.ducks.org/modules/du-templates/images/ui/ 368 B
643 B 1097ms
1095ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-facebook.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

41f6f94451d85490ab6ae9f47879b02c77b39144ffb25ef6cec7748a45fc1cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 icon-twitter.svg
www.ducks.org/modules/du-templates/images/ui/ 1 KB
1 KB 1097ms
1095ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-twitter.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

7670363d2b5d74d9d629fa7bc16675ce76e0be9064e1c98c039fcfdd2680fb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 icon-instagram.svg
www.ducks.org/modules/du-templates/images/ui/ 2 KB
1 KB 1098ms
1096ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-instagram.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

f2dbfcf6f1472d0b5a5310d6935dfe414f53f3fea0001a0b32890a4b71e58beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 icon-youtube.svg
www.ducks.org/modules/du-templates/images/ui/ 783 B
792 B 1096ms
1094ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-youtube.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

98f41a78867d2fdf26ea05f82e675a406091a744991912af96341b5e17a06a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 icon-linkedin.svg
www.ducks.org/modules/du-templates/images/ui/ 555 B
780 B 1095ms
1094ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/ui/icon-linkedin.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

172979e6450870385c50490a73957c7d987c375263d4740405f7c5bcc5c9e8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 logo-horizontal.svg
www.ducks.org/modules/du-templates/images/logo/ 17 KB
11 KB 1100ms
1098ms Image
image/svg+xml 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/modules/du-templates/images/logo/logo-horizontal.svg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

b20a071cdfcb68f29a4945d7f223975577258ee4d06529d1f60d10e7cf7a3c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:12 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 234 KB
76 KB 78ms
50ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCb5uZElNC1vlEUvz4u86Th2R2RoWS9pP8&callback=initMap&libraries=places

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8856539919ecd781bc5647ea29ba494bed78edaae74bf5a4da1c84435371895d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77949
x-xss-protection: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 35ms
21ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/modules/CsrfServlet

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducks.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/7/intl/de_ALL/ 256 KB
56 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/7/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCb5uZElNC1vlEUvz4u86Th2R2RoWS9pP8&callback=initMap&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2776d0d78c58a37702b3f843a1cc0fb7837c5748a1b225e6f0f7ff5973c24384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 21:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57375
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 18:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Apr 2025 21:21:07 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/7/intl/de_ALL/ 182 KB
56 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/7/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCb5uZElNC1vlEUvz4u86Th2R2RoWS9pP8&callback=initMap&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d148553aa5365e0a5ff91c5e21b7bd5cab956cd6cf15acda192f5648520deac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 21:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57127
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 18:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Apr 2025 21:21:07 GMT

GET
H2 200 geocoder.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/7/intl/de_ALL/ 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/7/intl/de_ALL/geocoder.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCb5uZElNC1vlEUvz4u86Th2R2RoWS9pP8&callback=initMap&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42e0f9fbcaf28f4b172e05a93be3a0703479c816badbd4ff4753b937055497dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 22:06:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 322665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1810
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 18:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Apr 2025 22:06:27 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.ducks.org
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 79808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 17:34:04 GMT

GET
H2 200 Derek%20Christians_Homepage.png
www.ducks.org/files/live/sites/ducksorg/files/hero-images/ 708 KB
709 KB 1082ms
1082ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/hero-images/Derek%20Christians_Homepage.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/generated-resources/7bc7d564385464962c6379de5e5cb2f.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

4a1c3a0f50954dc15dd03b8798bd779d64de3bc596f3aefd36a2e1f284ee79ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/generated-resources/7bc7d564385464962c6379de5e5cb2f.min.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 06 Mar 2024 15:57:13 GMT
server: openresty
etag: "8a6de0ef-7ed7-4554-b3f9-eabf32c823f1-1709740633321"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 725062
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 1-Edward-Wall-Winner.jpg
www.ducks.org/files/live/sites/ducksorg/files/ 256 KB
257 KB 1084ms
1084ms Image
image/jpeg 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/1-Edward-Wall-Winner.jpg

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

4882a0f972fd47d1ebddd8ce6defc246049587557305f00c60dd6b09d5773051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 22:12:21 GMT
server: openresty
etag: "dce6cb65-f0c9-482b-ab56-efc226a1e39b-1675894341615"
content-type: image/jpeg
cache-control: public, must-revalidate, max-age=1
content-length: 262144
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

GET
H2 200 Rectangle%201218.png
www.ducks.org/files/live/sites/ducksorg/files/generic-backgrounds/ 17 KB
17 KB 1083ms
1082ms Image
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/files/live/sites/ducksorg/files/generic-backgrounds/Rectangle%201218.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

5c1a995e5451eff74559a6d3692321e223382bd14f91b12e7595fc328ca9b02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 04:16:43 GMT
server: openresty
etag: "e863efb2-987e-47bf-9d43-a5994a9a3507-1677039403179"
content-type: image/png
cache-control: public, must-revalidate, max-age=1
content-length: 17297
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158

POST
H2 200 context.json Show response
unomiproduction-ducks.cloud.jahia.com/ 606 B
971 B 551ms
237ms XHR
application/json 3.213.234.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://unomiproduction-ducks.cloud.jahia.com/context.json

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/modules/CsrfServlet

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.213.234.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-234-199.compute-1.amazonaws.com

Software

openresty /

Resource Hash

bfd4f48b4e17acc6b154a9b4314d4dfc225a9c2fe63b8113ebb5da17f4c999a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://www.ducks.org/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.ducks.org
date: Tue, 09 Apr 2024 15:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
server: openresty
x-resolver-ip: 3.213.234.199
content-type: application/json;charset=utf-8

POST
H2 200 / Show response
evnt.byspotify.com/ 2 B
97 B 174ms
174ms Fetch
application/json 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Requested by: Host: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.ducks.org/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
via: 1.1 google
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Accept
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 /
evnt.byspotify.com/ Frame 0
0 154ms
119ms Preflight 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ducks.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ducks.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 09 Apr 2024 15:44:12 GMT
via: 1.1 google

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
94 KB 23ms
22ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2X0ECQZQ09&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cea238e69221cda99dad35a1b277db44cf27b62e4aced0766a220dfae87d3085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96315
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Apr 2024 15:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57928
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: VDvcgdzAy9AToe+6mVft11Vn5OvVD/mMN5Hvy+5VX/n7Ik1eEXH3q08wLE7zYEB8tFaYFWYua+EBcJhR7cFJsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 58ms
35ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 09 Apr 2024 15:44:12 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC8C35DE24C3432C9B5F051DCD663063 Ref B: FRA31EDGE0105 Ref C: 2024-04-09T15:44:12Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 245 KB
85 KB 29ms
29ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-976631994&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b1709705639187d10623ca002049d5570f61a0bea7525c383e183ba8d6e2d43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86894
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 33ms
33ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1040837785&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

95603fc07350ab7f200eb740ecc7a9580b983eabc185901de20cbc87cf0a45a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86652
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 24ms
24ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10231870&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

501119c89b9852ea2c50e147aeb556f8b2dd098fa0e4003689d2d14b22f964e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72243
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Apr 2024 15:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 330
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Apr 2024 17:38:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 43ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 07:42:51 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=57529
accept-ranges: bytes
content-length: 17238

GET
H2 200 6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js Show response
my.hellobar.com/ 12 KB
3 KB 287ms
238ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8640312b74e73b9d3634137fe1e941cd0a841eace2b4f5635e73c882d702c90

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Mon, 08 Apr 2024 21:21:50 GMT
server: cloudflare
x-amz-request-id: HT1K40FCR4ZPAZ72
etag: W/"11b0cb78676afef8878deacd273d6b6b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 871b9dfeaba73815-FRA
x-amz-id-2: wa2ZFCrVfAGj2+oS1a++HDk6hhtGsm6EaKswTbpyaS5799w0rFg/fJXjY5Nb0Uq1mSARctx0+AeHdZbog3MH6Q==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 167ms
119ms Script
application/javascript 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0GQ1JCP76SVVJ0UQN7G&lib=ttq
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b7c63e6ae5c3a3603a6475fdca7603c2c658d1817ac5c4d6279ae7c641e1bcd8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1570f61.1e3684d1
date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404091544123C1ED5FAD2A2886BD185-4B1CBED1BBEF50C4-00
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time: 101,104.126.37.125
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=7, inner; dur=3
content-length: 1796
pragma: no-cache
server: nginx
x-tt-logid: 202404091544123C1ED5FAD2A2886BD185
x-cache-remote: TCP_MISS from a23-220-105-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.105.213
x-tt-trace-host: 012b1c3edc88908be61d9045d79d5f6f63f708e9135ec37e07c2d83e22f3c62a92f6c1a75476d9d7d3682fc8dead03d20e0ba4650808b0306ca6635c2f889c2236a169e62f04b3eb0905c44405a6adf5c7fd1082498839033998f500b75c64369bf6841b4c57659141fd559f04668afb69
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 9 KB
4 KB 32ms
6ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 04:57:49 GMT
Content-Encoding: gzip
Via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 38784
x-amz-server-side-encryption: AES256
ETag: W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: nW3xs5X2l0fS84tCEfx6wRUzIzg49GA53iSuIPX0wC0sxZMkUnCGsQ==

GET
H2

200

starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=VeyTa07IwUHIJHbvty1l6y9yE8BK&src=mh&evt=hi
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=VeyTa07IwUHIJHbvty1l6y9yE8BK&src=mh&tx=9017604f-6299-458a-b33e-28956eadd57f

43 B
235 B

179ms
122ms

Image
image/gif

2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=VeyTa07IwUHIJHbvty1l6y9yE8BK&src=mh&tx=9017604f-6299-458a-b33e-28956eadd57f
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:44:12 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: fbfb209f8bded8ad1f2eca11af888462
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

Redirect headers

location: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=VeyTa07IwUHIJHbvty1l6y9yE8BK&src=mh&tx=9017604f-6299-458a-b33e-28956eadd57f
x-cloud-trace-context: 6dc86c17fe6328f065b6fc5cbb14c1c1
date: Tue, 09 Apr 2024 15:44:12 GMT
server: Google Frontend
content-length: 173
content-type: text/html; charset=utf-8

GET
H2 200 modules.429236d560f51d186b8b.js Show response
script.hotjar.com/ 221 KB
55 KB 41ms
8ms Script
application/javascript 18.173.154.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.429236d560f51d186b8b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3607994.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-61.muc50.r.cloudfront.net

Software

Resource Hash

fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d45f06116647d4cd21c9ad69cb1b14fc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 365166
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55714
last-modified: Fri, 05 Apr 2024 10:17:11 GMT
etag: "f153d7cc62fba42a4a256996815cbb73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1PeFj3_u_PkBo20Lt1E9J-Wc5rDBMzDtTrdksdEfwv32NDyW6xttPA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/ 443 KB
139 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 12:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10659
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141645
x-xss-protection: 0
server: cafe
etag: 5596240516402759981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 09 Apr 2025 12:46:33 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:36:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Apr 2024 16:36:16 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 585 B
315 B 58ms
41ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1369725844438146&correlator=2182910724101539&eid=31082255%2C95327886%2C31081566%2C44807746&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fif&ltd_cs=1&iu_parts=1065896%2Ctop&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x100%7C300x50%7C970x90%7C1x1%7C728x90&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1712677452590&lmt=1712677452&adxs=436&adys=3531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fwww.ducks.org%2F&vis=1&psz=1600x5227&msz=728x90&fws=4&ohw=1600&dlt=1712677452055&idt=520&cust_params=section%3D%26keyword%3D%26UUID%3D7b46cb39-f2e4-4e31-bb3b-9b12f512744f&adks=3151930510&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a7a59f0d057697228adbeb354d18c3a0f2a6d260bcbb6e7a6d9b2100e1f4c5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducks.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 529 B
267 B 49ms
33ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1369725844438146&correlator=2896252454578655&eid=31082255%2C95327886%2C31081566%2C44807746&output=ldjh&gdfp_req=1&vrg=202404040101&ptt=17&impl=fif&ltd_cs=1&iu_parts=1065896%2COverlay_800x400_Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=800x400&ifi=2&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1712677452596&lmt=1712677452&adxs=0&adys=6780&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fwww.ducks.org%2F&vis=1&psz=1600x6675&msz=1600x0&fws=4&ohw=1600&dlt=1712677452055&idt=520&cust_params=section%3D%26keyword%3D%26UUID%3D7b46cb39-f2e4-4e31-bb3b-9b12f512744f&adks=3361410454&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9329e496b21ed0f9d828ac1ccfecc4a576153ac63903ab2cc06bf064c14676de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducks.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fe6c1186ab8748349a4e400a6b1c89f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD1C 0
0 91ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe6c1186ab8748349a4e400a6b1c89f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:44:12 GMT
expires: Wed, 09 Apr 2025 15:44:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CIb1u9m8tYUDFf1FHgIdjDYAEg;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CN...
10231870.fls.doubleclick.net/ Frame A3C9
Redirect Chain

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%...
https://10231870.fls.doubleclick.net/activityi;dc_pre=CIb1u9m8tYUDFf1FHgIdjDYAEg;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=G...

0
0

46ms
45ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10231870.fls.doubleclick.net/activityi;dc_pre=CIb1u9m8tYUDFf1FHgIdjDYAEg;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10231870&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 507
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:44:12 GMT
expires: Tue, 09 Apr 2024 15:44:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:44:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10231870.fls.doubleclick.net/activityi;dc_pre=CIb1u9m8tYUDFf1FHgIdjDYAEg;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5367803632720;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJz1u9m8tYUDFYlOHgId64MJ5Q;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CN...
10231870.fls.doubleclick.net/ Frame 5356
Redirect Chain

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%...
https://10231870.fls.doubleclick.net/activityi;dc_pre=CJz1u9m8tYUDFYlOHgId64MJ5Q;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=G...

0
0

46ms
46ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10231870.fls.doubleclick.net/activityi;dc_pre=CJz1u9m8tYUDFYlOHgId64MJ5Q;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10231870&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:44:12 GMT
expires: Tue, 09 Apr 2024 15:44:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:44:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10231870.fls.doubleclick.net/activityi;dc_pre=CJz1u9m8tYUDFYlOHgId64MJ5Q;src=10231870;type=pagev0;cat=homep0;ord=1;num=7885052097234;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2X0ECQZQ09&gtm=45je4430v895200442z8810428079za200&_p=1712677452065&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1792328380.1712677453&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712677452&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducks.org%2F&dt=Home%20%7C%20Ducks%20Unlimited&en=page_view&_fv=1&_ss=1&tfd=1819
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2X0ECQZQ09&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:44:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 58ms
20ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2X0ECQZQ09&cid=1792328380.1712677453&gtm=45je4430v895200442z8810428079za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2X0ECQZQ09&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:44:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
34ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2X0ECQZQ09&cid=1792328380.1712677453&gtm=45je4430v895200442z8810428079za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=626764206

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1431799027060769 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 68ms
66ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1431799027060769?v=2.9.152&r=stable&domain=www.ducks.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7ac70eb0dac915744a22d0cdfbf6e91ecb14bc0b2aeea6f6e097d17b6f71044

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 Apr 2024 15:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=65, mss=1294, tbw=63246, tp=-1, tpl=-1, uplat=55, ullat=0
pragma: public
x-fb-debug: 5OFY1ulijq72muFG7GjGNgU83fslm73FMaE6XB6e7D3xJgC0odxDDkJxZ0zMfZGYemICd+d+zNdxuToDoKmaQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26time%3D1712677452722%26li_adsId%3D5fb99a6d-7d21-4c76-a22e-87ff4747db49%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQ...

0
266 B

231ms
160ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQK27dJfop8GyQAAAY7Dh_47kIA_99hm5dFATEsl3omHzSfsnbGaPAyLrOsNhi5O
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 15:44:13 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 87C17C389E4B4E64BEC0E8E4A930AA24 Ref B: DUS30EDGE0712 Ref C: 2024-04-09T15:44:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYVq8s8grerCN28Dt2GDQ==

Redirect headers

date: Tue, 09 Apr 2024 15:44:12 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B36A181826784A09B0AF6082D47D215F Ref B: VIEEDGE1618 Ref C: 2024-04-09T15:44:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1712677452722&li_adsId=5fb99a6d-7d21-4c76-a22e-87ff4747db49&url=https%3A%2F%2Fwww.ducks.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQK27dJfop8GyQAAAY7Dh_47kIA_99hm5dFATEsl3omHzSfsnbGaPAyLrOsNhi5O
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYVq8s47cUCAkt83rahJA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
15ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1368132788&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ducks.org%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Ducks%20Unlimited&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=aGBACEAjBAAAACAEO~&jid=690779592&gjid=827960983&cid=1792328380.1712677453&tid=UA-171220-25&_gid=1628648288.1712677453&_r=1&_slc=1&gtm=45He4430n81M2LTJJQv810428079za200&cd4=04%2F09%2F2024%2010%3A44%3A12&cd5=1712677452526.xwwdaw7k&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd3=1792328380.1712677453&npa=1&z=455933265

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/modules/CsrfServlet

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5751187.js Show response
bat.bing.com/p/action/ 0
117 B 32ms
31ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5751187.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 09 Apr 2024 15:44:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 77421CA4377A40A3B3BD554DF7376C41 Ref B: FRA31EDGE0105 Ref C: 2024-04-09T15:44:12Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 84ms
84ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5751187&Ver=2&mid=53ef9735-8300-421f-b600-0e0bf235e177&sid=035a6720f68811eeb11e05aac24104ab&vid=035a5340f68811eea4ef41936cd0785a&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Home%20%7C%20Ducks%20Unlimited&p=https%3A%2F%2Fwww.ducks.org%2F&r=&lt=1623&evt=pageLoad&sv=1&rn=830031

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Apr 2024 15:44:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EAB8BE6CA3BC431EA793E3259F29E16C Ref B: FRA31EDGE0105 Ref C: 2024-04-09T15:44:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-171220-25&cid=1792328380.1712677453&jid=690779592&gjid=827960983&_gid=1628648288.1712677453&npa=1&_u=aGBACEAiBAAAACAEO~&z=719546213

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/modules/CsrfServlet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 09 Apr 2024 15:44:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducks.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTFhN2NkNDczMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 410 KB
109 KB 35ms
34ms Script
application/javascript 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0GQ1JCP76SVVJ0UQN7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: baec6367becf496f2902d48ae7ea62aeac35e7973ea76461e6a2ada66e74d12f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1e368726
date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124537C760FC8CD82D51C97AD5
x-tt-trace-id: 00-240408124537C760FC8CD82D51C97AD5-1BAB5025D3AE9050-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010e31fdea860714cf1cf97495f6a32b563f7a4b8bc57f00321ddccaedff2eb4189b0cd5cbfdae935bca44286a8d6c5e0e37c31c22ad25293c4482e52fdb7579ca1b130c067f359d498d9087a2b2fd55650db02989bd412ea2688662608121f896
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length: 111116

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
30ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-171220-25&cid=1792328380.1712677453&jid=690779592&npa=1&_u=aGBACEAiBAAAACAEO~&z=1366725525

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
30ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-171220-25&cid=1792328380.1712677453&jid=690779592&npa=1&_u=aGBACEAiBAAAACAEO~&z=1366725525

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 15:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 48ms
23ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1431799027060769&ev=PageView&dl=https%3A%2F%2Fwww.ducks.org%2F&rl=&if=false&ts=1712677452793&sw=800&sh=600&v=2.9.152&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1712677452792.1757486462&ler=empty&cdl=API_unavailable&it=1712677452718&coo=false&tm=1&rqm=GET

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Apr 2024 15:44:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_38a7e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 40ms
40ms Script
application/javascript 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1e3687e8
date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124538835843693CD9FEC2279E
x-tt-trace-id: 00-240408124538835843693CD9FEC2279E-1E93971DE01D37DD-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010e31fdea860714cf1cf97495f6a32b563f7a4b8bc57f00321ddccaedff2eb4186a14c1a965e9fe560ec89fc48a34c18ca976d3b8bcb1d367c1525ecef1aa05c1b122910b5ddc5ca58b93e58f22d30dfbe145382d721b3530c831c61646dab36c
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=8
content-length: 36830

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
849 B 149ms
149ms Ping
text/plain 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 95706b61.1e36885d
date: Tue, 09 Apr 2024 15:44:12 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240409154412A1FD5820F59894FCBF97-5F82EFB501508474-00
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time: 114,104.126.37.125
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=28, inner; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240409154412A1FD5820F59894FCBF97
x-cache-remote: TCP_MISS from a23-220-105-215.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,23.220.105.215
x-tt-trace-host: 012b1c3edc88908be61d9045d79d5f6f63f708e9135ec37e07c2d83e22f3c62a92d089bb0a216b787857dfffe30357b13b3f5fa47ea7874d71744861706a61c65d8c70e3ccc87d5a267f43a8b5f6aff26cef834ec474cd4ceeae81a7dc8ec72b2bd11418fefa0cda63bede288b5178ce4e
access-control-allow-headers: Authorization,*
expires: Tue, 09 Apr 2024 15:44:12 GMT

GET
H2 200 modules-v2.js Show response
my.hellobar.com/ 299 KB
74 KB 32ms
32ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v2.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d124857f43ae9a0187be5832f7abc07a10c2789ee7044c2f69c50b268b9b44c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MJ6PAK4F1NW9QTDE
age: 1516
cf-polished: origSize=306472
x-amz-server-side-encryption: AES256
x-amz-id-2: mdZP+7/GjZAtnUIOK6HI56PoTmTkGlTzn5JTkg9aJhHMTzIJZcdd52E9BCfo3lv4/7YdzCyLmMY=
cf-bgj: minify
last-modified: Wed, 27 Mar 2024 19:07:14 GMT
server: cloudflare
etag: W/"6d2914d779c8bb2176e4cd417c9da071"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 871b9e006d9c3815-FRA

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 157 B
313 B 44ms
7ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=pAcPOWCUJWo5Gcp&fields=status,country,countryCode,regionName,region,city,timezone,mobile
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 7b5009b8a78b733bdc9e7162de02164bca78c6170915aa8116946302c809ddce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Apr 2024 15:44:12 GMT
Content-Length: 157
Content-Type: application/json; charset=utf-8

GET
H2 200 clever_ads.js Show response
my.hellobar.com/ 43 B
274 B 23ms
23ms Script
application/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/clever_ads.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:12 GMT
cf-cache-status: HIT
x-amz-request-id: PWT7JYQR3VC6NX0J
age: 6080
cf-polished: origSize=45
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: JLQ9gQxsvsCZJJ/eT1aqiHKZGO0uO7wVDxtCdXVuMGYyYD10QC+OPe1qTUoKB9YABpdEImMj644=
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 07:47:23 GMT
server: cloudflare
etag: "7e9ec97ef70197804a968a2b2c74d155"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 871b9e011e613815-FRA

GET
H2 200 750x900_DUFishingShirt-Sage-HB_Feb2024.jpg
my.hellobar.com/image_uploads/images/000/272/971/large/ 315 KB
315 KB 233ms
233ms Image
image/jpeg 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.hellobar.com/image_uploads/images/000/272/971/large/750x900_DUFishingShirt-Sage-HB_Feb2024.jpg?1709223816
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60ae5942d7ebf6f97c621ed4b47e3baef5e8b8d897ad594862b5b39d042c2bc9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:13 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Thu, 29 Feb 2024 16:23:38 GMT
server: cloudflare
x-amz-request-id: VZDND0RH6F8Q167C
etag: "06095f27c627f561bc9f2c1046560991"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 871b9e013e803815-FRA
content-length: 322314
x-amz-id-2: cel9F6QI7yeF38jJW80wNJlXN0alE4V+/N/ZyOd+9SOcE7cBze7e9z1QdvrdLAIB2BGdEwVtGtFk1Q9Hs9NozXae8QBUm5SJctD5mRQhVlY=

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
845 B 130ms
130ms Ping
text/plain 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d33bc27f.1e368ae0
date: Tue, 09 Apr 2024 15:44:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404091544134C75410A9C2882FF1596-0C449F761BC6A2A2-00
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time: 103,104.126.37.125
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=22, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404091544134C75410A9C2882FF1596
x-cache-remote: TCP_MISS from a23-52-15-109.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.52.15.109
x-tt-trace-host: 012b1c3edc88908be61d9045d79d5f6f635a2391c0302c14884c2fe8dafe76cc9868baedbb229fe9fa266f1af22ebbf93db8ad6faff3c65b72c7935dee5c7254adabc6bc716924491b7836d8985a8df4286e6e5fcd572177f6fb98a2eee62fbfc27bd0f158c9a060a8b0e682caa40b1215
access-control-allow-headers: Authorization,*
expires: Tue, 09 Apr 2024 15:44:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i|Montserrat:400,400i|Roboto:400,400i

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b85843fd3ff7b41b59e45351cfdf7330c9500f06c0eb15db3e00ea59653426ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Apr 2024 15:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:44:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Apr 2024 15:44:13 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i|Montserrat:400,400i|Roboto:400,400i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.ducks.org
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 05:32:59 GMT
x-content-type-options: nosniff
age: 555074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 05:32:59 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i|Montserrat:400,400i|Roboto:400,400i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.ducks.org
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 23:37:06 GMT
x-content-type-options: nosniff
age: 317227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15396
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Apr 2025 23:37:06 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
194 B 173ms
172ms XHR
text/plain 2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/modules/CsrfServlet
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.ducks.org/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:13 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0C3EB7BE7DA949408F8E081AD40C3264 Ref B: VIEEDGE1618 Ref C: 2024-04-09T15:44:13Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.ducks.org
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYVq8s/HhrTPYw9YjN8tQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 52ms
52ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404040101&st=env

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/modules/CsrfServlet

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4ae0329f6900b902684ec079b0633035c0dbae527da3c33bbfddda36e06095da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12514
x-xss-protection: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 24ms
24ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-5083104&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d2c7af73055dd5416dd4b04c2b5aadb0b08b8942956dc5e777554ba9d2d4a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72240
x-xss-protection: 0
last-modified: Tue, 09 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Apr 2024 15:44:14 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 9106 0
0 92ms
31ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=7mxs1ri&ref=https%3A%2F%2Fwww.ducks.org%2F&upid=ltldgpr&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.ducks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Tue, 09 Apr 2024 15:44:14 GMT
server: Kestrel

GET
H2 200 favicon-32.png
www.ducks.org/modules/du-templates/images/ 823 B
1 KB 109ms
109ms Other
image/png 3.233.88.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/modules/du-templates/images/favicon-32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.88.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-88-158.compute-1.amazonaws.com

Software

openresty /

Resource Hash

dc559cfb7425831d237e62f1ffe7bbc5ff3cd13a77d5e5061f62ee937fa21045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:54:09 GMT
server: openresty
content-type: image/png
cache-control: public, max-age=2678400
content-length: 823
x-xss-protection: 1; mode=block;
x-resolver-ip: 3.233.88.158
expires: Fri, 10 May 2024 02:14:14 GMT

GET
H3

200

activityi;dc_pre=CJ6OyNq8tYUDFU9FHgIdalcMgA;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253A...
5083104.fls.doubleclick.net/ Frame F3C4
Redirect Chain

https://5083104.fls.doubleclick.net/activityi;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%25...
https://5083104.fls.doubleclick.net/activityi;dc_pre=CJ6OyNq8tYUDFU9FHgIdalcMgA;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%25...

0
0

48ms
47ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5083104.fls.doubleclick.net/activityi;dc_pre=CJ6OyNq8tYUDFU9FHgIdalcMgA;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-5083104&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 369
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:44:15 GMT
expires: Tue, 09 Apr 2024 15:44:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 15:44:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5083104.fls.doubleclick.net/activityi;dc_pre=CJ6OyNq8tYUDFU9FHgIdalcMgA;src=5083104;type=gener0;cat=gener0;ord=7137590101963;npa=1;auiddc=361613458.1712677452;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4430z8810428079za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.ducks.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 144ms
112ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ducks.org/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 15:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 15:44:15 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18D3 0
0 26ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 8401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 13:24:14 GMT
expires: Wed, 09 Apr 2025 13:24:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404040101&jk=1369725844438146&bg=!bm2lbSLNAAanmIpSh5g7ADQBe5WfOLK-WXtIeXJkK3QbYa-_UjgVPobyG-n3HryDX1ES8xMWt9ksmNzdK2lvtFWCLyc9AgAAAB9SAAAAAWgBB34ANs8qgMbLmwdq__OBTmonoBEly3S78s6a5cn3IiDqEbgEY-dfAYuOX-PqnSt9Gy6aKvTva9IcB5kCostW7KF9WqcVsLLLlAyQ4garXk5Rb7DcKfklL7NUXB2ZHQvsVXfFoLOGeZrGO8uzMYe_Zj6H7c0ogP38hqKFglskqG2ysEXUaU28_ktIV2SKeAPvfCcPfVwem09E275a3MnOD1dwtwnHa7rO433ElBZOCgh_Fs1KgpZ-2k93AejwQQSzMM6yvhIrYy7_O16hWpKlEW5al9PLmkF543OeNZNbakwT4Zy7VbJ3-xVeJPJqo44okM9sYcqM36uu5sfgaRx5TNNL7Gd2W_H0-LiSCpYc2ENcNXT-kmtgOXXHxYK6gJo1CktEl_ohqL2DbxpJL5zueQTyfNYJOIUlGE40Xg9c19HWB1ajn666XnxXaLMdxjEuC2n4qoONlyOK63eR2KFyt8RPJKzja0xNUeC509ODi3sA3Iz8ETySgGSNsLZy507U8eli9lIm1LR6zY4c9cbZW7XQt83FDpQn702dFEppOA46rLWPk8qQe4SDeiue-Cw1RgkeIYceyH-IG258MyzHTritdv68nKKZSkdmJEJIT0ygHz0LhJcKiWKQJk299o6OZMytdbUmNZCy_Id3J5PsSYMYfyKROEfFE10hZz8HvPLCJAFvdQjVJn-h5n3mGib5SUkKLuhSFPMn499Ys5qiR617CuAyECuFlH6dwq0ECX1lPDDo1O_hiccyI5jMoJdjcqciCvuHgw3YaEayyuUQvqAgJBj9mN2TLE9I7LEFcDvgLzmNN1Yarg9Cg7-7p2T5vkqcTrwOitHhxcszhOiN9jlQ6QTt9ydRL6mfKHZqW2_ELsODFOym9GPfKMLcQSy8DL9clMJeVRvtIopsnfLhZgSij9z8KnTgh7La9rkZHoIf8Mz_XWh2lI3eiMmL_2G3KBITB25EfeImZRFPUHJP

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portal.criticalimpact.com/	1969-12-31 23:59:59	Name: JSESSIONIDTC1 Value: F332C20875AE92E4E6E0FBBE4347C76F
portal.criticalimpact.com/	1970-01-20 20:13:31	Name: cfid Value: 54de5e5a-41e7-4947-bfef-62a1a533f6fb
portal.criticalimpact.com/	1970-01-20 20:13:31	Name: cftoken Value: 0
portal.criticalimpact.com/	1970-01-20 21:54:13	Name: CF_CLIENT_TPORTALCRITICALIMPACTCOM_LV Value: 1712677451084
portal.criticalimpact.com/	1970-01-20 21:54:13	Name: CF_CLIENT_TPORTALCRITICALIMPACTCOM_TC Value: 1712677451084
portal.criticalimpact.com/	1970-01-20 21:54:13	Name: CF_CLIENT_TPORTALCRITICALIMPACTCOM_HC Value: 2
www.ducks.org/	1969-12-31 23:59:59	Name: slb_route Value: f45d9f5ed67442ebf9334e2385e62b5d
www.ducks.org/	1969-12-31 23:59:59	Name: DISTRIBUTED_JSESSIONID Value: bf99dbaa-f55c-4330-8e80-0de30e245b01.browsing.15727
www.ducks.org/	1969-12-31 23:59:59	Name: SERVERID Value: s15727
www.ducks.org/	1969-12-31 23:59:59	Name: wem-session-id Value: 386888de-0c83-4363-9d37-88e132fc4e33
.ducks.org/	1970-01-20 21:54:13	Name: _gcl_au Value: 1.1.361613458.1712677452
www.ducks.org/	1970-01-21 04:30:13	Name: __spdt Value: 566e3d9cfc214baebd9657ab36bdb710
.ducks.org/	1970-01-21 05:20:37	Name: _rollupGa Value: GA1.2.1792328380.1712677453
.ducks.org/	1970-01-20 19:46:03	Name: _rollupGa_gid Value: GA1.2.1628648288.1712677453
.ducks.org/	1970-01-21 05:20:37	Name: _ga_2X0ECQZQ09 Value: GS1.1.1712677452.1.0.1712677452.60.0.0
.ducks.org/	1970-01-21 05:20:37	Name: _ga Value: GA1.1.1792328380.1712677453
.tiktok.com/	1970-01-21 05:06:13	Name: _ttp Value: 2erzOXUkU2gweVghaD6ZwnXrRpC
.ducks.org/	1970-01-20 19:44:37	Name: _gat_DURollup Value: 1
.ducks.org/	1970-01-21 00:03:49	Name: __eoi Value: ID=a2b82a688efcbcfe:T=1712677452:RT=1712677452:S=AA-AfjY0JGdqOS_PGcYgXPeRb708
.ducks.org/	1970-01-20 19:46:03	Name: _uetsid Value: 035a6720f68811eeb11e05aac24104ab
.ducks.org/	1970-01-21 05:06:13	Name: _uetvid Value: 035a5340f68811eea4ef41936cd0785a
.ducks.org/	1970-01-21 04:30:13	Name: _hjSessionUser_3607994 Value: eyJpZCI6IjY5NjM5YWY0LTkyMTEtNTM1ZS1hZjVjLTg1NGVkMTE1ZmQyOSIsImNyZWF0ZWQiOjE3MTI2Nzc0NTI3NTUsImV4aXN0aW5nIjpmYWxzZX0=
.ducks.org/	1970-01-20 19:44:39	Name: _hjSession_3607994 Value: eyJpZCI6Ijg1YTUwOTE1LTdiZjQtNDk0ZS04NjBhLTU3MGUxOWVhMjJjNCIsImMiOjE3MTI2Nzc0NTI3NTYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.doubleclick.net/	1970-01-21 00:03:49	Name: receive-cookie-deprecation Value: 1
.ducks.org/	1970-01-20 21:54:13	Name: _fbp Value: fb.1.1712677452792.1757486462
.bing.com/	1970-01-21 05:06:13	Name: MUID Value: 1F6C0EA7B4726E7F10451AFBB5DE6FD6
.adnxs.com/	1970-01-21 05:20:37	Name: receive-cookie-deprecation Value: 1
.ducks.org/	1970-01-21 05:06:13	Name: _tt_enable_cookie Value: 1
.ducks.org/	1970-01-21 05:06:13	Name: _ttp Value: GytytM2dchmr4POhvkGKwnq9-Us
.doubleclick.net/	1970-01-21 05:06:13	Name: IDE Value: AHWqTUnICSVEF9HuiaBDALAJtUuigHXcVCV8Mo3Y5AAHX6TdbnDTrwO3rLv00yoSuHQ
.doubleclick.net/	1970-01-20 20:27:49	Name: ar_debug Value: 1
.linkedin.com/	1970-01-20 21:54:13	Name: li_sugr Value: eab17874-e8c0-4277-a789-ef2310fbd7e7
.linkedin.com/	1970-01-21 04:30:13	Name: bcookie Value: "v=2&a9941b9b-c211-4a95-8beb-08f02904b3ca"
.linkedin.com/	1970-01-20 19:46:03	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3203:u=1:x=1:i=1712677452:t=1712763852:v=2:sig=AQGqVk6J5VPN1sooz0Y3qvcwH6S_qtn5"
www.ducks.org/	1969-12-31 23:59:59	Name: wem-profile-id Value: cdabf2b6-0e0a-4b31-b2bd-23286a962dc1
.linkedin.com/	1970-01-20 20:27:49	Name: UserMatchHistory Value: AQLJX2RYdEgDiAAAAY7Dh_zcrC1XgZQrARomeaiN454k9WhSOXoIDfqYswOdrPauF8BnXLmY7t0wbg
.linkedin.com/	1970-01-20 20:27:49	Name: AnalyticsSyncHistory Value: AQJ2gQL7SMA2OwAAAY7Dh_zc272PgZq6Uks2YWUf7HS3-aU9jO0r3koRj7Odn6z460c0DS6XflBU91LTBoCDPw
.www.linkedin.com/	1970-01-21 04:30:13	Name: bscookie Value: "v=1&202404091544135b5f5dd0-d921-410e-8e11-042760ac8a46AQGmennYsvGPziwc0RefQdY3Nax8xaAV"
.linkedin.com/	1970-01-21 00:03:49	Name: li_gc Value: MTswOzE3MTI2Nzc0NTM7MjswMjGvFVrB5tQbHjPa/uDQ734xuftvbEExpjvjONjzxDIAoA==

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1431799027060769?v=2.9.152&r=stable&domain=www.ducks.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ducks.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10231870.fls.doubleclick.net
5083104.fls.doubleclick.net
analytics.tiktok.com
bat.bing.com
cdn.jsdelivr.net
connect.facebook.net
evnt.byspotify.com
fe6c1186ab8748349a4e400a6b1c89f6.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
jelly-v6.mdhv.io
jelly.mdhv.io
js.adsrvr.org
maps.googleapis.com
my.hellobar.com
pagead2.googlesyndication.com
pixel.byspotify.com
portal.criticalimpact.com
pro.ip-api.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unomiproduction-ducks.cloud.jahia.com
www.ducks.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
pagead2.googlesyndication.com
104.126.37.129
104.16.88.20
108.138.40.116
13.107.42.14
142.250.181.228
142.250.184.198
142.250.185.195
142.250.186.162
142.250.74.206
172.217.18.10
18.173.154.61
18.66.192.32
199.167.225.41
2001:4860:4802:34::36
2001:4860:4802:38::15
216.239.32.21
216.58.206.72
2606:4700:10::6816:f17
2620:1ec:22::14
2620:1ec:c11::237
2a00:1450:4001:800::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:81d::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:149b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.213.234.199
3.233.88.158
3.33.220.150
34.111.186.1
34.117.162.98
51.77.64.70
07c479ddb34a0a041f0814be959c48ed6c9b71a80ee728e6c5a221be9945abec
089de6bf77a7b557e22c6f8d2aa3d1d28bb9c03a302c2de2c96395011d4a9c1f
09c8587db76a7b78b7436a8bd182df1772a52a61745675784d71e4ed8b2d730d
172979e6450870385c50490a73957c7d987c375263d4740405f7c5bcc5c9e8a6
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de
1c7c841145000f58837715f8def2afd33cdf227ebe262803c796122cd75bb791
20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c
21da3bc8033c202b60ee31d184a605bba75e1347157f02225ebad03d3ff7bc55
2776d0d78c58a37702b3f843a1cc0fb7837c5748a1b225e6f0f7ff5973c24384
28a0bd767b3d8f19d96a913ef0cfbe66a8b5d8e685c51a639043985bc5ab39fa
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
37e15056c2639942fa3072fc00363a3536529bc7a55ea09c751f139d2e004eda
3fbab5b97e8b49eeeb039db93a5b4f6c3658f4034033de4d3b253f708a619153
41f6f94451d85490ab6ae9f47879b02c77b39144ffb25ef6cec7748a45fc1cc4
42e0f9fbcaf28f4b172e05a93be3a0703479c816badbd4ff4753b937055497dd
4882a0f972fd47d1ebddd8ce6defc246049587557305f00c60dd6b09d5773051
4a1c3a0f50954dc15dd03b8798bd779d64de3bc596f3aefd36a2e1f284ee79ab
4ae0329f6900b902684ec079b0633035c0dbae527da3c33bbfddda36e06095da
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4db67129ea4c491c0373cd5d18cac66111c05827a9602c829b5f23d83b8bdda9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501119c89b9852ea2c50e147aeb556f8b2dd098fa0e4003689d2d14b22f964e0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57d1046780b43f20062b1e246ce76b3217c270e13e6175a3bc297506ab2e3269
582afe464c07a7ee24040b456208ddee12789e4eafae8c800050f54dcb15a76f
5c1a995e5451eff74559a6d3692321e223382bd14f91b12e7595fc328ca9b02a
5cf7f575ac323e3fa52a66157f7952cdecdfcd92e75cd261c9561146b0be794a
5de01085f48b7e07260e4cf47a95f0d93384c4c94a01fb08ff81eb1908dc90f2
60ae5942d7ebf6f97c621ed4b47e3baef5e8b8d897ad594862b5b39d042c2bc9
60d0512e9e77928097160f741d5225f6aac1648e5efe8f77090cd5352f5930c4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66b541ff9a5841136dca161cae617e5e687153daa1ce0988fbd405bc348ded78
69d72f4f5abb3e30b705273a1b8f9ef7adfeaa861d063dc41a1776f43b4213fb
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
718e5c6101fd2a26ac6b775e246931ef1abdafdd0fae5e0bd8310542f561c29e
7670363d2b5d74d9d629fa7bc16675ce76e0be9064e1c98c039fcfdd2680fb08
76e8929a8d76548163b13ab46186d5ac1e37217fd8b241ebc010c8543870df83
77cb8ad87f43ae7ebcbeb49721cee249836f425195644da54daf56b01a53b8e5
7b5009b8a78b733bdc9e7162de02164bca78c6170915aa8116946302c809ddce
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83aba103f4008332fbab6aa2c3783aeed421c00b1327d928ea659b7787757d00
8437b3480c805871e231e38d0b1a0b54e509079d4829d459f30df9a657565258
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8605370eea1bb4fd69da1043ed6bc717f3c22c789f277c08076bfd7bcee80090
86f4851c9c317383b781c2c35f9c47907992ac03de276fc2f23d55268c24b76f
8856539919ecd781bc5647ea29ba494bed78edaae74bf5a4da1c84435371895d
92eac0c66d129786bdcdc086993d0f6cb06ca30ec551e620a0744fc22b8fa275
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9329e496b21ed0f9d828ac1ccfecc4a576153ac63903ab2cc06bf064c14676de
95603fc07350ab7f200eb740ecc7a9580b983eabc185901de20cbc87cf0a45a3
98f41a78867d2fdf26ea05f82e675a406091a744991912af96341b5e17a06a1b
99f969268e64a9aaa1b1b63c53f2171bbfe064ee44784fd2628a57c9ad067ca8
9c0c9871e17c01315738923db55b38c3437fc294f271f6c48de5e422034b2d03
a37f0791d9f4f14252e706399a7df54afb12da778d5092c846a77f57a41a2a01
a43888d0f7f3c84e8dc4c57d846989bcb0d97a96fe72212db8b9ab29eaffcb7d
a7a59f0d057697228adbeb354d18c3a0f2a6d260bcbb6e7a6d9b2100e1f4c5b1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1709705639187d10623ca002049d5570f61a0bea7525c383e183ba8d6e2d43d
b20a071cdfcb68f29a4945d7f223975577258ee4d06529d1f60d10e7cf7a3c15
b7c63e6ae5c3a3603a6475fdca7603c2c658d1817ac5c4d6279ae7c641e1bcd8
b85843fd3ff7b41b59e45351cfdf7330c9500f06c0eb15db3e00ea59653426ce
baec6367becf496f2902d48ae7ea62aeac35e7973ea76461e6a2ada66e74d12f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bfd4f48b4e17acc6b154a9b4314d4dfc225a9c2fe63b8113ebb5da17f4c999a5
c0cf6e482137a2b89de217e472c0fd200e55e9cd3ea8a5ae4c7ce30603d07a94
c4219f752860959add1d7256bef1509e11a8ef7078eb433b663452f90b1ece34
c64c59c88b597f0c016ec17354b493b5b894ccf3d6aac24d8a381d1838f929db
c8a5e202f07474fff2bf088e4c896e5ac520150dfe4106e18e1702d00a38b329
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cea238e69221cda99dad35a1b277db44cf27b62e4aced0766a220dfae87d3085
d0d83ecd5ee9ce05a99b244fcf64eb33415a2d56c83bc9d60d9a801a28a56fc6
d124857f43ae9a0187be5832f7abc07a10c2789ee7044c2f69c50b268b9b44c9
d148553aa5365e0a5ff91c5e21b7bd5cab956cd6cf15acda192f5648520deac6
d2c7af73055dd5416dd4b04c2b5aadb0b08b8942956dc5e777554ba9d2d4a48a
d7d2e2bb82f8a0247d92cfe23a8e9cbac3ebc03a82381d3c884536952fd2e721
da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5
dabf873b1c5e393d13ffb60dcb69427219a3c05f12879ca6c2349784a79b4dcb
dc559cfb7425831d237e62f1ffe7bbc5ff3cd13a77d5e5061f62ee937fa21045
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fcb87986908d6bdd7123e108fc1142b80f2c04b19c8c63b2cdfa5035586848
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ac70eb0dac915744a22d0cdfbf6e91ecb14bc0b2aeea6f6e097d17b6f71044
e8e2bcc73dd1482eb119c643aa5c60e1c52e5c1469c003993eeb26675e980aab
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
ee11ea7fd40e017a0f38cbfa61d575f8942cc46ed684352b04b31fb689dfe576
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbfcf6f1472d0b5a5310d6935dfe414f53f3fea0001a0b32890a4b71e58beb
f40d196b2d49762571622521ff89e8ed66d93e1097b35d5fac6c0ff2056f33c5
f5b344d1c8c4f5fabefe6a858cac59d2588e02d824cdf56cfe4188051059a236
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f7aca2ba984b64f85f3665f63c13807f5a0613f542aa9edfc4e435d843d945e4
f8640312b74e73b9d3634137fe1e941cd0a841eace2b4f5635e73c882d702c90
f98779c6050ff57503a69f359bbb725a04c8f9c1ae6c0252ea99ad91399c65f6
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb
faa4a82cd95d8230f6fa5024685dfd36e06f1b8085bab44b98193bb14f021add
ff85205ab1c4fe5e1510568c420432d785275715c23d3f611671a92b6ecfb220

www.ducks.org Open in urlscan Pro 3.233.88.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

45 %IPv6

24 Domains

37 Subdomains

37 IPs

4 Countries

6879 kBTransfer

10764 kBSize

39 Cookies

28 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ducks.org Open in urlscan Pro
3.233.88.158 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

45 %
IPv6

24
Domains

37
Subdomains

37
IPs

4
Countries

6879 kB
Transfer

10764 kB
Size

39
Cookies

115 HTTP transactions
0 data transactions