www.ducks.org Open in urlscan Pro
104.214.108.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ducks.org/
Effective URL:
https://www.ducks.org/
Submission: On May 13 via manual (May 13th 2021, 10:45:49 am UTC) from IT

Summary HTTP 83 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 83 HTTP transactions. The main IP is 104.214.108.93, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.ducks.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 20th 2020. Valid for: a year.

This is the only time www.ducks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	104.214.108.93 104.214.108.93	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	13.85.88.16 13.85.88.16	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
5	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 5	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:295::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:10:... 2606:4700:10::6816:f17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.126.36.33 104.126.36.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
83	25

12 104.214.108.93 (San Antonio, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ducks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ducks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webapi.ducks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 13.85.88.16 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

duckscdn.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

duazurecdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.134 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net

10231870.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:295::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:f17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.126.36.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-36-33.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5083104.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	windows.net duckscdn.blob.core.windows.net	454 KB
14	google.com 1 redirects cse.google.com www.google.com adservice.google.com clients1.google.com	169 KB
12	doubleclick.net 6 redirects stats.g.doubleclick.net 10231870.fls.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net 5083104.fls.doubleclick.net	6 KB
12	ducks.org 1 redirects ducks.org www.ducks.org webapi.ducks.org	339 KB
5	google.de 1 redirects www.google.de adservice.google.de	896 B
5	azureedge.net duazurecdn.azureedge.net	555 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	tiktok.com analytics.tiktok.com	91 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	facebook.com www.facebook.com	349 B
2	hellobar.com my.hellobar.com	47 KB
2	facebook.net connect.facebook.net	96 KB
2	rackcdn.com eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com	8 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
2	cloudflare.com cdnjs.cloudflare.com	32 KB
1	googleapis.com www.googleapis.com	39 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
83	19

	Domain	Requested by
23	duckscdn.blob.core.windows.net	www.ducks.org
10	www.ducks.org	www.ducks.org
7	www.google.com	1 redirects cse.google.com www.ducks.org
5	10231870.fls.doubleclick.net	2 redirects www.googletagmanager.com adservice.google.com
5	duazurecdn.azureedge.net	www.ducks.org
4	adservice.google.com	10231870.fls.doubleclick.net 5083104.fls.doubleclick.net
4	analytics.tiktok.com	www.ducks.org analytics.tiktok.com
3	www.google.de	www.ducks.org
2	5083104.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	secure.adnxs.com	1 redirects 10231870.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	adservice.google.de	1 redirects adservice.google.com
2	www.facebook.com	www.ducks.org
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	my.hellobar.com	www.googletagmanager.com my.hellobar.com
2	connect.facebook.net	www.ducks.org connect.facebook.net
2	eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com	www.ducks.org
2	cse.google.com	www.ducks.org www.google.com
2	ssl.google-analytics.com	1 redirects www.ducks.org
2	cdnjs.cloudflare.com	www.ducks.org
1	clients1.google.com	www.ducks.org
1	www.googleapis.com	www.ducks.org
1	px4.ads.linkedin.com	www.ducks.org
1	www.linkedin.com	1 redirects
1	webapi.ducks.org	www.ducks.org
1	snap.licdn.com	www.ducks.org
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	www.ducks.org
1	ducks.org	1 redirects
83	31

This site contains links to these domains. Also see Links.

Domain
ducksunlimited.myeventscenter.com
www.firstbankcard.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.ducks.org DigiCert TLS RSA SHA256 2020 CA1	`2020-11-20` - `2021-12-21`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-02-13` - `2022-02-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-04-19` - `2021-07-19`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.ducks.org/
Frame ID: FBA86EF2DF94D203E56712BB3B26C7B6
Requests: 73 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 6A889D5F58F9192912B36E79BB374AA0
Requests: 1 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: B4503908CD508EDBA6E5A29D044EFE90
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: C1031366696CC01C93BC2AF1C7A26CD4
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 514802614C4BDAD97AF6BE423500167F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: A041A3E73B9E907F776CEF9685D1A653
Requests: 1 HTTP requests in this frame

Frame: https://10231870.fls.doubleclick.net/ddm/fls/r/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 657FE7CEF2980B176E464A8DD245C80F
Requests: 3 HTTP requests in this frame

Frame: https://5083104.fls.doubleclick.net/activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
Frame ID: 9F631756E55E7E64FB5E9C643138D719
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ducks.org/ HTTP 301
https://www.ducks.org/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

83
Requests

100 %
HTTPS

69 %
IPv6

19
Domains

31
Subdomains

25
IPs

3
Countries

1867 kB
Transfer

3915 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://ducksunlimited.myeventscenter.com/event/Trout-Lake-Ducks-Unlimited-Boulder-Junction-39872
Title: Trout Lake Ducks Unlimited (Boulder Junction)

Search URL Search Domain Scan URL

URL: https://ducksunlimited.myeventscenter.com/event/Four-Rivers-Byron-Bar-Party-41486
Title: Four Rivers (Byron) Bar Party

Search URL Search Domain Scan URL

URL: https://ducksunlimited.myeventscenter.com/event/Lewis-River-Du-Online-Auction-49752
Title: Lewis River DU Online Auction

Search URL Search Domain Scan URL

URL: https://www.firstbankcard.com/ducksunlimited/landingpage/visaplat/?sub=000
Title: DU Visa® Card

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DucksUnlimited

Search URL Search Domain Scan URL

URL: https://twitter.com/DucksUnlimited

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DucksUnlimitedInc

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ducksunlimitedinc

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ducks.org/ HTTP 301
https://www.ducks.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2110919258&utmhn=www.ducks.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&utmhid=1342183715&utmr=-&utmp=%2F&utmht=1620902729742&utmac=UA-171220-3&utmcc=__utma%3D1.95090528.1620902730.1620902730.1620902730.1%3B%2B__utmz%3D1.1620902730.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=11893935&utmredir=1&utmu=qFAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258&slf_rd=1&random=1534840960

Request Chain 41

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://10231870.fls.doubleclick.net/activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Request Chain 42

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://10231870.fls.doubleclick.net/activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Request Chain 56

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26time%3D1620902730589%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F&liSync=true&e_ipv6=AQLFgPVD6pM9OAAAAXllVN05RpK8sZuLt-AgB5vLhe2s48goqwKjqcAMwaYp73fhBAWZIiJU

Request Chain 75

https://adservice.google.de/ddm/fls/i/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://10231870.fls.doubleclick.net/ddm/fls/r/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Request Chain 77

https://ad.doubleclick.net/ddm/activity/src=10229801;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10229801;dc_pre=CMXjgJy9xvACFY_BOwIdV6wIvw;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10229801;dc_pre=CMXjgJy9xvACFY_BOwIdV6wIvw;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Request Chain 78

https://secure.adnxs.com/px?id=1298318&seg=22845207&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1298318%26seg%3D22845207%26t%3D2

Request Chain 79

https://5083104.fls.doubleclick.net/activityi;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F HTTP 302
https://5083104.fls.doubleclick.net/activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.ducks.org/
Redirect Chain

http://ducks.org/
https://www.ducks.org/

135 KB
55 KB

834ms
315ms

Document
text/html

104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

42dc5b15064b1c48a5e47c42bf7eaa6f9e86c7425f545314f334c099e66b5d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Host: www.ducks.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; expires=Wed, 21-Jul-2021 21:25:28 GMT; path=/; HttpOnly Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; expires=Sat, 12-Jun-2021 10:45:28 GMT; path=/; HttpOnly Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; expires=Thu, 13-May-2021 11:45:28 GMT; path=/; HttpOnly dnn_IsMobile=False; path=/; HttpOnly .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; expires=Wed, 21-Jul-2021 21:25:28 GMT; path=/; HttpOnly Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; expires=Sat, 12-Jun-2021 10:45:28 GMT; path=/; HttpOnly Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; expires=Thu, 13-May-2021 11:45:28 GMT; path=/; HttpOnly language=en-US; path=/; HttpOnly
DNNOutputCache: true
X-UA-Compatible: IE=10
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
SERVER
Date: Thu, 13 May 2021 10:45:28 GMT
Content-Length: 55152

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.ducks.org/
X-UA-Compatible: IE=10
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
SERVER
Date: Thu, 13 May 2021 10:45:26 GMT
Content-Length: 145

GET
H/1.1 200
OK DependencyHandler.axd
www.ducks.org/ 285 KB
44 KB 435ms
175ms Stylesheet
text/css 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6ad5ab936bbf2fb1059b1caa086876f88ae76e53f5316bf8a14bf50fe43e516a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.ducks.org/
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US
Connection: keep-alive
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 13 May 2021 09:10:04 GMT
SERVER
ETag: "358278453c22dbcff82e9491c9a75cc3"
Access-Control-Allow-Methods: *
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=858275, s-maxage=858275
Date: Thu, 13 May 2021 10:45:28 GMT
X-UA-Compatible: IE=10
Access-Control-Allow-Headers: *
Content-Length: 44216
Expires: Sun, 23 May 2021 09:10:04 GMT

GET
H/1.1 200
OK DependencyHandler.axd Show response
www.ducks.org/ 451 KB
115 KB 626ms
306ms Script
application/x-javascript 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9saWJyYXJpZXMvalF1ZXJ5LzAxXzA5XzAxL2pxdWVyeS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktTWlncmF0ZS8wMV8wMl8wMS9qcXVlcnktbWlncmF0ZS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktVUkvMDFfMTFfMDMvanF1ZXJ5LXVpLmpzOw&t=Javascript&cdv=1428

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3cb488888e9ea75771482ea8d142de6a4b3846f7bc7e49a3b90b6c9f041cae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.ducks.org/
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US
Connection: keep-alive
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 13 May 2021 09:10:04 GMT
SERVER
ETag: "1543aa30ffe2174318651201bb1e859c"
Access-Control-Allow-Methods: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=858275, s-maxage=858275
Date: Thu, 13 May 2021 10:45:28 GMT
X-UA-Compatible: IE=10
Access-Control-Allow-Headers: *
Content-Length: 117658
Expires: Sun, 23 May 2021 09:10:04 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.ducks.org/ 23 KB
6 KB 496ms
305ms Script
application/x-javascript 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/WebResource.axd?d=pynGkmcFUV30wkr0VxdaLepze5QkbZPFrxJ5iedrC6BgKY57PpfKNc0GycQ1&t=636996028220000000

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.ducks.org/
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US
Connection: keep-alive
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 25 Jul 2019 03:07:02 GMT
SERVER
Date: Thu, 13 May 2021 10:45:28 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public
X-UA-Compatible: IE=10
Access-Control-Allow-Headers: *
Content-Length: 6007
Expires: Fri, 13 May 2022 09:10:04 GMT

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd Show response
www.ducks.org/ 140 KB
35 KB 505ms
185ms Script
application/x-javascript 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ScriptManager_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a22727c22-244c-4537-8243-3c42cc5b20e2%3aea597d4b%3ab25378d2

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

70444fe7a3a0b50db2a0e01e060adbdbfd51294f3fca39be4ba0be287cd32a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.ducks.org/
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US
Connection: keep-alive
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2013 00:00:00 GMT
SERVER
Date: Thu, 13 May 2021 10:45:28 GMT
Vary: User-Agent
Access-Control-Allow-Methods: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-UA-Compatible: IE=10
Access-Control-Allow-Headers: *
Content-Length: 35151
Expires: Fri, 13 May 2022 10:45:29 GMT

GET
H/1.1 200
OK DependencyHandler.axd Show response
www.ducks.org/ 92 KB
29 KB 628ms
307ms Script
application/x-javascript 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1428

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b3b2388c7bdb0a8647c2e64aa5dcc79d8e9b9cd21db20909f780e4c59c926072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.ducks.org/
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US
Connection: keep-alive
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 13 May 2021 09:10:04 GMT
SERVER
ETag: "faf92ff8240d39c72a9a18049ff3871a"
Access-Control-Allow-Methods: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=858275, s-maxage=858275
Date: Thu, 13 May 2021 10:45:28 GMT
X-UA-Compatible: IE=10
Access-Control-Allow-Headers: *
Content-Length: 29142
Expires: Sun, 23 May 2021 09:10:04 GMT

GET
H/1.1 200
OK promo-bogo-2021.png
duckscdn.blob.core.windows.net/imagescontainer/_global/nav/ 25 KB
26 KB 844ms
178ms Image
image/png 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/_global/nav/promo-bogo-2021.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f24c9b5632a6b54aee0b1d998bf41608d909793dc599015e711b2f54c653e1d

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:29 GMT
Last-Modified: Mon, 03 May 2021 17:38:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Bi4B/kXYZ2QNCStJLHo2Rg==
ETag: "0x8D90E5A3D0CE47F"
Vary: Origin
Content-Type: image/png
x-ms-request-id: 2333655f-701e-000a-38e5-4761e1000000
x-ms-version: 2014-02-14
Content-Disposition
Accept-Ranges: bytes
Content-Length: 25953
x-ms-lease-state: available

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/ 19 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 654077
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2581
cf-request-id: 0a06edee9d00003237b02c4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qWJ5d9evjt1hvnSoa7RUWkKrMZZy5Rct7cya4t35IeuAinm40SOgCiVbmBUapD4vOxCYnLENZgMRIdReGwzL6RX95ebQzPkkvUTT9GvjtdNPSBhLUqH%2FWVURsF6iefDcGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64eb4c2a9a363237-FRA
expires: Tue, 03 May 2022 10:45:29 GMT

GET
H3-29 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/ 125 KB
29 KB 44ms
43ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 659274
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28876
cf-request-id: 0a06edeeb8000063eff6b5e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1f3be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rRpxjwaS2bdxqNJ7jtq%2FrFe9f4OgJJOIBUgV60FkI59DW4QP5rHu067kv3YPVLp%2BF6tRt4aYEhqbQn22julHa7MQlHtXlwKtI45tJ1GKszqJPJCvMz2XieqR7L6QOcW64Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64eb4c2abeef63ef-FRA
expires: Tue, 03 May 2022 10:45:29 GMT

GET
H/1.1 200
OK RANDOM_NUMBER.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/ 310 B
781 B 808ms
167ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/RANDOM_NUMBER.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aa4aeed15888d0492c0da8f53d0a63d6f764e62c3c2eeed63e1f4a1f98138ace

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:29 GMT
Last-Modified: Wed, 24 Apr 2019 13:07:01 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: VS2DYk2NK9SNiP4V/wT+QA==
ETag: "0x8D6C8B5BDADE3B7"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 3c978dc6-301e-002f-44e5-47f952000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 310
x-ms-lease-state: available

GET
H/1.1 200
OK RANDOM_NUMBER.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/ 310 B
781 B 809ms
167ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/RANDOM_NUMBER.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aa4aeed15888d0492c0da8f53d0a63d6f764e62c3c2eeed63e1f4a1f98138ace

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Wed, 24 Apr 2019 13:06:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: VS2DYk2NK9SNiP4V/wT+QA==
ETag: "0x8D6C8B5B9AC4611"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 8240b876-d01e-008f-7ce5-473634000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 310
x-ms-lease-state: available

GET
H/1.1 200
OK RANDOM_NUMBER.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/ 310 B
781 B 809ms
166ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/RANDOM_NUMBER.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 50f5aa4a46fd19ef752911d901cb3c690d105830dd8697927b5df5b08b077246

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:29 GMT
Last-Modified: Wed, 24 Apr 2019 13:29:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: IX9gRD6PC78aW5mRT8alOQ==
ETag: "0x8D6C8B8D79399D9"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 9484f21a-101e-011e-4de5-47e4d0000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 310
x-ms-lease-state: available

GET
H/1.1 200
OK eventsWidget.js Show response
www.ducks.org/desktopmodules/eventsWidget/Resources/js/ 23 KB
6 KB 170ms
170ms Script
application/javascript 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ducks.org/desktopmodules/eventsWidget/Resources/js/eventsWidget.js?cb=8

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4265297670d82d70658a7e0798fa16941b873842f57bab77c1e4d38ed3f9b6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.ducks.org/
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US
Connection: keep-alive
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 18:48:34 GMT
Server
ETag: "0ed82994c35d71:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Date: Thu, 13 May 2021 10:45:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5414
X-UA-Compatible: IE=10

GET
H/1.1 200
OK du-events.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/ 52 KB
52 KB 852ms
208ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/du-events.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e78bffe11218b54384d07c2bf3b7cf09107738cbefc0317d5f060254af3f5fad

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:29 GMT
Last-Modified: Mon, 22 Apr 2019 19:33:47 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: qP0LC25RwYVDzCdIWsLBNg==
ETag: "0x8D6C75970DEC74D"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 7daccc72-601e-0073-08e5-4708ab000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 53039
x-ms-lease-state: available

GET
H/1.1 200
OK home-efficiency.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/ 32 KB
32 KB 983ms
175ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/home-efficiency.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 12e31f8808aea7dd03b6e537ded04dcb95a9a8356fc58483809f4c7a882011ae

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:29 GMT
Last-Modified: Mon, 29 Mar 2021 15:32:25 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: T/5LXsy8PMuDq+4eWeD2Gg==
ETag: "0x8D8F2C7DAFBB0AA"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 3c978de5-301e-002f-5be5-47f952000000
x-ms-version: 2014-02-14
Content-Disposition
Accept-Ranges: bytes
Content-Length: 32725
x-ms-lease-state: available

GET
H/1.1 200
OK nav-where-we-work.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 27 KB
27 KB 176ms
175ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-where-we-work.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2ef621d5a0c7975941c11708248712f51cfacba9a2898639a44971f0a9870a3c

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 22 Apr 2019 01:33:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: JTWyeOVnYYJ8Sog7X86JFg==
ETag: "0x8D6C6C2855FC096"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 9484f228-101e-011e-56e5-47e4d0000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 27541
x-ms-lease-state: available

GET
H/1.1 200
OK nav-waterfowl-id.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 23 KB
23 KB 176ms
176ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-waterfowl-id.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fb0626044a734779164531dd67d8ef78cc2ca9ed7c2fd255787e3881598c7939

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 22 Apr 2019 01:29:26 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 7M3yz/pq2ZNcrI5gwuvx+g==
ETag: "0x8D6C6C1F553AC2F"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 8240b87f-d01e-008f-03e5-473634000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 23249
x-ms-lease-state: available

GET
H/1.1 200
OK nav-du-magazine.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 23 KB
23 KB 174ms
174ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-du-magazine.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c419976ff2214161f1358b8ee6b0a844cd82217be7bfa1142c39d11e7ca3ce4a

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 22 Apr 2019 01:38:16 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: +sPmcv6lpzS0p477RhFSdg==
ETag: "0x8D6C6C330F73045"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: d0edcd63-201e-0116-55e5-47ffa3000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 23287
x-ms-lease-state: available

GET
H/1.1 200
OK nav-prairie-experience.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 28 KB
29 KB 173ms
173ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-prairie-experience.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9d1ea69a68fd856aaad36b07ccd7f8ea3bac74b11297d870ec88036324c69d1e

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:29 GMT
Last-Modified: Mon, 22 Apr 2019 15:00:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: D6qChPknyjDWo4x4fmCMJA==
ETag: "0x8D6C73354A47DE3"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 23336571-701e-000a-46e5-4761e1000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 29060
x-ms-lease-state: available

GET
H/1.1 200
OK nav-youth-programs.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 31 KB
32 KB 171ms
170ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-youth-programs.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b96bcc460ae20a0404e495da32a0ff1004e17c1d9cba06922ae187efc8b6350a

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 22 Apr 2019 15:00:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: n7Qont7FPqwogOhCxvf1lg==
ETag: "0x8D6C73354A25A78"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 7daccc7f-601e-0073-13e5-4708ab000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 32086
x-ms-lease-state: available

GET
H/1.1 200
OK nav-mobile-apps.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 27 KB
28 KB 172ms
172ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-mobile-apps.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bbe00e43f262bed3419d7592a2321a7c6538278df6c47ca322697047cf7b0045

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 22 Apr 2019 15:00:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: b66gAyx8WiIknd2t+GHtwA==
ETag: "0x8D6C733549BA213"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: d0edcd69-201e-0116-5ae5-47ffa3000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 27834
x-ms-lease-state: available

GET
H/1.1 200
OK nav-visa.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 23 KB
23 KB 178ms
177ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-visa.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e9c9d74ac38ee8a1b5174bac730608b740ee04755fbc925a3872259e6628ae53

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 22 Apr 2019 15:11:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: WT+vgXpubcRgkjoSve99eA==
ETag: "0x8D6C734C6CC6410"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 8240b896-d01e-008f-15e5-473634000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 23240
x-ms-lease-state: available

GET
H/1.1 200
OK nav-recipes.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 31 KB
32 KB 177ms
177ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-recipes.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6f84d73fb1ee367292b6e68b96ffb20e98dafaa64fbb5032b3fefd60ce8bc05e

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 22 Apr 2019 15:12:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: VgcMqQFJR3v7UksmD/cYEA==
ETag: "0x8D6C734F37F4D9C"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 9484f237-101e-011e-61e5-47e4d0000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 31824
x-ms-lease-state: available

GET
H/1.1 200
OK nav-dog-training.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/ 24 KB
25 KB 173ms
173ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/nav-dog-training.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8a3fdc72be5fb7b758a75640c4bf0b58333878b40a460b0ebd1bd392dbb91ec1

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:29 GMT
Last-Modified: Mon, 22 Apr 2019 15:14:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 943vtyg6vGc2yQZdpLg45g==
ETag: "0x8D6C73545F0B1EF"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 3c978e05-301e-002f-79e5-47f952000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 24986
x-ms-lease-state: available

GET
H/1.1 200
OK ic_facebook.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 748 B
1 KB 163ms
163ms Image
image/png 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_facebook.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 08a63ff052869fd7bc5c160e0fa136076500451675562f99f5cbba799498ad99

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 08 Jan 2018 19:41:37 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 2kX1Bo5N5krR4GIUjZ85gA==
ETag: "0x8D556CFD4FAA918"
Vary: Origin
Content-Type: image/png
x-ms-request-id: 2333657f-701e-000a-54e5-4761e1000000
Cache-Control: max-age=2592000, public
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 748
x-ms-lease-state: available

GET
H/1.1 200
OK ic_twitter.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 1 KB
2 KB 163ms
163ms Image
image/png 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_twitter.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5e6da4379a25cc190a0ce4c38b816a8d20f20161d57825feb1adcec75cf539c5

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 08 Jan 2018 19:45:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 0LXFZWWY2yEbWHqRUbcrZA==
ETag: "0x8D556D05553CD44"
Vary: Origin
Content-Type: image/png
x-ms-request-id: 7daccc91-601e-0073-25e5-4708ab000000
Cache-Control: max-age=2592000, public
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 1052
x-ms-lease-state: available

GET
H/1.1 200
OK ic_youtube.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 2 KB
2 KB 164ms
163ms Image
image/png 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_youtube.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 295a9a73e8b5839b4db4ed0b0e4784a058cb25ac2dd8bbcd59b062038e831708

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 08 Jan 2018 19:45:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: m1ZFKOk+KwvXcGe4ke5MLQ==
ETag: "0x8D556D058CD9A76"
Vary: Origin
Content-Type: image/png
x-ms-request-id: d0edcd75-201e-0116-63e5-47ffa3000000
Cache-Control: max-age=2592000, public
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 1651
x-ms-lease-state: available

GET
H/1.1 200
OK ic_instagram.png
duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ 2 KB
2 KB 165ms
164ms Image
image/png 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/_global/icons/ic_instagram.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3e6bd1ed9d844e4f8aea6ada75aa9b5f16c9698de108d181d1f2db9de86047ea

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 08 Jan 2018 19:45:07 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: BrEjXway920P8TyB9Bq62A==
ETag: "0x8D556D0520B7BFD"
Vary: Origin
Content-Type: image/png
x-ms-request-id: 8240b8a9-d01e-008f-25e5-473634000000
Cache-Control: max-age=2592000, public
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 1718
x-ms-lease-state: available

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1872
date: Thu, 13 May 2021 10:14:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 13 May 2021 12:14:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
36 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f457127399f806ef7bdd4061f9ec7889ea358d97ae5051530c16aaffd4613bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37062
x-xss-protection: 0
last-modified: Thu, 13 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 May 2021 10:45:29 GMT

GET
H/1.1 200
OK g-logo-vert-green.png
duckscdn.blob.core.windows.net/imagescontainer/_global/logos/ 6 KB
7 KB 787ms
179ms Image
image/png 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/_global/logos/g-logo-vert-green.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8a81755bd2468f9738069c47b54e2d936d51cf482a3351c184c213d448ba9650

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Content-MD5: p2gi8omVVGDWlcFL3R74dA==
x-ms-copy-progress: 6023/6023
x-ms-copy-source: https://duckscdn.blob.core.windows.net/imagescontainer/_global%2Flogos%2Fg-logo-vert-green-orig.png?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-07-05T14%3A59%3A50Z&se=2018-07-06T15%3A14%3A50Z
x-ms-copy-status: success
Content-Length: 6023
x-ms-lease-state: available
x-ms-lease-status: unlocked
Accept-Ranges: bytes
Last-Modified: Thu, 05 Jul 2018 15:14:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D5E28A0DB7F667"
Vary: Origin
Content-Type: image/png
x-ms-request-id: d0edcd56-201e-0116-4ce5-47ffa3000000
x-ms-version: 2014-02-14
x-ms-copy-id: 7207a82f-f543-4d77-8fd6-63f83dbc58ed
x-ms-copy-completion-time: Thu, 05 Jul 2018 15:14:50 GMT

GET
H/1.1 404
Not Found glyphicons-halflings-regular.woff2
www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/ 0
0 166ms
165ms Font
text/html 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.ducks.org
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US
Connection: keep-alive
Origin: https://www.ducks.org
Referer: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 10:45:29 GMT
Cache-Control: max-age=259200
Server
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 63ms
43ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

d9bfd8ee7b837e98a12824ac14a482fa4d600d772ca84d1ac3f5d5a5224f90cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 13 May 2021 10:45:29 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888
x-xss-protection: 0
expires: Thu, 13 May 2021 10:45:29 GMT

GET
H2 200 BOGO_2021.jpg
duazurecdn.azureedge.net/media-manager/20210430/558de216-06b2-4bfc-84df-08a483227670/992/ 128 KB
128 KB 64ms
8ms Image
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duazurecdn.azureedge.net/media-manager/20210430/558de216-06b2-4bfc-84df-08a483227670/992/BOGO_2021.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3D) /
Resource Hash: b2d73b1a835844b7561208a5d2e6613f90960a3e4252bf3e14b8d5d1fe8dbffd

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 10:45:29 GMT
last-modified: Fri, 30 Apr 2021 18:18:28 GMT
server: ECAcc (frc/8F3D)
content-md5: 3Ev4Fgo2VeF3A91i4vcvmQ==
age: 304030
etag: "0x8D90C045A228275"
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: 148fcd62-701e-00e4-1121-456b62000000
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 131072
x-ms-lease-state: available

GET
H2 200 redheads-gary-kramer-web2.jpg
duazurecdn.azureedge.net/media-manager/20210413/60bfc59a-20c7-4949-b1e5-841b13086a31/992/ 128 KB
128 KB 75ms
20ms Image
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duazurecdn.azureedge.net/media-manager/20210413/60bfc59a-20c7-4949-b1e5-841b13086a31/992/redheads-gary-kramer-web2.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F9C) /
Resource Hash: 77f6335f1da63a6f959134620630f0500a4c99cd5fe42bf7a74d8e256bdec6bd

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 10:45:29 GMT
last-modified: Tue, 13 Apr 2021 13:23:56 GMT
server: ECAcc (frc/8F9C)
content-md5: s3eTtpPEvoF+ROxXE8QJFg==
age: 67704
etag: "0x8D8FE7F63DDA564"
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: d1742975-501e-0052-6547-47659a000000
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 131072
x-ms-lease-state: available

GET
H2 200 20160117162737-07516498-James-Juhl-SunnyTeal.jpg
duazurecdn.azureedge.net/media-manager/20210405/bbc64cb8-1da4-4cc3-b270-1c500f694f7d/992/ 128 KB
128 KB 74ms
19ms Image
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duazurecdn.azureedge.net/media-manager/20210405/bbc64cb8-1da4-4cc3-b270-1c500f694f7d/992/20160117162737-07516498-James-Juhl-SunnyTeal.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F9D) /
Resource Hash: c6b7adc5979609244a9acb15f3ecddb2ad362a6059375ba035ac2b718cb4c1a6

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 10:45:29 GMT
last-modified: Mon, 05 Apr 2021 18:06:04 GMT
server: ECAcc (frc/8F9D)
content-md5: 4sgI4qj6dpyomER1zFv+dw==
age: 80420
etag: "0x8D8F85D7AC72084"
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: cd8e42f5-701e-00ab-4929-47af7a000000
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 131072
x-ms-lease-state: available

GET
H2 200 Legacy_Greenwing.jpg
duazurecdn.azureedge.net/media-manager/20210401/496f6152-337c-43a8-b145-42313dbb0a78/992/ 42 KB
42 KB 74ms
19ms Image
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duazurecdn.azureedge.net/media-manager/20210401/496f6152-337c-43a8-b145-42313dbb0a78/992/Legacy_Greenwing.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F96) /
Resource Hash: 3beeb48f1998ec2ba833e4b1dda5c706054e34ed4f44428686d5f9612a9c24f3

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 10:45:29 GMT
last-modified: Thu, 01 Apr 2021 19:00:37 GMT
server: ECAcc (frc/8F96)
content-md5: 49AZ8eca9n2Bj4VWGbWPjw==
age: 430967
etag: "0x8D8F5406FD87AF7"
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: bab9ce57-c01e-0075-17f9-43ffd3000000
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 43329
x-ms-lease-state: available

GET
H2 200 15_Million_Acres_Conserved.jpg
duazurecdn.azureedge.net/media-manager/20210315/23e8083e-f276-4448-80fc-b109d9dc852d/992/ 128 KB
128 KB 58ms
19ms Image
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duazurecdn.azureedge.net/media-manager/20210315/23e8083e-f276-4448-80fc-b109d9dc852d/992/15_Million_Acres_Conserved.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3A) /
Resource Hash: 8842adb0ced0073aff9a83744d3d68f92b6bef0a978ef381463e1d7f919cbdc5

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 10:45:29 GMT
last-modified: Mon, 15 Mar 2021 17:28:00 GMT
server: ECAcc (frc/8F3A)
content-md5: sP069qFYR3CyVs7x2hW5gQ==
age: 80420
etag: "0x8D8E7D7AEC0168B"
x-cache: HIT
content-type: application/octet-stream
x-ms-request-id: 6aed8503-901e-000b-5429-47601c000000
x-ms-version: 2014-02-14
accept-ranges: bytes
content-length: 131072
x-ms-lease-state: available

GET
H/1.1 200
OK prev.png
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/ 4 KB
4 KB 261ms
68ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/prev.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9e20daf40299bc6c07fbc96ae8a09f1f0f7a8a2270970e20f200d6013c300597

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 10:45:29 GMT
X-Object-Meta-Cb-Modifiedtime: Sat, 02 Sep 2017 19:49:39 GMT
Last-Modified: Sat, 02 Sep 2017 19:50:59 GMT
X-Trans-Id: tx78a727700dea4bc59af4f-00609cedb5dfw1
ETag: 0fa1b9d67ddde96435eb29501b42b9be
Content-Type: image/png
X-Timestamp: 1504381858.05993
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3763
Expires: Thu, 13 May 2021 11:00:29 GMT

GET
H/1.1 200
OK next.png
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/ 4 KB
4 KB 259ms
66ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com/landingPages/hunting/2017-wf360/next.png
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 125b501f4bd9ae044debc9785c8300edb8181c66e3902426f1fa1905528a3d35

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 10:45:29 GMT
X-Object-Meta-Cb-Modifiedtime: Sat, 02 Sep 2017 19:50:45 GMT
Last-Modified: Sat, 02 Sep 2017 19:50:59 GMT
X-Trans-Id: tx7fc94b30d9b143529c8d5-00609cedb5dfw1
ETag: d96442fc852124d6c5027fd8c9df6db9
Content-Type: image/png
X-Timestamp: 1504381858.07159
Cache-Control: public, max-age=878
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3641
Expires: Thu, 13 May 2021 11:00:07 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2110919258&utmhn=www.ducks.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=World%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258&slf_rd=1&random=1534840960

42 B
107 B

18ms
17ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258&slf_rd=1&random=1534840960

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-171220-3&cid=95090528.1620902730&jid=11893935&_v=5.7.2&z=2110919258&slf_rd=1&random=1534840960
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 181ms
65ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 May 2021 10:45:29 GMT

GET
H3-29

200

activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F Show response
10231870.fls.doubleclick.net/ Frame 6A88
Redirect Chain

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
https://10231870.fls.doubleclick.net/activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F...

484 B
411 B

135ms
70ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10231870.fls.doubleclick.net/activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f6.1e100.net

Software

cafe /

Resource Hash

d4d32e686a01c1047565eb77ddedacbe3715941f9b4e46a1d18cdd3c4c7aa2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10231870.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ducks.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 13-May-2021 11:00:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10231870.fls.doubleclick.net/activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F Show response
10231870.fls.doubleclick.net/ Frame B450
Redirect Chain

https://10231870.fls.doubleclick.net/activityi;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
https://10231870.fls.doubleclick.net/activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F...

484 B
411 B

133ms
68ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10231870.fls.doubleclick.net/activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f6.1e100.net

Software

cafe /

Resource Hash

2f139e8f6ec3ae20a24543f2d3350c6d047abf57400d3f543544baf885efa98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10231870.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ducks.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 13-May-2021 11:00:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10231870.fls.doubleclick.net/activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: BEbXBGX19K+ELoR0pyA0h4Sdr7Z5MsUWEZUdFA/6AxahMl7PdcmMf7MZCcWgTvK0INjiAikHX4uSrukQn9Zxsg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 13 May 2021 10:45:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:295::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 10:45:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=65870
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js Show response
my.hellobar.com/ 68 KB
9 KB 300ms
279ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42cc7ee358f66d7e93e1b0331af984de0837aab8600440f450f0a612b07eb677

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 13 May 2021 10:42:20 GMT
server: cloudflare
x-amz-request-id: Q6RA2225ZATFS8PN
etag: W/"cff2720259e755f63aee95c34d38954c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 0r0/2XS+DFOZfZ+8I0cEDQGl9PTEJ6f6lZPoLYEXYLhcT6QesvNBOoD+0P/u5OnolTEONqEaGLY=
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 64eb4c2d6bb34a7f-FRA
cf-request-id: 0a06edf06000004a7fcaa5d000000001

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 113 KB
32 KB 333ms
232ms Script
application/javascript 104.126.36.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0GQ1JCP76SVVJ0UQN7G&lib=ttq
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202105131045300102360410971802B24D
vary: Accept-Encoding
x-cache: TCP_MISS from a104-126-36-29.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 180,104.126.36.29
server-timing: inner; dur=0, cdn-cache; desc=MISS, edge; dur=2, origin; dur=180
x-akamai-request-id: 35a1ee5c
expires: Thu, 13 May 2021 10:45:30 GMT

GET
H/1.1 200
OK 3 Show response
webapi.ducks.org/api/event/getupcomingnationaleventsforwidget/ 1 KB
1 KB 717ms
174ms XHR
application/json 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.ducks.org/api/event/getupcomingnationaleventsforwidget/3
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9saWJyYXJpZXMvalF1ZXJ5LzAxXzA5XzAxL2pxdWVyeS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktTWlncmF0ZS8wMV8wMl8wMS9qcXVlcnktbWlncmF0ZS5qczsvUmVzb3VyY2VzL2xpYnJhcmllcy9qUXVlcnktVUkvMDFfMTFfMDMvanF1ZXJ5LXVpLmpzOw&t=Javascript&cdv=1428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1ed26e7e6fb7d75337f4e1a2454fcf6f0bc3a56f578056c987d4691fb6492a42

Request headers

Accept: */*
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 10:45:30 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 1194
Expires: -1

GET
H/1.1 200
OK 5.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/ 15 KB
16 KB 188ms
188ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/conservation/5.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fcc77b520bb40ea6b8fe62217c6026ea118e8ea794ba4e3c6a704c564f1bfa59

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 04 May 2020 18:23:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ZPv/4kEbiOnbv+LA5aHoOg==
ETag: "0x8D7F0582FE96094"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 2333658f-701e-000a-63e5-4761e1000000
x-ms-version: 2014-02-14
Content-Disposition
Accept-Ranges: bytes
Content-Length: 15575
x-ms-lease-state: available

GET
H/1.1 200
OK 3.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/ 55 KB
55 KB 172ms
172ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/hunting/3.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ac7f23decc2bc2183d52de7c50d1ceb310ab6289220ec51d5f8a151202fbd61

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Tue, 23 Apr 2019 19:20:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: qtg8T5QyOnbLSZud4nbzig==
ETag: "0x8D6C820C6C4D9F2"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 3c978e13-301e-002f-06e5-47f952000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 55837
x-ms-lease-state: available

GET
H/1.1 200
OK 2.jpg
duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/ 15 KB
15 KB 170ms
169ms Image
image/jpeg 13.85.88.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duckscdn.blob.core.windows.net/imagescontainer/landing-pages/home/images/2019/nav-images/get-involved/2.jpg
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.88.16 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b97bcd732bae3139c650f8485fb332633a6af1c770380cb60159c93c0bf8838c

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Tue, 23 Apr 2019 19:19:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: aKecCwD2Rn0Mht6whVoCdA==
ETag: "0x8D6C820A824A772"
Vary: Origin
Content-Type: image/jpeg
x-ms-request-id: 9484f23f-101e-011e-67e5-47e4d0000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 14996
x-ms-lease-state: available

GET
H/1.1 200
OK ring.gif
www.ducks.org/desktopmodules/quizadmin/resources/images/ 23 KB
24 KB 174ms
174ms Image
image/gif 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ducks.org/desktopmodules/quizadmin/resources/images/ring.gif

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa00caef81b45d8a9cbd1880e85c4012e75c2d5658dee646bb920645c087f4cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.ducks.org/
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US; __utma=1.95090528.1620902730.1620902730.1620902730.1; __utmc=1; __utmz=1.1620902730.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=1.1.10.1620902730; _gcl_au=1.1.967609777.1620902730
Connection: keep-alive
Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 14 May 2018 13:43:44 GMT
Server
ETag: "b8f36b9389ebd31:0"
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Date: Thu, 13 May 2021 10:45:30 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 23837
X-UA-Compatible: IE=10

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/ 23 KB
23 KB 176ms
176ms Font
font/x-woff 104.214.108.93
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ducks.org/Portals/_default/Skins/Ducks.org/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 104.214.108.93 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.ducks.org
Accept-Encoding: gzip, deflate, br
Host: www.ducks.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
Cookie: dnn_IsMobile=False; .ASPXANONYMOUS=Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480; Analytics_VisitorId=f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6; Analytics=SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1; language=en-US; __utma=1.95090528.1620902730.1620902730.1620902730.1; __utmc=1; __utmz=1.1620902730.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=1.1.10.1620902730; _gcl_au=1.1.967609777.1620902730
Connection: keep-alive
Origin: https://www.ducks.org
Referer: https://www.ducks.org/DependencyHandler.axd?s=L1Jlc291cmNlcy9TaGFyZWQvc3R5bGVzaGVldHMvZG5uZGVmYXVsdC83LjAuMC9kZWZhdWx0LmNzczsvRGVza3RvcE1vZHVsZXMvRXZlbnRzV2lkZ2V0L21vZHVsZS5jc3M7L0Rlc2t0b3BNb2R1bGVzL0hvbWVQYWdlRmVhdHVyZS9tb2R1bGUuY3NzOy9EZXNrdG9wTW9kdWxlcy9SZWNlbnRTbGlkZXIvbW9kdWxlLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2Jvb3RzdHJhcC5taW4uY3NzOy9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL0R1Y2tzLm9yZy9za2luLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvY3NzL2FuaW1hdGUubWluLmNzczsvUG9ydGFscy9fZGVmYXVsdC9Db250YWluZXJzL0NhdmFsaWVyL2NvbnRhaW5lci5jc3M7L1BvcnRhbHMvMC9wb3J0YWwuY3NzOw&t=Css&cdv=1428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 10:45:30 GMT
Last-Modified: Mon, 03 May 2021 17:47:06 GMT
Server
X-Powered-By: ASP.NET
ETag: "fb568a554440d71:0"
Content-Type: font/x-woff
Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Length: 23424

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
90 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 05:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 105953
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92213
x-xss-protection: 0
expires: Thu, 12 May 2022 05:19:37 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 23:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 125735
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Wed, 11 May 2022 23:49:55 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=009933857019497811867:jbd3dpxsoos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 1438
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Thu, 13 May 2021 11:11:32 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D432634%26time%3D1620902730589%26url%3Dhttps%253A%252F%252Fwww.ducks.org%252F%26li...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F&liSync=true&e_ipv6=AQLFgPVD6pM9OAAAAXllVN05RpK8sZuLt-AgB5vLhe2s48goqwKjqcAMwaYp73fhB...

0
371 B

478ms
217ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F&liSync=true&e_ipv6=AQLFgPVD6pM9OAAAAXllVN05RpK8sZuLt-AgB5vLhe2s48goqwKjqcAMwaYp73fhBAWZIiJU
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:31 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: 4N6/RHKafhZAMrgXoisAAA==

Redirect headers

date: Thu, 13 May 2021 10:45:31 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=432634&time=1620902730589&url=https%3A%2F%2Fwww.ducks.org%2F&liSync=true&e_ipv6=AQLFgPVD6pM9OAAAAXllVN05RpK8sZuLt-AgB5vLhe2s48goqwKjqcAMwaYp73fhBAWZIiJU
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: qXZDK3Kafhagn3RAnCsAAA==

GET
H3-29 200 1431799027060769 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1431799027060769?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79ee39aab2701516c65d79c9eb49c1dc1a5e66f56d2b405b1e793be75dded6fb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: JrSKHA/MYNlRyijgq28EqvGx3jRKZMXzJTut40Ev8H9qLCC8NNlrf9GAEXCH9XdshCtvBzyBgGgmzcCrUZrtkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 13 May 2021 10:45:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1040837785/ 2 KB
1 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1040837785/?random=1620902730598&cv=9&fst=1620902730598&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2930b4b53b2c3deb17cc54173bf7c9dfccd27be0e6de1438693c4bdde79e7bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976631994/ 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976631994/?random=1620902730601&cv=9&fst=1620902730601&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd72be1344c0ba76ec2f9b7dce2d4cbed848afebb260116b65d0af8c048a5564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 140 KB
39 KB 208ms
207ms Script
application/javascript 104.126.36.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0GQ1JCP76SVVJ0UQN7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: 862eccf1.35a1f266
date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-88-71-21.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-36-29.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-parent-response-time: 158,104.126.36.29
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=6, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202105131045300102360171340802D2C4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,104.88.71.21
expires: Thu, 13 May 2021 10:45:30 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 212ms
212ms Script
application/javascript 104.126.36.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C0GQ1JCP76SVVJ0UQN7G
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0GQ1JCP76SVVJ0UQN7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 589f18ecca20024a28b0f59930baded9e2836f6c0a27d54520be5f09e297806c

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202105131045300102360411432102BF11
vary: Accept-Encoding
x-cache: TCP_MISS from a104-126-36-29.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 161,104.126.36.29
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=161
x-akamai-request-id: 35a1f27d
expires: Thu, 13 May 2021 10:45:30 GMT

GET
H2 200 modules-v67.js Show response
my.hellobar.com/ 144 KB
38 KB 31ms
30ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v67.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/6b3a1a5d169fdb4d107f86a6269a5d3cebceb605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe35d1cb453616e09e72d309d4c8bb9ab2e2f3861c516402d8901de1c54bffc

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 3519055
x-amz-request-id: NMANF3DVDVGZDDP5
x-amz-id-2: bg+m+PxYcn028dwMqW7yowqaZB10JlrTpvmOePoIn22JsA+H7APG+blXjLe9vbxS7hwmClBtPWo=
last-modified: Fri, 02 Apr 2021 15:59:10 GMT
server: cloudflare
etag: W/"b05f53d2d9d066301341c485918acb5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31557600, must-revalidate, proxy-revalidate, s-maxage=31557600
cf-request-id: 0a06edf38500004a7f7a826000000001
cf-ray: 64eb4c3268914a7f-FRA
cf-bgj: minify

GET
H2 200 dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F Show response
adservice.google.com/ddm/fls/i/ Frame C103 483 B
619 B 75ms
74ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Requested by

Host: 10231870.fls.doubleclick.net
URL: https://10231870.fls.doubleclick.net/activityi;dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7f8e3345089b0ceac6d24bbdd9417c3b26896b351e928a7e449b8da9a71e1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10231870.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10231870.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F Show response
adservice.google.com/ddm/fls/i/ Frame 5148 483 B
452 B 75ms
74ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Requested by

Host: 10231870.fls.doubleclick.net
URL: https://10231870.fls.doubleclick.net/activityi;dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a358e19f97188fce97c1d7bab98af2ba4a58806448c04510f9411d51689f7f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10231870.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10231870.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/976631994/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976631994/?random=1620902730601&cv=9&fst=1620900000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=898536174&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/976631994/ 42 B
64 B 31ms
28ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976631994/?random=1620902730601&cv=9&fst=1620900000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=898536174&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 async-ads.js Show response
cse.google.com/adsense/search/ 180 KB
62 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d217b9e2431321db6b1ae43115b01ff72a1a980e915f4a7199ac5612fe6376b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "15769654821954840549"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 13 May 2021 10:45:30 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 9ms
5ms Image
text/plain 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:30 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 348112
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Mon, 09 May 2022 10:03:38 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
182 B 26ms
6ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.ducks.org
URL: https://www.ducks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:30 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
261 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1431799027060769&ev=PageView&dl=https%3A%2F%2Fwww.ducks.org%2F&rl=&if=false&ts=1620902730735&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620902730733.1529430105&it=1620902730596&coo=false&exp=l0&rqm=GET

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 13 May 2021 10:45:30 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1040837785/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1040837785/?random=1620902730598&cv=9&fst=1620900000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=183628687&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1040837785/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1040837785/?random=1620902730598&cv=9&fst=1620900000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&frm=0&url=https%3A%2F%2Fwww.ducks.org%2F&tiba=World%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation&async=1&fmt=3&is_vtc=1&random=183628687&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ducks.org
URL: https://www.ducks.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F Show response
adservice.google.de/ddm/fls/i/ Frame A041 194 B
391 B 42ms
41ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIudvpu9xvACFdRV5QodYTsGAg;src=10231870;type=pagev0;cat=homep0;ord=1;num=7360589780680;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:30 GMT
expires: Thu, 13 May 2021 10:45:30 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F Show response
10231870.fls.doubleclick.net/ddm/fls/r/ Frame 657F
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.du...
https://10231870.fls.doubleclick.net/ddm/fls/r/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F...

489 B
380 B

68ms
68ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10231870.fls.doubleclick.net/ddm/fls/r/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f6.1e100.net

Software

cafe /

Resource Hash

3282775c4d6c53c73f01289d961ddeadc7ea02cb799b3c2f0ec5d8aed2d1a18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10231870.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmmhwkwWCP6BTQiPWyVSsk78i-oQZUJWez4Mp8GIhX33E615ZMbDtGcs-JA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:30 GMT
expires: Thu, 13 May 2021 10:45:30 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 357
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://10231870.fls.doubleclick.net/ddm/fls/r/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
561 B 213ms
213ms Ping
application/octet-stream 104.126.36.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0GQ1JCP76SVVJ0UQN7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 64f9fda7.35a1f3b9
date: Thu, 13 May 2021 10:45:31 GMT
x-cache-remote: TCP_MISS from a104-88-71-61.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
upstream-caught: 1620902730981182
x-cache: TCP_MISS from a104-126-36-29.deploy.akamaitechnologies.com (AkamaiGHost/10.4.0-33449709) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 162,104.126.36.29
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=10, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202105131045300102360430822E02B0C1
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,104.88.71.61
expires: Thu, 13 May 2021 10:45:31 GMT

GET
H3-29

200

src=10229801;dc_pre=CMXjgJy9xvACFY_BOwIdV6wIvw;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
adservice.google.com/ddm/fls/z/ Frame 657F
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10229801;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=10229801;dc_pre=CMXjgJy9xvACFY_BOwIdV6wIvw;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://adservice.google.com/ddm/fls/z/src=10229801;dc_pre=CMXjgJy9xvACFY_BOwIdV6wIvw;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

42 B
63 B

56ms
42ms

Image
image/gif

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10229801;dc_pre=CMXjgJy9xvACFY_BOwIdV6wIvw;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Requested by

Host: 10231870.fls.doubleclick.net
URL: https://10231870.fls.doubleclick.net/ddm/fls/r/dc_pre=CLSZvpu9xvACFfDhuwgdslQHrQ;src=10231870;type=pagev0;cat=allpa0;ord=1;num=5034617405833;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10231870.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=10229801;dc_pre=CMXjgJy9xvACFY_BOwIdV6wIvw;type=invmedia;cat=ducks0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 657F
Redirect Chain

https://secure.adnxs.com/px?id=1298318&seg=22845207&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1298318%26seg%3D22845207%26t%3D2

43 B
1 KB

51ms
51ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1298318%26seg%3D22845207%26t%3D2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://10231870.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 10:45:31 GMT
X-Proxy-Origin: 185.236.42.17; 185.236.42.17; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid: 720c4fe4-505f-4307-b1d9-1026bbd3afaa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 10:45:31 GMT
X-Proxy-Origin: 185.236.42.17; 185.236.42.17; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid: 9ef98c31-b499-48b5-9147-9a440a7f8568
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1298318%26seg%3D22845207%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F Show response
5083104.fls.doubleclick.net/ Frame 9F63
Redirect Chain

https://5083104.fls.doubleclick.net/activityi;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
https://5083104.fls.doubleclick.net/activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.d...

389 B
346 B

74ms
74ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5083104.fls.doubleclick.net/activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2LTJJQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

c4469b2096e1a147d42a6b2bcea3e0106026ef3b1ab72cc98bc5baaae922dc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5083104.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ducks.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmmhwkwWCP6BTQiPWyVSsk78i-oQZUJWez4Mp8GIhX33E615ZMbDtGcs-JA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:31 GMT
expires: Thu, 13 May 2021 10:45:31 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 13 May 2021 10:45:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5083104.fls.doubleclick.net/activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=*;~oref=https%3A%2F%2Fwww.ducks.org%2F
adservice.google.com/ddm/fls/z/ Frame 9F63 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=*;~oref=https%3A%2F%2Fwww.ducks.org%2F

Requested by

Host: 5083104.fls.doubleclick.net
URL: https://5083104.fls.doubleclick.net/activityi;dc_pre=CObbpZy9xvACFafLEQgdulYGFQ;src=5083104;type=gener0;cat=gener0;ord=4815765440660;gtm=2wg550;auiddc=967609777.1620902730;~oref=https%3A%2F%2Fwww.ducks.org%2F?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5083104.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 10:45:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1431799027060769&ev=Microdata&dl=https%3A%2F%2Fwww.ducks.org%2F&rl=&if=false&ts=1620902732239&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtWorld%20Leader%20in%20Wetlands%20%26%20Waterfowl%20Conservation%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620902730733.1529430105&it=1620902730596&coo=false&es=automatic&tm=3&exp=l0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 13 May 2021 10:45:32 GMT

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ducks.org/	1970-01-19 20:24:38	Name: _fbp Value: fb.1.1620902730733.1529430105
www.ducks.org/	1970-01-19 18:15:04	Name: __utmb Value: 1.1.10.1620902730
www.ducks.org/	1969-12-31 23:59:59	Name: __utmc Value: 1
www.ducks.org/	1970-01-20 11:46:14	Name: __utma Value: 1.95090528.1620902730.1620902730.1620902730.1
www.ducks.org/	1970-01-19 18:15:06	Name: Analytics Value: SessionId=7ca5ef35-cbc5-458f-952f-44c85dc2aaf8&TabId=12861&ContentItemId=-1
www.ducks.org/	1970-01-19 18:15:03	Name: __utmt Value: 1
www.ducks.org/	1969-12-31 23:59:59	Name: language Value: en-US
www.ducks.org/	1970-01-19 18:58:14	Name: Analytics_VisitorId Value: f8d2bd8a-acac-4e39-a7e6-1a5c651db0d6
.doubleclick.net/	1970-01-20 03:36:38	Name: IDE Value: AHWqTUmmhwkwWCP6BTQiPWyVSsk78i-oQZUJWez4Mp8GIhX33E615ZMbDtGcs-JA
www.ducks.org/	1970-01-19 22:37:50	Name: __utmz Value: 1.1620902730.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.ducks.org/	1970-01-19 19:55:02	Name: .ASPXANONYMOUS Value: Mz4pDDa4xcsNMkvLlGy13vlH5Vj3KQCs1UTxDehc_IfEjV-bEOsllUKfUk1RlDYPUP8TDgV6qbewfloobblYW1_Xt9wM9RuP45auuPEgU5to0E480
.ducks.org/	1970-01-19 20:24:38	Name: _gcl_au Value: 1.1.967609777.1620902730
www.ducks.org/	1969-12-31 23:59:59	Name: dnn_IsMobile Value: False

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1428(Line 33) Message: Width: 1600
console-api	log	URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1428(Line 32) Message: Creating ribbons.
console-api	log	URL: https://www.ducks.org/DependencyHandler.axd?s=L1BvcnRhbHMvX2RlZmF1bHQvU2tpbnMvRHVja3Mub3JnL2pzL2Jvb3RzdHJhcC5taW4uanM7L2pzL2Rubi5qczsvanMvZG5uLm1vZGFscG9wdXAuanM7L1Jlc291cmNlcy9TaGFyZWQvU2NyaXB0cy9qcXVlcnkvanF1ZXJ5LmhvdmVySW50ZW50Lm1pbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvbW9kZXJuaXpyLWN1c3RvbS5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvc2tpbi5qczsvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9EdWNrcy5vcmcvanMvcGljdHVyZWZpbGwubWluLmpzOy9qcy9kbm5jb3JlLmpzOy9EZXNrdG9wTW9kdWxlcy9ETk5Db3JwL0V2b3FDb250ZW50TGlicmFyeS9DbGllbnRTY3JpcHRzL2Rubi5hbmFseXRpY3MuSW5qZWN0ZWQuanM7L2pzL2Rubi5zZXJ2aWNlc2ZyYW1ld29yay5qczs&t=Javascript&cdv=1428(Line 39) Message: Setting active menu item.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10231870.fls.doubleclick.net
5083104.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tiktok.com
cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
cse.google.com
duazurecdn.azureedge.net
ducks.org
duckscdn.blob.core.windows.net
eae3e26d6cce6d2421f2-d0bf394c81120104918c3f1bbeb3098c.ssl.cf1.rackcdn.com
googleads.g.doubleclick.net
my.hellobar.com
px.ads.linkedin.com
px4.ads.linkedin.com
secure.adnxs.com
snap.licdn.com
ssl.google-analytics.com
stats.g.doubleclick.net
webapi.ducks.org
www.ducks.org
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.googletagmanager.com
www.linkedin.com
104.126.36.33
104.214.108.93
108.174.10.14
13.85.88.16
142.250.185.102
142.250.186.98
2.18.233.88
216.58.212.134
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:f17
2606:4700::6810:125e
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9a
2a02:26f0:6c00:295::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.252.173.27
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
08a63ff052869fd7bc5c160e0fa136076500451675562f99f5cbba799498ad99
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
125b501f4bd9ae044debc9785c8300edb8181c66e3902426f1fa1905528a3d35
12c6778483f156dc6b52fb70601be43f21a09ae04fafdf977b5d3b2aff7b8ea3
12e31f8808aea7dd03b6e537ded04dcb95a9a8356fc58483809f4c7a882011ae
1ac7f23decc2bc2183d52de7c50d1ceb310ab6289220ec51d5f8a151202fbd61
1ed26e7e6fb7d75337f4e1a2454fcf6f0bc3a56f578056c987d4691fb6492a42
2930b4b53b2c3deb17cc54173bf7c9dfccd27be0e6de1438693c4bdde79e7bce
295a9a73e8b5839b4db4ed0b0e4784a058cb25ac2dd8bbcd59b062038e831708
2ef621d5a0c7975941c11708248712f51cfacba9a2898639a44971f0a9870a3c
2f139e8f6ec3ae20a24543f2d3350c6d047abf57400d3f543544baf885efa98e
3282775c4d6c53c73f01289d961ddeadc7ea02cb799b3c2f0ec5d8aed2d1a18d
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3beeb48f1998ec2ba833e4b1dda5c706054e34ed4f44428686d5f9612a9c24f3
3e6bd1ed9d844e4f8aea6ada75aa9b5f16c9698de108d181d1f2db9de86047ea
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1
4265297670d82d70658a7e0798fa16941b873842f57bab77c1e4d38ed3f9b6f2
42cc7ee358f66d7e93e1b0331af984de0837aab8600440f450f0a612b07eb677
42dc5b15064b1c48a5e47c42bf7eaa6f9e86c7425f545314f334c099e66b5d21
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4f24c9b5632a6b54aee0b1d998bf41608d909793dc599015e711b2f54c653e1d
50f5aa4a46fd19ef752911d901cb3c690d105830dd8697927b5df5b08b077246
589f18ecca20024a28b0f59930baded9e2836f6c0a27d54520be5f09e297806c
5e6da4379a25cc190a0ce4c38b816a8d20f20161d57825feb1adcec75cf539c5
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fe35d1cb453616e09e72d309d4c8bb9ab2e2f3861c516402d8901de1c54bffc
6ad5ab936bbf2fb1059b1caa086876f88ae76e53f5316bf8a14bf50fe43e516a
6f457127399f806ef7bdd4061f9ec7889ea358d97ae5051530c16aaffd4613bb
6f84d73fb1ee367292b6e68b96ffb20e98dafaa64fbb5032b3fefd60ce8bc05e
70444fe7a3a0b50db2a0e01e060adbdbfd51294f3fca39be4ba0be287cd32a4d
77f6335f1da63a6f959134620630f0500a4c99cd5fe42bf7a74d8e256bdec6bd
79ee39aab2701516c65d79c9eb49c1dc1a5e66f56d2b405b1e793be75dded6fb
8842adb0ced0073aff9a83744d3d68f92b6bef0a978ef381463e1d7f919cbdc5
8a3fdc72be5fb7b758a75640c4bf0b58333878b40a460b0ebd1bd392dbb91ec1
8a81755bd2468f9738069c47b54e2d936d51cf482a3351c184c213d448ba9650
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
9d1ea69a68fd856aaad36b07ccd7f8ea3bac74b11297d870ec88036324c69d1e
9e20daf40299bc6c07fbc96ae8a09f1f0f7a8a2270970e20f200d6013c300597
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a358e19f97188fce97c1d7bab98af2ba4a58806448c04510f9411d51689f7f0a
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aa00caef81b45d8a9cbd1880e85c4012e75c2d5658dee646bb920645c087f4cd
aa4aeed15888d0492c0da8f53d0a63d6f764e62c3c2eeed63e1f4a1f98138ace
b2d73b1a835844b7561208a5d2e6613f90960a3e4252bf3e14b8d5d1fe8dbffd
b3b2388c7bdb0a8647c2e64aa5dcc79d8e9b9cd21db20909f780e4c59c926072
b96bcc460ae20a0404e495da32a0ff1004e17c1d9cba06922ae187efc8b6350a
b97bcd732bae3139c650f8485fb332633a6af1c770380cb60159c93c0bf8838c
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
bbe00e43f262bed3419d7592a2321a7c6538278df6c47ca322697047cf7b0045
c419976ff2214161f1358b8ee6b0a844cd82217be7bfa1142c39d11e7ca3ce4a
c4469b2096e1a147d42a6b2bcea3e0106026ef3b1ab72cc98bc5baaae922dc61
c6b7adc5979609244a9acb15f3ecddb2ad362a6059375ba035ac2b718cb4c1a6
ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9
d217b9e2431321db6b1ae43115b01ff72a1a980e915f4a7199ac5612fe6376b3
d3cb488888e9ea75771482ea8d142de6a4b3846f7bc7e49a3b90b6c9f041cae3
d4d32e686a01c1047565eb77ddedacbe3715941f9b4e46a1d18cdd3c4c7aa2bf
d9bfd8ee7b837e98a12824ac14a482fa4d600d772ca84d1ac3f5d5a5224f90cb
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd72be1344c0ba76ec2f9b7dce2d4cbed848afebb260116b65d0af8c048a5564
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78bffe11218b54384d07c2bf3b7cf09107738cbefc0317d5f060254af3f5fad
e9c9d74ac38ee8a1b5174bac730608b740ee04755fbc925a3872259e6628ae53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f8e3345089b0ceac6d24bbdd9417c3b26896b351e928a7e449b8da9a71e1f8
fb0626044a734779164531dd67d8ef78cc2ca9ed7c2fd255787e3881598c7939
fcc77b520bb40ea6b8fe62217c6026ea118e8ea794ba4e3c6a704c564f1bfa59

www.ducks.org Open in urlscan Pro 104.214.108.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

69 %IPv6

19 Domains

31 Subdomains

25 IPs

3 Countries

1867 kBTransfer

3915 kBSize

13 Cookies

8 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ducks.org Open in urlscan Pro
104.214.108.93 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

69 %
IPv6

19
Domains

31
Subdomains

25
IPs

3
Countries

1867 kB
Transfer

3915 kB
Size

13
Cookies

83 HTTP transactions
0 data transactions