duckx.relativity.software Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://duckx.relativity.software/
Submission: On November 21 via api (November 21st 2023, 6:01:44 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2a06:98c1:58::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is duckx.relativity.software.
TLS certificate: Issued by GTS CA 1P5 on November 21st 2023. Valid for: 3 months.

This is the only time duckx.relativity.software was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:58::60 2a06:98c1:58::60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
1	3.160.22.48 3.160.22.48	16509 (AMAZON-02) (AMAZON-02)
1	192.26.145.25 192.26.145.25	53617 (ECSFI) (ECSFI)
1	34.226.29.162 34.226.29.162	14618 (AMAZON-AES) (AMAZON-AES)
8	5

4 2a06:98c1:58::60 (United States)

ASN13335 (CLOUDFLARENET, US)

duckx.relativity.software	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.22.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-48.cmh68.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.26.145.25 (United States)

ASN53617 (ECSFI, US)
PTR: img2.annthegran.com

img2.svgdesigns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.29.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-29-162.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	relativity.software duckx.relativity.software	315 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 885 heapanalytics.com — Cisco Umbrella Rank: 790	37 KB
1	svgdesigns.com img2.svgdesigns.com	45 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	968 B
8	4

	Domain	Requested by
4	duckx.relativity.software	duckx.relativity.software
1	heapanalytics.com
1	img2.svgdesigns.com	duckx.relativity.software
1	cdn.heapanalytics.com	duckx.relativity.software
1	fonts.googleapis.com	duckx.relativity.software
8	5

This site contains no links.

Subject Issuer	Validity	Valid
duckx.relativity.software GTS CA 1P5	`2023-11-21` - `2024-02-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
*.svgdesigns.com Go Daddy Secure Certificate Authority - G2	`2023-08-10` - `2024-09-10`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://duckx.relativity.software/
Frame ID: F32AF36323CE38600C2BEA7AB2C45E53
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DUCKX Framework

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

8
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

398 kB
Transfer

4228 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
duckx.relativity.software/ 7 KB
3 KB 130ms
27ms Document
text/html 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duckx.relativity.software/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c9f0a35872f42c48d77850f678224b2f27d8f7e0dae20d5de4df68b631429d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public,max-age=10,s-maxage=86400
cf-cache-status: MISS
cf-ray: 829ad6d95905431f-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 18:01:40 GMT
last-modified: Tue, 21 Nov 2023 15:58:52 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-request-id: tx000009116623d64c03ea4-00655cf084-49f61-nyc3d
x-do-app-origin: 65a0be5b-7a1e-4fec-a721-7cfd42906a43
x-do-orig-status: 200
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type: Normal

GET
H2 200 styles.css
duckx.relativity.software/ 555 B
402 B 35ms
34ms Stylesheet
text/css 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duckx.relativity.software/styles.css
Requested by: Host: duckx.relativity.software
URL: https://duckx.relativity.software/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a376dbf34be9a1c63a98327cccf4e71fd01b43500323b5a44565debc4e14bd6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duckx.relativity.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:01:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 15:58:52 GMT
server: cloudflare
x-do-app-origin: 65a0be5b-7a1e-4fec-a721-7cfd42906a43
x-amz-request-id: tx00000cfb3dc7893d2c9de-00655cf084-52421-nyc3d
x-do-orig-status: 200
etag: W/"2a5508f800cabcf25f182bf74c8d0b1d"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cache-control: public,max-age=10,s-maxage=86400
cf-ray: 829ad6d9894f431f-EWR

GET
H2 200 tailwind.css
duckx.relativity.software/ 4 MB
311 KB 42ms
41ms Stylesheet
text/css 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duckx.relativity.software/tailwind.css
Requested by: Host: duckx.relativity.software
URL: https://duckx.relativity.software/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4939f8e5252253b422384de5263533e54a6f7b92cac198a638b9a39bca3317bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duckx.relativity.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:01:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 15:58:53 GMT
server: cloudflare
x-do-app-origin: 65a0be5b-7a1e-4fec-a721-7cfd42906a43
x-amz-request-id: tx00000cb5a4310786c3558-00655cf084-52421-nyc3d
x-do-orig-status: 200
etag: W/"6ac95b92f6e2302c0c67d87e0404cb72"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cache-control: public,max-age=10,s-maxage=86400
cf-ray: 829ad6d98953431f-EWR

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
968 B 220ms
36ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap

Requested by

Host: duckx.relativity.software
URL: https://duckx.relativity.software/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe178c8c3c40bfe2dd09722ef070949b250e6c8353fe19b90b7c837a4a209138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duckx.relativity.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 18:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 17:23:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 18:01:40 GMT

GET
H2 200 script.js Show response
duckx.relativity.software/ 2 KB
780 B 33ms
33ms Script
text/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duckx.relativity.software/script.js
Requested by: Host: duckx.relativity.software
URL: https://duckx.relativity.software/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 266667af14a6bba9a9da9b2d1745054b291d07d42cdeb6092aa36c03debb5090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duckx.relativity.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:01:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 15:58:52 GMT
server: cloudflare
x-do-app-origin: 65a0be5b-7a1e-4fec-a721-7cfd42906a43
x-amz-request-id: tx000003241a95ea0a707a9-00655cf084-52421-nyc3d
x-do-orig-status: 200
etag: W/"ee763bdb743749b27fd735e526f19d3f"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: text/javascript; charset=utf-8
x-rgw-object-type: Normal
cache-control: public,max-age=10,s-maxage=86400
cf-ray: 829ad6d98955431f-EWR

GET
H2 200 heap-1364047861.js Show response
cdn.heapanalytics.com/js/ 114 KB
37 KB 227ms
153ms Script
application/javascript 3.160.22.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1364047861.js

Requested by

Host: duckx.relativity.software
URL: https://duckx.relativity.software/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-48.cmh68.r.cloudfront.net

Software

nginx / Express

Resource Hash

355c8a0edeaadb0764534c7bae1d547e3b9c7a00100880b524e1b5775a76a518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duckx.relativity.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:01:40 GMT
content-encoding: br
via: 1.1 a6eabcce56b55417b8ac9fcb21e00bf6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: CMH68-P3
x-powered-by: Express
etag: W/"1c869-82t0jFMic8AdD+NmT8ksZsPvEuc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cUTyvgIODgJoMYiHUV7SbdMs36K-wZofpKCZBPCwbSLlCdqmadl9tg==

GET
H2 200 PGFSL1771.webp
img2.svgdesigns.com/printart/xlarge/FSL_Studio/ 45 KB
45 KB 168ms
34ms Image
image/webp 192.26.145.25
ECSFI

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img2.svgdesigns.com/printart/xlarge/FSL_Studio/PGFSL1771.webp

Requested by

Host: duckx.relativity.software
URL: https://duckx.relativity.software/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.26.145.25 , United States, ASN53617 (ECSFI, US),

Reverse DNS

img2.annthegran.com

Software

Resource Hash

266ac07f9a892a76160c24849a252d87f177862675823e70c6a953f5d01e8a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duckx.relativity.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 18:01:40 GMT
last-modified: Thu, 06 Oct 2022 16:49:30 GMT
etag: "6e1779aa3d9d81:0"
content-type: image/webp
cache-control: max-age=432000
accept-ranges: bytes
content-length: 46315
x-xss-protection: 1; mode=block

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 94ms
20ms Image
image/gif 34.226.29.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1364047861&u=8155504000218190&v=4821517703150940&s=5987701921674942&b=web&tv=4.0&z=0&h=%2F&d=duckx.relativity.software&t=DUCKX%20Framework&ts=1700589700561&st=1700589700564

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.226.29.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-226-29-162.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://duckx.relativity.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 18:01:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| heap

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.duckx.relativity.software/	1970-01-20 16:23:11	Name: __cf_bm Value: CBj7PzmtJcivW8ULuibxake_NlHn8eARAhtwU_6s_Zc-1700589700-0-Abp02FxQb4GgFhL07TXANdQf3VnG/zjTdSifZxhrOzzapIqeCAu74RNsfL5LBwXtGUOe46wvYyIZW4jiYsIw5Ew=
.relativity.software/	1970-01-21 01:51:07	Name: _hp2_id.1364047861 Value: %7B%22userId%22%3A%228155504000218190%22%2C%22pageviewId%22%3A%224821517703150940%22%2C%22sessionId%22%3A%225987701921674942%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.relativity.software/	1970-01-20 16:23:11	Name: _hp2_ses_props.1364047861 Value: %7B%22ts%22%3A1700589700561%2C%22d%22%3A%22duckx.relativity.software%22%2C%22h%22%3A%22%2F%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
duckx.relativity.software
fonts.googleapis.com
heapanalytics.com
img2.svgdesigns.com
192.26.145.25
2607:f8b0:4020:807::200a
2a06:98c1:58::60
3.160.22.48
34.226.29.162
05c9f0a35872f42c48d77850f678224b2f27d8f7e0dae20d5de4df68b631429d
266667af14a6bba9a9da9b2d1745054b291d07d42cdeb6092aa36c03debb5090
266ac07f9a892a76160c24849a252d87f177862675823e70c6a953f5d01e8a96
355c8a0edeaadb0764534c7bae1d547e3b9c7a00100880b524e1b5775a76a518
4939f8e5252253b422384de5263533e54a6f7b92cac198a638b9a39bca3317bc
a376dbf34be9a1c63a98327cccf4e71fd01b43500323b5a44565debc4e14bd6a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
fe178c8c3c40bfe2dd09722ef070949b250e6c8353fe19b90b7c837a4a209138

duckx.relativity.software Open in urlscan Pro 2a06:98c1:58::60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

398 kBTransfer

4228 kBSize

3 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

duckx.relativity.software Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

398 kB
Transfer

4228 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions