duckytheblog.com Open in urlscan Pro
2a06:2ec0:1::82 Public Scan

URL:
http://duckytheblog.com/
Submission: On October 14 via manual (October 14th 2019, 6:57:34 am UTC) from RO

Summary HTTP 27 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 27 HTTP transactions. The main IP is 2a06:2ec0:1::82, located in Netherlands and belongs to AS-ZXCS, NL. The main domain is duckytheblog.com.

This is the only time duckytheblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:2ec0:1::82 2a06:2ec0:1::82	206281 (AS-ZXCS) (AS-ZXCS)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0a	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1 2	3.225.87.211 3.225.87.211	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::681c:1cef	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	78.142.29.171 78.142.29.171	201133 (VERDINA) (VERDINA)
2	52.216.12.102 52.216.12.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
27	8

13 2a06:2ec0:1::82 (Netherlands)

ASN206281 (AS-ZXCS, NL)

duckytheblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4a0:1338:28::c38a:ff0a (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.87.211 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-87-211.compute-1.amazonaws.com

www.areyouabot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:1cef (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

bootstraplugin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.142.29.171 (Bulgaria)

ASN201133 (VERDINA, BG)

ogcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.12.102 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	duckytheblog.com duckytheblog.com	207 KB
4	gstatic.com fonts.gstatic.com	59 KB
4	ucarecdn.com ucarecdn.com	12 KB
2	amazonaws.com s3.amazonaws.com	65 KB
2	areyouabot.net 1 redirects www.areyouabot.net	15 KB
1	ogcdn.co ogcdn.co	3 KB
1	bootstraplugin.com bootstraplugin.com	478 B
1	googleapis.com fonts.googleapis.com	791 B
27	8

	Domain	Requested by
13	duckytheblog.com	duckytheblog.com
4	fonts.gstatic.com	duckytheblog.com
4	ucarecdn.com	duckytheblog.com
2	s3.amazonaws.com	duckytheblog.com
2	www.areyouabot.net	1 redirects duckytheblog.com
1	ogcdn.co	duckytheblog.com
1	bootstraplugin.com	duckytheblog.com
1	fonts.googleapis.com	duckytheblog.com
27	8

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ucarecdn.com Let's Encrypt Authority X3	`2019-10-02` - `2019-12-31`	3 months	crt.sh
*.areyouabot.net Let's Encrypt Authority X3	`2019-09-18` - `2019-12-17`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ogcdn.co cPanel, Inc. Certification Authority	`2019-08-25` - `2019-11-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://duckytheblog.com/
Frame ID: 2EB3715BC8681F0D25E10DA13131E081
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

27
Requests

41 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

360 kB
Transfer

1094 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/intl/en/policies/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/terms/
Title: Terms

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://www.areyouabot.net/captchalocker/js/captcha.js.php?id=c3198dc84ce950d022bc210a980876ac HTTP 301
https://www.areyouabot.net/captchalocker/js/captcha.js.php?id=c3198dc84ce950d022bc210a980876ac

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
duckytheblog.com/ 12 KB
4 KB 86ms
27ms Document
text/html 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: fea19b5346124391b6fc16c6a20905409437236f0004266415fbcebb7ef03466

Request headers

Host: duckytheblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 13 Oct 2019 22:08:20 GMT
ETag: "30ee-594d1fd318685-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3664
Keep-Alive: timeout=2, max=100
Content-Type: text/html

GET
H/1.1 200
OK dayparting.css
duckytheblog.com/assets/css/ 25 B
310 B 28ms
27ms Stylesheet
text/css 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/css/dayparting.css
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 5e4fc8affec7675996ec7a0adc5bcdea7d76c0ae9022a9829303881bee237dc0

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Last-Modified: Sun, 13 Oct 2019 21:05:44 GMT
Server: Apache/2
ETag: "19-594d11d577b2a"
Vary: User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 25

GET
H/1.1 200
OK bootstrap.min.css
duckytheblog.com/assets/css/ 118 KB
20 KB 59ms
36ms Stylesheet
text/css 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/css/bootstrap.min.css
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 21:05:44 GMT
Server: Apache/2
ETag: "1d970-594d11d5767a2-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=2, max=100
Content-Length: 19744

GET
H2 200 css
fonts.googleapis.com/ 6 KB
791 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:500|Roboto:400,700

Requested by

Host: duckytheblog.com
URL: http://duckytheblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

da0ac8630c6f5ea1d85974547ad031a99236fd18757b302816cec06cfe40e3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 14 Oct 2019 06:57:15 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 14 Oct 2019 06:57:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 14 Oct 2019 06:57:15 GMT

GET
H/1.1 200
OK header.gif
duckytheblog.com/img/ 34 KB
34 KB 51ms
26ms Image
image/gif 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://duckytheblog.com/img/header.gif
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: b744aa104db459e35a1c0d37ff60e5dafd9871b067bd1e30c647f3edf3dcdc9d

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Last-Modified: Sun, 13 Oct 2019 21:05:31 GMT
Server: Apache/2
ETag: "864e-594d11c886772"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=2, max=100
Content-Length: 34382

GET
H2 200 /
ucarecdn.com/0e9262b1-3ca6-43d8-a4ea-d38381825a62/ 1 KB
1 KB 58ms
19ms Image
image/png 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/0e9262b1-3ca6-43d8-a4ea-d38381825a62/
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0f38c4acad013646d5736bba9bcffa2889488f6bf9bb57a4701f4eb0274194dd

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:57:15 GMT
x-image-width: 48
last-modified: Tue, 15 Jan 2019 10:31:02 GMT
server: nginx
etag: "416c3148a767b20cb6f7fb5f35a06e76"
status: 200
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
content-disposition: inline; filename=emojis.png
cache-control: public, max-age=30617756
x-image-height: 16
accept-ranges: bytes
content-length: 1177

GET
H2 200 /
ucarecdn.com/c6a54110-1b6f-468a-9341-fbae28b00050/ 2 KB
2 KB 61ms
23ms Image
image/png 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/c6a54110-1b6f-468a-9341-fbae28b00050/
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 767ccfeb2af38a30e9dffabf00d6c35d6142de1c25dff94db57cec693408d3fd

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:57:15 GMT
x-image-width: 32
last-modified: Thu, 28 Mar 2019 11:01:26 GMT
server: nginx
etag: "893a5309dac52413eb9203853a9d75ab"
status: 200
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
content-disposition: inline; filename=5.png
cache-control: public, max-age=31391174
x-image-height: 32
accept-ranges: bytes
content-length: 1842

GET
H2 200 /
ucarecdn.com/183ff885-2eb0-4f81-9d6c-69598b7da9e2/ 6 KB
6 KB 64ms
27ms Image
image/jpeg 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/183ff885-2eb0-4f81-9d6c-69598b7da9e2/
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: da817d988ac08cc1f55b28f965dcaf3610edc8c9c8374c3a8c20e5c4172bacb4

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:57:15 GMT
x-image-width: 161
last-modified: Thu, 28 Mar 2019 11:02:00 GMT
server: nginx
etag: "03588382a0ecfa96385ee12889678a9f"
status: 200
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
content-disposition: inline; filename="images 14.48.21.jpg"
cache-control: public, max-age=31319360
x-image-height: 145
accept-ranges: bytes
content-length: 5942

GET
H2 200 /
ucarecdn.com/04146edd-55b6-44a4-802d-0c9b8010fbb3/ 2 KB
2 KB 55ms
18ms Image
image/png 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/04146edd-55b6-44a4-802d-0c9b8010fbb3/
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3b3d64a00a83e4fdd97bd4b1ea84a48cc8a871a58e7d257b3f315df1b09db6ba

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:57:15 GMT
x-image-width: 32
last-modified: Thu, 28 Mar 2019 11:02:46 GMT
server: nginx
etag: "408257536065d905e683c7b24f0d586c"
status: 200
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
content-disposition: inline; filename=4.png
cache-control: public, max-age=31319537
x-image-height: 32
accept-ranges: bytes
content-length: 1795

GET
H/1.1 200
OK jquery.js Show response
duckytheblog.com/assets/js/ 94 KB
33 KB 60ms
38ms Script
application/javascript 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/jquery.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 21:05:45 GMT
Server: Apache/2
ETag: "17629-594d11d61d782-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 33224

GET
H/1.1 200
OK dayparting.js Show response
duckytheblog.com/assets/js/ 282 B
555 B 51ms
28ms Script
application/javascript 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/dayparting.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 5f51c42c2bbef9dc9562e0a690bef42dc329d2731f93c59cd4adbfe964d223c8

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 21:05:45 GMT
Server: Apache/2
ETag: "11a-594d11d5f1092-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 182

GET
H/1.1 404
Not Found image-loader.js
duckytheblog.com/assets/js/ 0
0 50ms
26ms Script
text/html 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/image-loader.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Server: Apache/2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK redirect_button.js Show response
duckytheblog.com/assets/js/ 680 B
677 B 26ms
26ms Script
application/javascript 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/redirect_button.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1d6dd4282c16901348b33b0db6e4c1cc30a3cc48b1546e920dda35c28403e656

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 21:05:45 GMT
Server: Apache/2
ETag: "2a8-594d11d59dc8a-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 331

GET
H/1.1 200
OK gifts.js Show response
duckytheblog.com/assets/js/ 798 B
689 B 27ms
27ms Script
application/javascript 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/gifts.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 6d7b4fa77f3ef4b3cbd5cf33ecbb1f4954dce5eb5559545862c0cf7f583daced

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 21:05:45 GMT
Server: Apache/2
ETag: "31e-594d11d5cab4a-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 343

GET
H/1.1 200
OK moment-with-locales.js Show response
duckytheblog.com/assets/js/ 587 KB
98 KB 50ms
50ms Script
application/javascript 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/moment-with-locales.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 084bf23c28c8664178de2b74a7aad1b0a6e18decf75ef43034b4954ec6a63ffe

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 21:05:45 GMT
Server: Apache/2
ETag: "92ca3-594d11d601262-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99

GET
H/1.1 200
OK datei18n.js Show response
duckytheblog.com/assets/js/ 419 B
590 B 25ms
25ms Script
application/javascript 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/datei18n.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 775648dc3636a2841019546e8bf71ce2c01cd931efd71bd9a033e95becdc4769

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 21:05:44 GMT
Server: Apache/2
ETag: "1a3-594d11d58f22a-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 244

GET
H/1.1

200
OK

captcha.js.php Show response
www.areyouabot.net/captchalocker/js/
Redirect Chain

http://www.areyouabot.net/captchalocker/js/captcha.js.php?id=c3198dc84ce950d022bc210a980876ac
https://www.areyouabot.net/captchalocker/js/captcha.js.php?id=c3198dc84ce950d022bc210a980876ac

62 KB
14 KB

485ms
236ms

Script
application/javascript

3.225.87.211
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.areyouabot.net/captchalocker/js/captcha.js.php?id=c3198dc84ce950d022bc210a980876ac

Requested by

Host: duckytheblog.com
URL: http://duckytheblog.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.225.87.211 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-225-87-211.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

39a2a0499c19d3978fb0cdb0c9b2bd7d7242760eb5bda13f8b3ebb3a577cc75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.15.6
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://www.areyouabot.net/captchalocker/js/captcha.js.php?id=c3198dc84ce950d022bc210a980876ac
Date: Mon, 14 Oct 2019 06:57:15 GMT
Server: nginx/1.15.6
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1 206
Partial Content selected.mp3
duckytheblog.com/ 16 KB
17 KB 27ms
26ms Media
audio/mpeg 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/selected.mp3
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: d0497e885f5d563264afbc9f58bdffe45d67c6fca8a767f8d11c64d3b212d5d3

Request headers

Referer: http://duckytheblog.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Last-Modified: Sun, 13 Oct 2019 22:02:15 GMT
Server: Apache/2
ETag: "41af-594d1e7717035"
Content-Type: audio/mpeg
Content-Range: bytes 0-16814/16815
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 16815

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: duckytheblog.com
URL: http://duckytheblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Oswald:500|Roboto:400,700
Origin: http://duckytheblog.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 08:23:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 340435
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11020
x-xss-protection: 0
expires: Fri, 09 Oct 2020 08:23:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: duckytheblog.com
URL: http://duckytheblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Oswald:500|Roboto:400,700
Origin: http://duckytheblog.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 17:55:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 219720
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11016
x-xss-protection: 0
expires: Sat, 10 Oct 2020 17:55:15 GMT

GET
H/1.1 404
Not Found image-loader.js
duckytheblog.com/assets/js/ 0
0 27ms
27ms Script
text/html 2a06:2ec0:1::82
AS-ZXCS

General

Check archive.org

Show headers Download Go to

Full URL: http://duckytheblog.com/assets/js/image-loader.js
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2a06:2ec0:1::82 , Netherlands, ASN206281 (AS-ZXCS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:15 GMT
Server: Apache/2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK p.php Show response
bootstraplugin.com/ 0
478 B 409ms
371ms Script
text/html 2606:4700:30::681c:1cef
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://bootstraplugin.com/p.php?id=148
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1cef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

CF-RAY: 5257a87c7c3ccbb0-VIE
Date: Mon, 14 Oct 2019 06:57:16 GMT
Via: 1.1 vegur
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip

GET
H2 200 ft7ei84.png
ogcdn.co/captcha/ 3 KB
3 KB 227ms
51ms Image
image/png 78.142.29.171
VERDINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogcdn.co/captcha/ft7ei84.png
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.142.29.171 , Bulgaria, ASN201133 (VERDINA, BG),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9463786261a387907ed51538e899bd31f84ebbdf03daa7e5da9d43cc46934998

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 06:57:15 GMT
last-modified: Fri, 20 Jul 2018 17:31:11 GMT
server: LiteSpeed
content-type: image/png
status: 200
cache-control: public, max-age=604800
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 2746
expires: Mon, 21 Oct 2019 06:57:15 GMT

GET
H2 200 d-6IYplOFocCacKzxwXSOKCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/roboto/v15/ 32 KB
19 KB 6ms
5ms Font
font/ttf 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/d-6IYplOFocCacKzxwXSOKCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Host: duckytheblog.com
URL: http://duckytheblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3cb931c2dba3dff0f6a52eca6a58452e345c08b6b110662f9834fc75b9dc4a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://duckytheblog.com/
Origin: http://duckytheblog.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421311
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18807
x-xss-protection: 0
last-modified: Wed, 14 Jan 2015 22:48:06 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Oct 2020 09:55:25 GMT

GET
H2 200 zN7GBFwfMP4uA6AR0HCoLQ.ttf
fonts.gstatic.com/s/roboto/v15/ 32 KB
18 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/zN7GBFwfMP4uA6AR0HCoLQ.ttf

Requested by

Host: duckytheblog.com
URL: http://duckytheblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://duckytheblog.com/
Origin: http://duckytheblog.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 15:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226765
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18754
x-xss-protection: 0
last-modified: Wed, 14 Jan 2015 22:47:37 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 15:57:51 GMT

GET
H/1.1 200
OK blue-circle-anim.png
s3.amazonaws.com/cdn.mobverify.com/www/captchalocker/img/ 40 KB
40 KB 267ms
254ms Image
image/png 52.216.12.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/cdn.mobverify.com/www/captchalocker/img/blue-circle-anim.png
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 52.216.12.102 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a400af8238d0f566dcf56df3bee13e9a9569a4f83d96d9f87cb21570159ebf3

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:17 GMT
Last-Modified: Tue, 01 Aug 2017 12:30:00 GMT
Server: AmazonS3
x-amz-request-id: 40786A1186E02E20
ETag: "49bd08cd53728de289de465ef0cb5e37"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 40705
x-amz-id-2: I4qqkDiAdpUIM2UvrayZEzLg8rawrEQDHPQU56ZgFasKFCTomrAVxn5o/Xi0u1OU8v6GULBiI+0=

GET
H/1.1 200
OK blue-circle-loading-anim.png
s3.amazonaws.com/cdn.mobverify.com/www/captchalocker/img/ 24 KB
24 KB 265ms
253ms Image
image/png 52.216.12.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/cdn.mobverify.com/www/captchalocker/img/blue-circle-loading-anim.png
Requested by: Host: duckytheblog.com
URL: http://duckytheblog.com/
Protocol: HTTP/1.1
Server: 52.216.12.102 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cf89ad061ef8d8649c454d83e3295b58c1e58b4eec14e0975b43b941adfd015c

Request headers

Referer: http://duckytheblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 14 Oct 2019 06:57:17 GMT
Last-Modified: Tue, 01 Aug 2017 12:30:00 GMT
Server: AmazonS3
x-amz-request-id: 99F7EEE998C6A469
ETag: "a2f9e6044f6b3999b7bd2d1e8f4d2fa2"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 24724
x-amz-id-2: 4y1QDNJk2SYqqZBfoknDfczfQUKalAJ0z3y5hMX8Xx5htTDY53yMeqaXLTNLGa+7nZOE3YcrYTc=

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bootstraplugin.com
duckytheblog.com
fonts.googleapis.com
fonts.gstatic.com
ogcdn.co
s3.amazonaws.com
ucarecdn.com
www.areyouabot.net
2606:4700:30::681c:1cef
2a00:1450:4001:817::200a
2a00:1450:4001:825::2003
2a01:4a0:1338:28::c38a:ff0a
2a06:2ec0:1::82
3.225.87.211
52.216.12.102
78.142.29.171
084bf23c28c8664178de2b74a7aad1b0a6e18decf75ef43034b4954ec6a63ffe
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f38c4acad013646d5736bba9bcffa2889488f6bf9bb57a4701f4eb0274194dd
1d6dd4282c16901348b33b0db6e4c1cc30a3cc48b1546e920dda35c28403e656
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
39a2a0499c19d3978fb0cdb0c9b2bd7d7242760eb5bda13f8b3ebb3a577cc75b
3b3d64a00a83e4fdd97bd4b1ea84a48cc8a871a58e7d257b3f315df1b09db6ba
3cb931c2dba3dff0f6a52eca6a58452e345c08b6b110662f9834fc75b9dc4a4f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e4fc8affec7675996ec7a0adc5bcdea7d76c0ae9022a9829303881bee237dc0
5f51c42c2bbef9dc9562e0a690bef42dc329d2731f93c59cd4adbfe964d223c8
6d7b4fa77f3ef4b3cbd5cf33ecbb1f4954dce5eb5559545862c0cf7f583daced
767ccfeb2af38a30e9dffabf00d6c35d6142de1c25dff94db57cec693408d3fd
775648dc3636a2841019546e8bf71ce2c01cd931efd71bd9a033e95becdc4769
8a400af8238d0f566dcf56df3bee13e9a9569a4f83d96d9f87cb21570159ebf3
9463786261a387907ed51538e899bd31f84ebbdf03daa7e5da9d43cc46934998
967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5
b744aa104db459e35a1c0d37ff60e5dafd9871b067bd1e30c647f3edf3dcdc9d
cf89ad061ef8d8649c454d83e3295b58c1e58b4eec14e0975b43b941adfd015c
d0497e885f5d563264afbc9f58bdffe45d67c6fca8a767f8d11c64d3b212d5d3
da0ac8630c6f5ea1d85974547ad031a99236fd18757b302816cec06cfe40e3a3
da817d988ac08cc1f55b28f965dcaf3610edc8c9c8374c3a8c20e5c4172bacb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fea19b5346124391b6fc16c6a20905409437236f0004266415fbcebb7ef03466

duckytheblog.com Open in urlscan Pro 2a06:2ec0:1::82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

41 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

8 IPs

4 Countries

360 kBTransfer

1094 kBSize

0 Cookies

2 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

0 Cookies

Indicators

duckytheblog.com Open in urlscan Pro
2a06:2ec0:1::82 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

41 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

360 kB
Transfer

1094 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions