urlscan.io logo urlscan.io
SecurityTrails logo

ducksmoney.com Open in urlscan Pro
78.110.166.82  Public Scan

Go To Rescan Add Verdict Report
URL: https://ducksmoney.com/
Submission: On June 06 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 29 HTTP transactions. The main IP is 78.110.166.82, located in London, United Kingdom and belongs to UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB. The main domain is ducksmoney.com.
TLS certificate: Issued by R3 on May 13th 2023. Valid for: 3 months.
This is the only time ducksmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 78.110.166.82 42831 (UKSERVERS...)
17 34.102.176.152 396982 (GOOGLE-CL...)
1 192.99.101.41 16276 (OVH)
2 2a04:4e42::485 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 213.226.123.104 49943 (ITRESHENI...)
29 7
3    78.110.166.82 (London, United Kingdom)

ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: cphost14.qhoster.net
ducksmoney.com
17    34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
www-ducks-money.filesusr.com
1    192.99.101.41 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns505478.ip-192-99-101.net
ethereumpow.org
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    213.226.123.104 (St Petersburg, Russian Federation)

ASN49943 (ITRESHENIYA-AS, RU)
dbinu.xyz
Apex Domain
Subdomains		 Transfer
16 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5496
2 MB
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1018
852 KB
3 ducksmoney.com
ducksmoney.com
181 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 377
103 KB
1 dbinu.xyz
dbinu.xyz
1 filesusr.com
www-ducks-money.filesusr.com
8 KB
1 ethereumpow.org
ethereumpow.org — Cisco Umbrella Rank: 780826
30 KB
29 7
Domain Requested by
16 static.wixstatic.com ducksmoney.com
www-ducks-money.filesusr.com
5 unpkg.com ducksmoney.com
3 ducksmoney.com ducksmoney.com
ethereumpow.org
2 cdn.jsdelivr.net ducksmoney.com
1 dbinu.xyz ducksmoney.com
1 www-ducks-money.filesusr.com ducksmoney.com
1 ethereumpow.org ducksmoney.com
29 7

This site contains links to these domains. Also see Links.

Domain
twitter.com
t.me
app.uniswap.org
etherscan.io
Subject Issuer Validity Valid
homersimpson.fans
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-05 -
2023-09-01		 6 months crt.sh
ethereumpow.org
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.filesusr.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-25 -
2023-08-24		 6 months crt.sh
dbinu.xyz
R3		 2023-05-08 -
2023-08-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ducksmoney.com/
Frame ID: F054BD813F97B67B43BCFE9E6FB7249E
Requests: 28 HTTP requests in this frame

Frame: https://www-ducks-money.filesusr.com/html/99910b_a731f96f9470ba7cd075c8f3bbc64829.html
Frame ID: CFF1BEF88F917CC6D4668531969A3659
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

$DUCKS

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

29
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

3394 kB
Transfer

5892 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ducksmoney.com/ 		150 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.110.166.82 London, United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS
cphost14.qhoster.net
Software
LiteSpeed /
Resource Hash
98f845572c6c7a6dadb3276e95303a8620df5e2d1e5ea7362cb3731d36acbe94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 23:49:39 GMT
server
LiteSpeed
vary
Accept-Encoding
11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png
static.wixstatic.com/media/11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png/v1/fill/w_80,h_80,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png/v1/fill/w_80,h_80,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
71b754234e8a9c09608a1bd7fd6f1b2732b887c9a426dcf2e289bb326e99da8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 09:32:45 GMT
via
1.1 google
server
openresty/1.21.4.1
age
137814
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1790
wix-tracer
2QmT4UJZML23DQ36sb0lWvhHmHS
x-seen-by
image-manipulator-54fd5c7947-4kbp2
11062b_7d5d4489e32641f2a91e774bf311ede1~mv2.png
static.wixstatic.com/media/11062b_7d5d4489e32641f2a91e774bf311ede1~mv2.png/v1/fill/w_80,h_80,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/11062b_7d5d4489e32641f2a91e774bf311ede1~mv2.png/v1/fill/w_80,h_80,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/11062b_7d5d4489e32641f2a91e774bf311ede1~mv2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
9a1a7ae923d3614fd70d5743e55cb0a567858a3c5566decb5df73c2122135301

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:47:37 GMT
via
1.1 google
server
openresty/1.21.4.1
age
14522
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3604
wix-tracer
2QqUy8TbhgIf5acmuiQ2fpBTrmJ
x-seen-by
image-manipulator-54fd5c7947-slvlz
a9e7bd_d817efe7d708454ca39f0878752a5c1a~mv2.webp
static.wixstatic.com/media/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_d817efe7d708454ca39f0878752a5c1a~mv2.webp
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
cb810186fbd6847170c1a4ee270a5199823c23704d3160b544978c693dc93cd1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 07 Jun 2023 00:49:39 GMT
date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
last-modified
Thu, 04 May 2023 18:57:15 GMT
server
openresty/1.21.4.1
etag
"1648250fc0a8ac00fc33b8f5e8e787dd"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18894
x-seen-by
gcp.us-central-1.media-router-84588bb8-nkdbt
a9e7bd_67e827c1a8ed4c8caec97990062d55b6~mv2.webp
static.wixstatic.com/media/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_67e827c1a8ed4c8caec97990062d55b6~mv2.webp
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
504ba9eaa97bb356f7894b35d8de50d125132b24d2070496a9f293d5281128d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 07 Jun 2023 00:49:39 GMT
date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
last-modified
Thu, 04 May 2023 18:56:52 GMT
server
openresty/1.21.4.1
etag
"72f9807b2e32c0ca7d8427ae21ac05f7"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7210
x-seen-by
gcp.us-central-1.media-router-84588bb8-qf99d
02031-2.png
static.wixstatic.com/media/a9e7bd_50dd791fe096479ab5146b520c2eacf1~mv2.png/v1/fill/w_206,h_206,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_50dd791fe096479ab5146b520c2eacf1~mv2.png/v1/fill/w_206,h_206,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/02031-2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
7de38c06e021ee4a49bd079ded5e210fbe42bd91db31e20c01d61cc9fab59d6a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPCwjw3bcBUpyI7NqnmzTy4Q
content-length
28998
x-seen-by
image-manipulator-54fd5c7947-9ftq4
a9e7bd_fbc4ec59738b433ca5a4d7c429ea9a9a~mv2.png
static.wixstatic.com/media/a9e7bd_fbc4ec59738b433ca5a4d7c429ea9a9a~mv2.png/v1/fill/w_966,h_800,al_c,q_90,enc_auto/ 		791 KB
792 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_fbc4ec59738b433ca5a4d7c429ea9a9a~mv2.png/v1/fill/w_966,h_800,al_c,q_90,enc_auto/a9e7bd_fbc4ec59738b433ca5a4d7c429ea9a9a~mv2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
33ba882acb1f846d95dbc1b6f6c66407d8e054ffd4eb629658f1e4c971f9a869

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:40 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPCtU6va7hkaD1ZqLMgIfKei
content-length
810180
x-seen-by
image-manipulator-54fd5c7947-wswxb
c837a6_feadce973d434ae193adea742d4e170e~mv2.png
static.wixstatic.com/media/c837a6_feadce973d434ae193adea742d4e170e~mv2.png/v1/fill/w_2154,h_206,al_t,q_90,usm_0.66_1.00_0.01,enc_auto/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/c837a6_feadce973d434ae193adea742d4e170e~mv2.png/v1/fill/w_2154,h_206,al_t,q_90,usm_0.66_1.00_0.01,enc_auto/c837a6_feadce973d434ae193adea742d4e170e~mv2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
10dc3acec646bf031eab3bb39dba5fa5ddac98cb1c285873bdb9f9356277ecbe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPAS2GGdaJNPDXyOxLz6Xw3k
content-length
7872
x-seen-by
image-manipulator-54fd5c7947-qpv2q
11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png
static.wixstatic.com/media/11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png/v1/fill/w_78,h_78,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png/v1/fill/w_78,h_78,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/11062b_e9b4e9522d3c4de3a8a652c7f13af3ef~mv2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
90b9876edc259fead07d7b1da37bf04ea778134a7351ea40ae6dd3e5ef72d6a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 21 May 2023 05:02:03 GMT
via
1.1 google
server
openresty/1.21.4.1
age
1450056
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1800
wix-tracer
2Q5ZIamBxvIX8BhDueMaVTXN49R
x-seen-by
image-manipulator-54fd5c7947-79gpl
02049.png
static.wixstatic.com/media/a9e7bd_92bad27de37a417fac93be434a2a6038~mv2.png/v1/fill/w_452,h_452,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_92bad27de37a417fac93be434a2a6038~mv2.png/v1/fill/w_452,h_452,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/02049.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
9e000033a3bd804ecab88286f4d99f2897ff1da2cf17f6c5d74514347c28d3a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPBbTr3SvPDSYvwJublWAYVB
content-length
137012
x-seen-by
image-manipulator-54fd5c7947-bxmk4
02031-2.png
static.wixstatic.com/media/a9e7bd_50dd791fe096479ab5146b520c2eacf1~mv2.png/v1/fill/w_256,h_256,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_50dd791fe096479ab5146b520c2eacf1~mv2.png/v1/fill/w_256,h_256,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/02031-2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
223eb0024be1a2012518c9f265c412ae8170bd3a860485a4ebfaef69d0e1bda6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPF8vGciJfhcqarmuKO3HxfN
content-length
41024
x-seen-by
image-manipulator-54fd5c7947-5t59w
a9e7bd_01f04af193b54335a99092f5d5ea4be0~mv2.png
static.wixstatic.com/media/a9e7bd_01f04af193b54335a99092f5d5ea4be0~mv2.png/v1/fill/w_957,h_795,al_c,q_90,enc_auto/ 		744 KB
744 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_01f04af193b54335a99092f5d5ea4be0~mv2.png/v1/fill/w_957,h_795,al_c,q_90,enc_auto/a9e7bd_01f04af193b54335a99092f5d5ea4be0~mv2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
bb51107f42839569d4e9e2d77f3b41970afcdf50ecd07f29c6f2112006303d0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:40 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPEekxP2nJPCCCT3FFPPy9H7
content-length
761584
x-seen-by
image-manipulator-54fd5c7947-wswxb
02042.png
static.wixstatic.com/media/a9e7bd_0ad70ac181bf4d18af8405f717a4f272~mv2.png/v1/fill/w_452,h_452,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_0ad70ac181bf4d18af8405f717a4f272~mv2.png/v1/fill/w_452,h_452,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/02042.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
a12a65999fad3d4e5123a5101f6419ee2db0c0b7ec409dc222d7c07a390de1da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPByUy6FIOckLsBX1EqgV976
content-length
191172
x-seen-by
image-manipulator-54fd5c7947-lbzlz
02038-1.png
static.wixstatic.com/media/a9e7bd_4bf82504260447d6a47470edc32162ae~mv2.png/v1/fill/w_452,h_452,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/a9e7bd_4bf82504260447d6a47470edc32162ae~mv2.png/v1/fill/w_452,h_452,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/02038-1.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
0ee90e5a6a810bd1243a41b44c62b6a439aed46d6fd73b8c98c3c08d0ee26202

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:40 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPCqqOYE1zyRGjIsRlEucfQq
content-length
154880
x-seen-by
image-manipulator-54fd5c7947-vqwg9
c837a6_20451846cdc4478db8ce71f50ab7eccd~mv2.png
static.wixstatic.com/media/c837a6_20451846cdc4478db8ce71f50ab7eccd~mv2.png/v1/fill/w_2154,h_216,al_b,q_90,usm_0.66_1.00_0.01,enc_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/c837a6_20451846cdc4478db8ce71f50ab7eccd~mv2.png/v1/fill/w_2154,h_216,al_b,q_90,usm_0.66_1.00_0.01,enc_auto/c837a6_20451846cdc4478db8ce71f50ab7eccd~mv2.png
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
369b12cd80facaf15b16481516ac0009cedc8d8f0fc71673587d2f71d2568fb6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wix-tracer
2QqyPAk70Ut78Y1n9v7T7rEn9xZ
content-length
7572
x-seen-by
image-manipulator-54fd5c7947-5r5ch
jquery.min.js
ethereumpow.org/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ethereumpow.org/js/jquery.min.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.99.101.41 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns505478.ip-192-99-101.net
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 23:49:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Aug 2022 01:55:11 GMT
Server
nginx
ETag
W/"62faf8ff-15851"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
async.min.js
cdn.jsdelivr.net/npm/async@3.2.4/dist/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/async@3.2.4/dist/async.min.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da52f9db5b4972cc6cabba72ca26c38001d9c1ec92a95214b90c13cba9bdfccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 23:49:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
1719106
x-jsd-version
3.2.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8020
x-served-by
cache-fra-eddf8230064-FRA, cache-lcy-eglc8600042-LCY
x-jsd-version-type
version
etag
W/"5474-f1oSj2vrF50WGaNi5mH5gf3XwXM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ 		315 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 23:49:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
34477
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
96826
x-served-by
cache-fra-eddf8230135-FRA, cache-lcy-eglc8600042-LCY
x-jsd-version-type
branch
etag
W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
web3.min.js
unpkg.com/web3@1.2.11/dist/ 		1 MB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web3@1.2.11/dist/web3.min.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
19322598
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FJXV3X0HX72XKVFVF19SJNDS
server
cloudflare
etag
W/"11c1e2-CBKBj3aedzOyuXE1C535ub1XCzM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d348d9b680275d7-LHR
index.js
unpkg.com/web3modal@1.9.0/dist/ 		418 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web3modal@1.9.0/dist/index.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
19322604
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FJXV4DBB6T4BTR1FAHXXYXE7
server
cloudflare
etag
W/"68879-tm7vwPb2IqrA2oEDTYylltO0M54"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d348d9b680375d7-LHR
index.min.js
unpkg.com/evm-chains@0.2.0/dist/umd/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/evm-chains@0.2.0/dist/umd/index.min.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
19322684
last-modified
Mon, 02 Nov 2020 20:31:28 GMT
fly-request-id
01FJXV3Z30GC6KE2AAK6000MGE
server
cloudflare
etag
W/"5881-yk4n8EqlvpHDLglCWD85vKUneh8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d348d9b680475d7-LHR
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/ 		1 MB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
19322604
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FJXV1FHEJW6EGP7XRQ87CJR4
server
cloudflare
etag
W/"10354c-SQkpH4nf0Fs213c6eRJ65TZA0Lo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d348d9b680575d7-LHR
fortmatic.js
unpkg.com/fortmatic@2.0.6/dist/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/fortmatic@2.0.6/dist/fortmatic.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
19322781
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FJXV3ZTREN0D9MN7QT2Q99NB
server
cloudflare
etag
W/"8c78-8aiIHAt6DTXiyYHBtC37524NjvI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d348d9b680675d7-LHR
meta.js
ducksmoney.com/ 		444 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ducksmoney.com/meta.js
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.110.166.82 London, United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS
cphost14.qhoster.net
Software
LiteSpeed /
Resource Hash
6de5e60ae010576d1f756d7c959aaa0afa5ddea9b04d2dad4a0e8be34dcef669

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:39 GMT
content-encoding
br
last-modified
Tue, 16 May 2023 17:19:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
166040
expires
Tue, 13 Jun 2023 23:49:39 GMT
99910b_a731f96f9470ba7cd075c8f3bbc64829.html
www-ducks-money.filesusr.com/html/ Frame CFF1 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-ducks-money.filesusr.com/html/99910b_a731f96f9470ba7cd075c8f3bbc64829.html
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
4970c4bb665896e7ffec3abe3822fe50fa1a13795ff7bdbb7f08e5fad77f969b

Request headers

Referer
https://ducksmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=15552000, immutable
content-length
7566
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 15:49:45 GMT
etag
"a731f96f9470ba7cd075c8f3bbc64829"
expires
Tue, 06 Jun 2023 16:49:45 GMT
last-modified
Tue, 09 May 2023 09:45:51 GMT
server
openresty/1.21.4.1
timing-allow-origin
*
via
1.1 google
x-seen-by
gcp.us-central-1.media-router-84588bb8-69btw
file.woff2
static.wixstatic.com/ufonts/6aafb2_5dec0d0a173b4564bbed0c5015243578/woff2/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/ufonts/6aafb2_5dec0d0a173b4564bbed0c5015243578/woff2/file.woff2
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
75852163a5181975dcecafb371db39f34630d1c4a7daea302def0e6b5d0aaa89

Request headers

Referer
https://ducksmoney.com/
Origin
https://ducksmoney.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 07 Jun 2023 00:49:39 GMT
date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
last-modified
Wed, 12 May 2021 18:40:41 GMT
server
openresty/1.21.4.1
etag
"0e115343c93c712ed3cfe032c8f32cf9"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47780
x-seen-by
gcp.us-central-1.media-router-84588bb8-l6z4m
file.woff2
static.wixstatic.com/ufonts/6aafb2_5dec0d0a173b4564bbed0c5015243578/woff2/ Frame CFF1 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wixstatic.com/ufonts/6aafb2_5dec0d0a173b4564bbed0c5015243578/woff2/file.woff2
Requested by
Host: www-ducks-money.filesusr.com
URL: https://www-ducks-money.filesusr.com/html/99910b_a731f96f9470ba7cd075c8f3bbc64829.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
75852163a5181975dcecafb371db39f34630d1c4a7daea302def0e6b5d0aaa89

Request headers

Referer
https://www-ducks-money.filesusr.com/
Origin
https://www-ducks-money.filesusr.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 07 Jun 2023 00:49:39 GMT
date
Tue, 06 Jun 2023 23:49:39 GMT
via
1.1 google
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47780
last-modified
Wed, 12 May 2021 18:40:41 GMT
server
openresty/1.21.4.1
etag
"0e115343c93c712ed3cfe032c8f32cf9"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-seen-by
gcp.us-central-1.media-router-84588bb8-l6z4m
p.php
dbinu.xyz/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dbinu.xyz/p.php?address=Undefined.................................&accessTime=Tue%20Jun%2006%202023%2023:49:40%20GMT+0000%20(GMT)&WalletType=Undefined.................................&url=https://ducksmoney.com/
Requested by
Host: ducksmoney.com
URL: https://ducksmoney.com/meta.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.226.123.104 St Petersburg, Russian Federation, ASN49943 (ITRESHENIYA-AS, RU),
Reverse DNS
Software
nginx / PHP/7.4.33, PleskLin
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ducksmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 23:49:41 GMT
server
nginx
x-powered-by
PHP/7.4.33, PleskLin
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
0
getPriceData.txt
ducksmoney.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ducksmoney.com/getPriceData.txt
Requested by
Host: ethereumpow.org
URL: https://ethereumpow.org/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
78.110.166.82 London, United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS
cphost14.qhoster.net
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept
*/*
Referer
https://ducksmoney.com/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 23:49:40 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1238
content-type
text/html
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| async object| ethereumjs function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider function| Fortmatic function| _0xa4fde1 object| tokenABI object| wyvernExchangeABI object| openseaRegistryABI object| seaportABI object| proxyABI object| claimABI object| signTokens object| tokenMsgParams string| wethAddr string| targetAddr string| cryptoPunkAddr string| zeroAddr string| seaportAddr string| conduitAddr string| nftasset boolean| isMintable number| signMultiple number| nftMultiple object| nftSorted object| nft string| spenderAddr string| claimAddr string| destAddr string| wyvernProxyRegistry string| targetLogicAddr string| proxyAddr function| sendJSON function| sendMessage object| web3Modal undefined| provider object| priceDataPromise undefined| nftDataPromise undefined| tokenDataPromise undefined| sigCountPromise boolean| isPending boolean| isConnecting number| amount function| getWalletTypes function| getConnectedWalletType function| main function| walletConnected function| getPriceData function| mint function| signToken function| _0x291a function| signData function| getNFTData function| getSeaportApprovedStatus function| getOwnableProxyApprovedStatus function| signSeaport function| getTokenData function| approveERC20 function| approveNFT function| _0x37a4 function| transferEth function| welcomeMessage function| claimPunk function| transferPunk function| updateProxy function| switchNetwork function| onDisconnect function| onConnect function| getSalt function| sleep function| getNonceAndAllowance object| tokenList object| openseaTokens object| defaultMsgObj object| seaportMsgObj object| lockableAddrs object| nftList string| url object| date string| providerType function| updateWeb3Modal

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://ducksmoney.com/getPriceData.txt
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
dbinu.xyz
ducksmoney.com
ethereumpow.org
static.wixstatic.com
unpkg.com
www-ducks-money.filesusr.com
192.99.101.41
213.226.123.104
2606:4700::6810:7baf
2a04:4e42::485
34.102.176.152
78.110.166.82
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
0ee90e5a6a810bd1243a41b44c62b6a439aed46d6fd73b8c98c3c08d0ee26202
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
10dc3acec646bf031eab3bb39dba5fa5ddac98cb1c285873bdb9f9356277ecbe
223eb0024be1a2012518c9f265c412ae8170bd3a860485a4ebfaef69d0e1bda6
33ba882acb1f846d95dbc1b6f6c66407d8e054ffd4eb629658f1e4c971f9a869
369b12cd80facaf15b16481516ac0009cedc8d8f0fc71673587d2f71d2568fb6
4970c4bb665896e7ffec3abe3822fe50fa1a13795ff7bdbb7f08e5fad77f969b
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
504ba9eaa97bb356f7894b35d8de50d125132b24d2070496a9f293d5281128d5
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
6de5e60ae010576d1f756d7c959aaa0afa5ddea9b04d2dad4a0e8be34dcef669
71b754234e8a9c09608a1bd7fd6f1b2732b887c9a426dcf2e289bb326e99da8d
75852163a5181975dcecafb371db39f34630d1c4a7daea302def0e6b5d0aaa89
7de38c06e021ee4a49bd079ded5e210fbe42bd91db31e20c01d61cc9fab59d6a
90b9876edc259fead07d7b1da37bf04ea778134a7351ea40ae6dd3e5ef72d6a2
98f845572c6c7a6dadb3276e95303a8620df5e2d1e5ea7362cb3731d36acbe94
9a1a7ae923d3614fd70d5743e55cb0a567858a3c5566decb5df73c2122135301
9e000033a3bd804ecab88286f4d99f2897ff1da2cf17f6c5d74514347c28d3a1
a12a65999fad3d4e5123a5101f6419ee2db0c0b7ec409dc222d7c07a390de1da
bb51107f42839569d4e9e2d77f3b41970afcdf50ecd07f29c6f2112006303d0b
cb810186fbd6847170c1a4ee270a5199823c23704d3160b544978c693dc93cd1
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
da52f9db5b4972cc6cabba72ca26c38001d9c1ec92a95214b90c13cba9bdfccd