urlscan.io logo urlscan.io
SecurityTrails logo

www.duckyluck.ag Open in urlscan Pro
172.67.73.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/
Effective URL: https://www.duckyluck.ag/auth/registration/
Submission: On June 08 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 172.67.73.52, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.duckyluck.ag.
TLS certificate: Issued by GTS CA 1P5 on May 30th 2024. Valid for: 3 months.
This is the only time www.duckyluck.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 31.133.223.169 50245 (SERVEREL-AS)
10 172.67.73.52 13335 (CLOUDFLAR...)
3 35.71.187.51 16509 (AMAZON-02)
2 104.17.2.184 13335 (CLOUDFLAR...)
17 4
Apex Domain
Subdomains		 Transfer
13 duckyluck.ag
www.duckyluck.ag
fp.duckyluck.ag
179 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4303
14 KB
1 betlnk.cc
betlnk.cc
243 B
17 3
Domain Requested by
10 www.duckyluck.ag www.duckyluck.ag
3 fp.duckyluck.ag www.duckyluck.ag
fp.duckyluck.ag
2 challenges.cloudflare.com www.duckyluck.ag
challenges.cloudflare.com
1 betlnk.cc 1 redirects
17 4

This site contains no links.

Subject Issuer Validity Valid
duckyluck.ag
GTS CA 1P5		 2024-05-30 -
2024-08-28		 3 months crt.sh
fp.slotsandcasino.ag
Amazon RSA 2048 M02		 2024-03-17 -
2025-04-15		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.duckyluck.ag/auth/registration/
Frame ID: 31ED227E921D2FA4AB3C02C2E295F49E
Requests: 16 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y5dta/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 72105452744D8D9491023CFFCCB17CA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Even geduld...

Page URL History Show full URLs

  1. http://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/ HTTP 307
    https://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/ HTTP 302
    https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5... Page URL
  2. https://www.duckyluck.ag/auth/registration/ HTTP 307
    https://www.duckyluck.ag/auth/registration/ Page URL

Page Statistics

17
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

193 kB
Transfer

587 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/ HTTP 307
    https://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/ HTTP 302
    https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460 Page URL
  2. https://www.duckyluck.ag/auth/registration/ HTTP 307
    https://www.duckyluck.ag/auth/registration/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/ HTTP 307
  • https://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/ HTTP 302
  • https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.duckyluck.ag/aff/16572375/reg/
Redirect Chain
  • http://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/
  • https://betlnk.cc/go/b3d410f73f1f426bcc71e4242aaa9b3e365b64d1eb0a0b0b/
  • https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
835 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec9de21e03914c8a692165421475a2503cb39fd0a1942c53e56554501041b66

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
89055fc3497b9b70-FRA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 08 Jun 2024 02:15:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmTippuB2i13yeoITlFRGKgA30lUix5oDV9gNM5dIc9Hb53tVxlXkkNAN4J85OfwjpP6qVYtj1Ws6qevIMUH07jEmd0rdAJeRUxgrWU4Ukl%2BF%2BpPZnS%2FscQkiEsCnzvqTFI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-ww
1

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 08 Jun 2024 02:15:25 GMT
location
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
server
nginx
loading.svg
www.duckyluck.ag/themes/duckyluck.com/cas_01/img/ 		1 KB
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duckyluck.ag/themes/duckyluck.com/cas_01/img/loading.svg?1650938489.9062
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2097465d38d043abc6bf138576a458cee2e2daaed9916f16df4c89023ecdce52

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 02:01:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6113
etag
W/"62675279-53d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvUNIxoXkWgEbJRXZ%2FNjpVdw5TwxjHd7mYbeN%2BoRc4dt7WfdoPy0gzuxBFCQwAhEyQfgLpIrxRFsa4rNjjcpzc904msq44CVzjLhhq51A6OzYNqy%2FrWQyMkxrF2zW9DD%2Bhg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
x-ww
1
cf-ray
89055fc77c769b70-FRA
wwtrkr.js
www.duckyluck.ag/static/js/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duckyluck.ag/static/js/wwtrkr.js?1707257501.1522
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ccecf102cadfda3d5d61e1b3191b2aef1a0a7841613664d9d538122adb236

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Feb 2024 22:11:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268915
etag
W/"65c2ae9d-6368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXINVZh92On79gDrZ2G4rpLuCTYaJOrC3uJeTNpYH4%2FQwPFWsAdzHY8pz0OeEqr2QTXU0lbjoBUdQ64AZNEpEg15ncDnTys%2BzUox48Nnbfpiihk5fzZ6%2FBLlHeyBPUlaAxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
89055fc77c789b70-FRA
expires
Thu, 04 Jul 2024 23:33:31 GMT
u5EzKBurjCrFx3pv8DLS
fp.duckyluck.ag/web/v3/ 		122 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.duckyluck.ag/web/v3/u5EzKBurjCrFx3pv8DLS
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/static/js/wwtrkr.js?1707257501.1522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.187.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1ae3036f3ddb9a09.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash
1b83b789110c68d4dc7417016b5e7a01682039418cd38efc64b4b8a727fb69fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.duckyluck.ag/
Origin
https://www.duckyluck.ag
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
awselb/2.0
etag
W/"LwfmtUEIDB8FUwDN6/NC1fm7qc0"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3525, s-maxage=611446
cross-origin-resource-policy
cross-origin
x-robots-tag
noindex
timing-allow-origin
*
content-length
45501
favicon.ico
www.duckyluck.ag/ 		548 B
481 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.duckyluck.ag/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:27 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FVuKwBl37Fcp%2FI%2Fb%2FT85ZCaFKtAGar5y0BloPlX5TLBlKpPmxSxnctLKUc012pEb3BhOgFgb%2F%2BrkALafm4HNIZSlJTHG%2FKaFu9SMKo3WnW6Je7Q28PRmLEDEJEwvt2Ep9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
89055fc8cd3b9b70-FRA
C_
fp.duckyluck.ag/OHU8/j6SM64/4ycKil/ 		96 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.duckyluck.ag/OHU8/j6SM64/4ycKil/C_?q=u5EzKBurjCrFx3pv8DLS
Requested by
Host: fp.duckyluck.ag
URL: https://fp.duckyluck.ag/web/v3/u5EzKBurjCrFx3pv8DLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.187.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1ae3036f3ddb9a09.awsglobalaccelerator.com
Software
/
Resource Hash
258fb7c288c7255ccb16eadc1239e13119deccc1ad873d6dba5b38b401a716a9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.duckyluck.ag/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:27 GMT
content-security-policy
default-src 'none'; frame-ancestors 'none'
referrer-policy
no-referrer
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-frame-options
DENY
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Retry-After
cache-control
max-age=31536000, immutable, private
timing-allow-origin
*
x-robots-tag
noindex
content-length
96
/
fp.duckyluck.ag/ 		368 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.duckyluck.ag/?ci=js/3.9.8&q=u5EzKBurjCrFx3pv8DLS&ii=fingerprint-pro-custom-subdomain/1.0.0/procdn
Requested by
Host: fp.duckyluck.ag
URL: https://fp.duckyluck.ag/web/v3/u5EzKBurjCrFx3pv8DLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.187.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1ae3036f3ddb9a09.awsglobalaccelerator.com
Software
/
Resource Hash
0a8cd63a4dabe69444ee4adb984b9dd00ab05247d88042b4703884e0f9789b5d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.duckyluck.ag/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 08 Jun 2024 02:15:28 GMT
content-security-policy
default-src 'none'; frame-ancestors 'none'
referrer-policy
no-referrer
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
vary
Origin
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
https://www.duckyluck.ag
access-control-expose-headers
Retry-After
access-control-allow-credentials
true
timing-allow-origin
*
content-length
368
/
www.duckyluck.ag/trkr/analytics/ 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duckyluck.ag/trkr/analytics/?user_hash=rKsZpyhEup0MQO6u2GLY&mobile=0&scr=1600X1200&os=Windows&os_version=10&browser=Chrome&browser_version=125.0.0.0&referrer=&landing_page=https%3A%2F%2Fwww.duckyluck.ag%2Faff%2F16572375%2Freg%2F%3Fclick_id%3Db3d410f76663bebdc8e26734230924%26sub_id%3D258738%26ct%3D5201460&page_title=&language=nl-NL&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F125.0.0.0+Safari%2F537.36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6q65Ev5Zqx8YBiohug71uaSWcP7PnfdpC2CDxPBPw%2Fna1%2BJXIrOMFN6D61Fjq5Obgr3IkK1aDrS204I4Nlz8Q9TmQWHeXGuKXAWM47%2FfeeMFqeVetL73epOvseC2V0RGfKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-ww
1
cf-ray
89055fd5abd79b70-FRA
/
www.duckyluck.ag/trkr/affiliates/ 		95 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duckyluck.ag/trkr/affiliates/?user_hash=rKsZpyhEup0MQO6u2GLY&affiliate_id=16572375&ref_hash=&click_tag=5201460&click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&btag=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CILmvac766GqW2CnZpg%2FQmmNyM1NMLOfuH1m2SPTga4zt7EKJfe9%2FYpzAfrb%2BQS8el3wXlCYbRwBhMmhRaifgyFjwcsdBVnVhZc1XHENQrjJeyjWOdZlE1BvE50iits1yA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-ww
1
cf-ray
89055fd5abd89b70-FRA
Primary Request /
www.duckyluck.ag/auth/registration/
Redirect Chain
  • https://www.duckyluck.ag/auth/registration/
  • https://www.duckyluck.ag/auth/registration/
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.duckyluck.ag/auth/registration/
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aadce0c8c99e85efa646f9f4b8dc7d925e32747555fc8f3264e5fe4f6365d55
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.duckyluck.ag/aff/16572375/reg/?click_id=b3d410f76663bebdc8e26734230924&sub_id=258738&ct=5201460
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
MZsnOM5mSVz7ir3rp2/FFogYTuxDn/ar1r0mkNahDYroUHynSdDhnHkjzC48S5zOKuHI2ftZ23bkJA2GpfvtXH+29gpfgAiSsFNMY2PYFlFWX0i596mqNoERPE8pfmLlWsMri6UeAojcuZW0Feao+Q==$1xmd8KuolFKGhU7dSgYepQ==
cf-mitigated
challenge
cf-ray
89055fd8fd629b70-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 08 Jun 2024 02:15:29 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akXraHulgPxZBS8jerC9uEixSnz6x22QUGZnmqPWRGqL6qFqS7Ie6C7bKGz7m%2FhZIWrEeNz60FaUxF%2BFBm6%2BF9tvpWgU0BgkmtLgxYm7l1UKzvc9wvfWkclZuIRuyaWwtXk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://www.duckyluck.ag/auth/registration/
v1
www.duckyluck.ag/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		364 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.duckyluck.ag/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89055fd8fd629b70
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/auth/registration/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e70ff793c919fbf7a5bc1e1f0f15784626f64537848c711eb45d901eef0a937

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.141"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.duckyluck.ag/auth/registration/?__cf_chl_rt_tk=OPjPJg._g6E88QHRAJhjj6WYTJkb04egg9ySx.vM.8E-1717812929-0.0.1.1-4095
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:29 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALqXMcwfcOjP0sgvBCripUVTUQaM%2FwteCBvpoN%2FN36EZxIPLp9XpSegbnLUIs0ydD9fATo6wfYp%2F4OFTS9GtsjONtkvI3ZhCK0Wfc2Rqt1Qfy8ZvQDDlqvcuW%2BqT6Z6V9MM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89055fd9edb59b70-FRA
api.js
challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89055fd8fd629b70
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://www.duckyluck.ag
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:29 GMT
content-encoding
br
last-modified
Thu, 06 Jun 2024 21:04:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
89055fdaab61193c-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
www.duckyluck.ag/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duckyluck.ag/favicon.ico
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/auth/registration/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.141"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.duckyluck.ag/auth/registration/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:27 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FVuKwBl37Fcp%2FI%2Fb%2FT85ZCaFKtAGar5y0BloPlX5TLBlKpPmxSxnctLKUc012pEb3BhOgFgb%2F%2BrkALafm4HNIZSlJTHG%2FKaFu9SMKo3WnW6Je7Q28PRmLEDEJEwvt2Ep9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
89055fc8cd3b9b70-FRA
b73f79ee-ce98-44b9-af62-b86c9ab786a2
https://www.duckyluck.ag/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.duckyluck.ag/b73f79ee-ce98-44b9-af62-b86c9ab786a2
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/auth/registration/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.duckyluck.ag/auth/registration/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
37a0de380246af7
www.duckyluck.ag/cdn-cgi/challenge-platform/h/g/flow/ov1/1767907026:1717809074:ZL8u_LadotUEHfQpO_V9Wa4Eo0aHTmoxWsoxjtTq4Po/89055fd8fd629b70/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.duckyluck.ag/cdn-cgi/challenge-platform/h/g/flow/ov1/1767907026:1717809074:ZL8u_LadotUEHfQpO_V9Wa4Eo0aHTmoxWsoxjtTq4Po/89055fd8fd629b70/37a0de380246af7
Requested by
Host: www.duckyluck.ag
URL: https://www.duckyluck.ag/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89055fd8fd629b70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20afd98beb8fd6cbf8e4ceb1e24be8184a6b58ab7fa6c4770b1c586b0f367c1b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"125.0.6422.141"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.duckyluck.ag/auth/registration/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
37a0de380246af7
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 02:15:29 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuV10xP7k3dPUbHUOo13hjatDOreSqpR99QgNFSpIWGHEJdMNpbGg2awV0uKL1chkflxGQfO0AstO6830N9cemrL%2Fb%2BG3hVnEt3czQMKlhGvZmaj%2BrE1WJcr4ih9ozyPTuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
89055fdb8e819b70-FRA
cf-chl-gen
fSlmytu5vBCYPS1T/tjFn93SorxCV9W5LUOpKz+J1f/OMrCk84nX8IY5v+ynd6OA$V2lw4eW9Mj1a3yEDAnHsoQ==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y5dta/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 7210 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/y5dta/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89055fe9ca4e03f4-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 02:15:32 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
9ea111a5-eb0f-4bce-9ddf-8f04ec8f5a8a
https://www.duckyluck.ag/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.duckyluck.ag/9ea111a5-eb0f-4bce-9ddf-8f04ec8f5a8a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.duckyluck.ag/auth/registration/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| OZxW4 boolean| xUuJ3 function| Hbleq2 function| gnIE8 function| OGjdC1 function| KTENW1 function| gjwQJ1 function| kwsq6 object| krDY8 object| vWLFN5 object| IsRt4 number| vcXU0 object| angular object| turnstile boolean| vTyI7 string| NCyjN1

6 Cookies

Domain/Path Name / Value
.betlnk.cc/ Name: uid
Value: b3d410f76663bebdc8e26734230924
.duckyluck.ag/ Name: aff
Value: 16572375%3Ab3d410f76663bebdc8e26734230924%3A258738
.duckyluck.ag/ Name: aff_pxf
Value: all
.duckyluck.ag/ Name: _iidt
Value: SgQ42KZHcmFDRxUce6fw2e0LjWELnshOxtxydaZkr4DL1oIjkBlw0GDgmB+B4cR/x5oZl8Jmv5zKzw==
.duckyluck.ag/ Name: _vid_t
Value: ZgIVlXVmCK6Gnayure+9a6VVWv/H93Y0JPtpXv3YAnqtuP3NILhRKZWqw1Sk6j6HEb+6iEA6aYBGUw==
.duckyluck.ag/ Name: visitor
Value: rKsZpyhEup0MQO6u2GLY

5 Console Messages

Source Level URL
Text
network error URL: https://www.duckyluck.ag/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.duckyluck.ag/auth/registration/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.duckyluck.ag/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()