urlscan.io logo urlscan.io
SecurityTrails logo

app.ducky.eco Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://account.ducky.no/
Effective URL: https://app.ducky.eco/
Submission: On July 27 via automatic, source certstream-suspicious — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is app.ducky.eco.
TLS certificate: Issued by WR3 on June 2nd 2024. Valid for: 3 months.
This is the only time app.ducky.eco was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:5b40:0:2... 12996 (DOMENESHO...)
7 199.36.158.100 54113 (FASTLY)
3 18.195.235.189 16509 (AMAZON-02)
3 2600:1901:0:c... 396982 (GOOGLE-CL...)
5 34.95.127.37 396982 (GOOGLE-CL...)
18 5
1    2a01:5b40:0:248::52 (Norway)

ASN12996 (DOMENESHOP Oslo, Norway, NO)
account.ducky.no
7    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
app.ducky.eco
3    18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
folketsfotavtrykk.matomo.cloud
3    2600:1901:0:cd35:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
sentry.ducky.eco
5    34.95.127.37 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 37.127.95.34.bc.googleusercontent.com
static.ducky.eco
Domain Requested by
7 app.ducky.eco app.ducky.eco
5 static.ducky.eco app.ducky.eco
3 sentry.ducky.eco app.ducky.eco
3 folketsfotavtrykk.matomo.cloud app.ducky.eco
folketsfotavtrykk.matomo.cloud
1 account.ducky.no 1 redirects
18 5

This site contains links to these domains. Also see Links.

Domain
support.ducky.eco
Subject Issuer Validity Valid
art.cosm.run
WR3		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.matomo.cloud
Amazon RSA 2048 M02		 2024-05-21 -
2025-06-19		 a year crt.sh
sentry.ducky.eco
WR3		 2024-07-06 -
2024-10-04		 3 months crt.sh
static.duckytest.no
WR3		 2024-06-13 -
2024-09-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.ducky.eco/
Frame ID: 817DD7BE7EFF046ED6F230700D2DEF5C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ducky

Page URL History Show full URLs

  1. https://account.ducky.no/ HTTP 301
    https://app.ducky.eco/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

835 kB
Transfer

3686 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account.ducky.no/ HTTP 301
    https://app.ducky.eco/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.ducky.eco/
Redirect Chain
  • https://account.ducky.no/
  • https://app.ducky.eco/
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08d3055303f529aa9e9be0cd00c6cfa03f72db81526e95536e7d2850c26e4c9b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1110
content-security-policy
default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
content-type
text/html; charset=utf-8
date
Sat, 27 Jul 2024 01:10:08 GMT
etag
"a92d5b01fc536ee8439384dfce57eeaa292737b12c09d984dbb752715bc3c7bd-br"
last-modified
Wed, 03 Jul 2024 09:11:43 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-bma1637-BMA
x-timer
S1722042608.183657,VS0,VE236
x-xss-protection
0

Redirect headers

cache-control
max-age=3600 public
content-type
text/html
date
Sat, 27 Jul 2024 01:10:08 GMT
expires
Sat, 27 Jul 2024 02:10:08 GMT
location
https://app.ducky.eco/
server
openresty
index-JE4o_sQn.js
app.ducky.eco/assets/ 		2 MB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ducky.eco/assets/index-JE4o_sQn.js
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5c19e7edc531bee9a91ba5f7801c45590a45c90a21833c522177fb5f70588ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.ducky.eco/
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Sat, 27 Jul 2024 01:10:08 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
292735
x-xss-protection
0
x-served-by
cache-bma1637-BMA
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 03 Jul 2024 09:11:43 GMT
x-timer
S1722042608.494187,VS0,VE1
etag
"769a24bd2177e889c3d13167f5dc02e084e9103896adf60f9bf33f7868febf22-br"
x-frame-options
DENY
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
index-bbsJi1WW.css
app.ducky.eco/assets/ 		131 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.ducky.eco/assets/index-bbsJi1WW.css
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2166202131806064b81d16077f5c9f18bd7c03ab9155082bb6408d0d7d7e30d8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.ducky.eco/
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Sat, 27 Jul 2024 01:10:08 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
51743
x-xss-protection
0
x-served-by
cache-bma1637-BMA
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 03 Jul 2024 09:11:43 GMT
x-timer
S1722042608.494011,VS0,VE1
etag
"f40bbd96cb185a2e2d0323e57eca6f8798644b36fda02f6522a0a6a37f1f53d5-br"
x-frame-options
DENY
vary
x-fh-requested-host, accept-encoding
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
matomo.js
folketsfotavtrykk.matomo.cloud/ 		202 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folketsfotavtrykk.matomo.cloud/matomo.js
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
CloudFront /
Resource Hash
7d1e4da46e65ade35e0017500907b2d3bc738bb33b10266f679f2113cc56861c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 01:10:08 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-amz-version-id
BWRK11psRU1DY8sc5k6qTQbwSWifjeXM
via
1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
2884
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 29 Apr 2024 00:49:22 GMT
server
CloudFront
etag
W/"5c359e1fa9398dc7248bc8740cc8eb49"
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200, max-age=691200
x-amz-cf-id
j4sEthQZExUCZdJaPoO4js5WC9Ist_fRsHW7LZO3RikXSscoQdTFHA==
expires
Sun, 04 Aug 2024 01:10:08 GMT
index-aJmJatVg.js
app.ducky.eco/assets/ 		423 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ducky.eco/assets/index-aJmJatVg.js
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af22f585d006371183b44f1416a64792dcf2fc3b1727431afc2678eab18e2b9c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.ducky.eco/assets/index-JE4o_sQn.js
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Sat, 27 Jul 2024 01:10:08 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
76906
x-xss-protection
0
x-served-by
cache-bma1679-BMA
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 03 Jul 2024 09:11:43 GMT
x-timer
S1722042609.815810,VS0,VE1
etag
"282f4f9cbd4c69b46de17a3868e7e9562b7864f37eabf55235b2c961c88591a0-br"
x-frame-options
DENY
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
/
sentry.ducky.eco/api/3/envelope/ 		2 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.ducky.eco/api/3/envelope/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.90.0
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:cd35:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Jul 2024 01:10:09 GMT
via
1.1 google
server
nginx
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
index_desktop-RFklly3g.js
app.ducky.eco/assets/ 		201 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ducky.eco/assets/index_desktop-RFklly3g.js
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f7137a7a7f8352be64b7322bf681586cab065222c2f048e1b2331b93f7df0bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Sat, 27 Jul 2024 01:10:08 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
39062
x-xss-protection
0
x-served-by
cache-bma1679-BMA
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 03 Jul 2024 09:11:43 GMT
x-timer
S1722042609.960849,VS0,VE1
etag
"500b5c00dd14017ebf0346de7b8972457709682080b141847bbc4194f41f0602-br"
x-frame-options
DENY
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
index-rZpp65Og.js
app.ducky.eco/assets/ 		593 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ducky.eco/assets/index-rZpp65Og.js
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be6853122d8d3f27d98e15f0242018482c17e94b7b25f23493bb4efd19b6c811
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Sat, 27 Jul 2024 01:10:08 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
147505
x-xss-protection
0
x-served-by
cache-bma1679-BMA
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 03 Jul 2024 09:11:43 GMT
x-timer
S1722042609.961425,VS0,VE1
etag
"9f06167e2fcf6e2bc04201a7f19d5253bed8fbb8f247a44bf8418e313259f79f-br"
x-frame-options
DENY
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
index.esm-__y3aVZU.js
app.ducky.eco/assets/ 		48 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ducky.eco/assets/index.esm-__y3aVZU.js
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
787a8c84e3a0147224a8532a65a570127f84d3a319a4ee33426a5aa91336b412
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.ducky.eco/assets/index-JE4o_sQn.js
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Sat, 27 Jul 2024 01:10:08 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7603
x-xss-protection
0
x-served-by
cache-bma1679-BMA
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 03 Jul 2024 09:11:43 GMT
x-timer
S1722042609.962023,VS0,VE1
etag
"834fdbc9d778ec613b17296677452d9fd29e90de24bbbbf29078b8eac286605b-br"
x-frame-options
DENY
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
/
sentry.ducky.eco/api/3/envelope/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.ducky.eco/api/3/envelope/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.90.0
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:cd35:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Jul 2024 01:10:09 GMT
via
1.1 google
server
nginx
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.ducky.eco/api/3/envelope/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.ducky.eco/api/3/envelope/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.90.0
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-JE4o_sQn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:cd35:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 Jul 2024 01:10:09 GMT
via
1.1 google
server
nginx
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
ducky.svg
static.ducky.eco/images/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ducky.eco/images/logos/ducky.svg
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0b783291eb140d87c44a2d84545fb52ce70f9a1a176ced614aba5008f5a4f792

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 01:10:09 GMT
age
0
x-guploader-uploadid
AHxI1nP-LrIWeG7FNw28Oi20b22RK-aiYe1256ResisokXmxvIZbqSGAAO8JrCSIwZl5KvcmAw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2742
last-modified
Mon, 20 Jun 2022 08:41:18 GMT
server
UploadServer
etag
"2d1628c3eff53ddb10cbf7ecac502988"
x-goog-generation
1655714478803818
x-goog-hash
crc32c=OthqTA==, md5=LRYow+/1PdsQy/fsrFApiA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
2742
accept-ranges
bytes
content-type
image/svg+xml
expires
Sat, 27 Jul 2024 02:10:09 GMT
goalsMet.png
static.ducky.eco/images/onboarding/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ducky.eco/images/onboarding/goalsMet.png
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07987b7ce3d3500d76e8c7b52b5b95279f2a7ed2dffb7ae2e594cc707df4db10

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 01:10:09 GMT
age
0
x-guploader-uploadid
AHxI1nPm96UpYcWWtnkmhcmTGDQYTRNB5edZMEKBIRZStwAYo-uuL1iserogVMGD-fzTO_7g12I
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53034
last-modified
Tue, 30 Nov 2021 13:51:37 GMT
server
UploadServer
etag
"ce47b1c47de225ec9d6ac042fb5eafa2"
x-goog-generation
1638280297910932
x-goog-hash
crc32c=1Abvsg==, md5=zkexxH3iJeydasBC+16vog==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
53034
accept-ranges
bytes
content-type
image/png
expires
Sat, 27 Jul 2024 02:10:09 GMT
truncated
/ 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f71133df52a01082a6d082dc0f396333b1b96cb0375ae1dc2032204d03044708

Request headers

Referer
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
montserrat_700_latin.woff2
static.ducky.eco/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ducky.eco/montserrat_700_latin.woff2
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-bbsJi1WW.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
645c0784ac4ab9adcbd53bde9bfa482963d141b5a5cd2f7029bcd2be102b7d8d

Request headers

Referer
https://app.ducky.eco/
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:27:28 GMT
age
142961
x-guploader-uploadid
AHxI1nNlzJw8YrX_g9kC9u6FF2dDcdYJSHcH33QEtutb4YmGCGD_fK6Z-cAn1rgCA-b4zw7GdXA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9764
x-goog-meta-
last-modified
Fri, 17 Apr 2020 08:31:41 GMT
server
UploadServer
etag
"6dcc7de2d33101dab10c0183ea7e34cb"
x-goog-generation
1587112301023269
x-goog-hash
crc32c=FMkkHQ==, md5=bcx94tMxAdqxDAGD6n40yw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
9764
accept-ranges
bytes
content-type
font/woff2
expires
Fri, 25 Jul 2025 09:27:28 GMT
montserrat_400_latin.woff2
static.ducky.eco/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ducky.eco/montserrat_400_latin.woff2
Requested by
Host: app.ducky.eco
URL: https://app.ducky.eco/assets/index-bbsJi1WW.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5e522f43408bc91ebda7ae4aadcf7e15d3e1100e221ed9f0aaec9608f2f18299

Request headers

Referer
https://app.ducky.eco/
Origin
https://app.ducky.eco
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 08:41:58 GMT
age
145691
x-guploader-uploadid
AHxI1nNAJYi97gV2DVewoB8L1rG6jowt2hH4Fnr5JH7APYGjytiuiRbVeQ6U1uEzsqiNboQKtA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
6
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9876
x-goog-meta-
last-modified
Fri, 17 Apr 2020 08:31:41 GMT
server
UploadServer
etag
"ed84557e7eb03eec50021c292369ac6e"
x-goog-generation
1587112301838424
x-goog-hash
crc32c=WZu5rw==, md5=7YRVfn6wPuxQAhwpI2msbg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
9876
accept-ranges
bytes
content-type
font/woff2
expires
Fri, 25 Jul 2025 08:41:58 GMT
matomo.php
folketsfotavtrykk.matomo.cloud/ 		0
213 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://folketsfotavtrykk.matomo.cloud/matomo.php?action_name=Ducky&idsite=6&rec=1&r=467914&h=3&m=10&s=9&url=https%3A%2F%2Fapp.ducky.eco%2Fregister&_id=&_idn=1&send_image=0&_refts=0&pv_id=iRKnqT&pf_net=114&pf_srv=282&pf_tfr=3&pf_dm1=21&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: folketsfotavtrykk.matomo.cloud
URL: https://folketsfotavtrykk.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://app.ducky.eco
date
Sat, 27 Jul 2024 01:10:09 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Proto,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
configs.php
folketsfotavtrykk.matomo.cloud/plugins/HeatmapSessionRecording/ 		116 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://folketsfotavtrykk.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=6&trackerid=UPqgBl&url=https%3A%2F%2Fapp.ducky.eco%2Fregister
Requested by
Host: folketsfotavtrykk.matomo.cloud
URL: https://folketsfotavtrykk.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0a4aa790be07ee7e59c749b8a6fc4bcb42cf4003e814a4e73fe0e2fddad6c7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 01:10:09 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
Apache
content-length
119
vary
X-Forwarded-Proto,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
ducky-app-icon-256.png
static.ducky.eco/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.ducky.eco/ducky-app-icon-256.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c66021e195e40982bbfd5505473aa1603c4c556ddd690f1f373a2b072136a525

Request headers

Referer
https://app.ducky.eco/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 01:10:09 GMT
x-guploader-uploadid
AHxI1nOLGaLtftca3pXECxanqa2V832TjjzG5oxXwB-7yBXk0h4T3OXpHXhhjLWmy4WOxRUxmWc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7693
last-modified
Fri, 17 Apr 2020 08:31:41 GMT
server
UploadServer
etag
"f6a07d8d86bdeece0be9dc478cc469cf"
x-goog-generation
1587112301901257
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=eaa0fw==, md5=9qB9jYa97s4L6dxHjMRpzw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
7693
accept-ranges
bytes
expires
Sat, 27 Jul 2024 02:10:09 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| _paq boolean| __vite_is_modern_browser object| __SENTRY__ object| Piwik object| Matomo object| matomoAbTestingCampaignUrlParamList object| AnalyticsTracker function| piwik_log

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'none'; connect-src 'self' https://api.ducky.eco https://api.duckytest.no https://dashboard.ducky.eco https://dashboard.duckytest.no https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://apis.google.com https://*.googleapis.com https://firebaseinstallations.googleapis.com https://fcmregistrations.googleapis.com https://securetoken.googleapis.com https://firebasestorage.googleapis.com https://*.cloudfunctions.net https://*.firebasedatabase.app wss://*.firebasedatabase.app https://*.googleusercontent.com https://graph.facebook.com https://folketsfotavtrykk.matomo.cloud https://sentry.ducky.eco; font-src 'unsafe-inline' 'unsafe-eval' data: https://static.ducky.eco; form-action 'none'; frame-src https://auth.duckytest.no https://auth.ducky.eco https://cdn.firebase.com https://*.firebaseio.com https://*.firebasedatabase.app https://folketsfotavtrykk.matomo.cloud; img-src blob: data: https://static.ducky.eco https://*.googleusercontent.com https://firebasestorage.googleapis.com; media-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://static.ducky.eco https://www.gstatic.com/firebasejs/ https://cdn.firebase.com https://*.firebaseio.com https://apis.google.com https://*.firebasedatabase.app https://connect.facebook.net https://folketsfotavtrykk.matomo.cloud; worker-src 'self'; upgrade-insecure-requests; report-uri https://sentry.ducky.eco/api/3/security/?sentry_key=2c3ac7bb77ab470a928eb7f1fa93e52b&sentry_environment=ducky-prod&sentry_release=local
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0