urlscan.io logo urlscan.io
SecurityTrails logo

duckbot.org Open in urlscan Pro
172.67.189.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://duckbot.org/
Effective URL: https://duckbot.org/
Submission: On April 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 172.67.189.116, located in United States and belongs to CLOUDFLARENET, US. The main domain is duckbot.org.
TLS certificate: Issued by E1 on April 17th 2024. Valid for: 3 months.
This is the only time duckbot.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 172.67.189.116 13335 (CLOUDFLAR...)
4 142.250.186.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 4
Apex Domain
Subdomains		 Transfer
7 duckbot.org
duckbot.org
94 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
208 KB
14 2
Domain Requested by
7 duckbot.org duckbot.org
4 pagead2.googlesyndication.com duckbot.org
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
14 3

This site contains links to these domains. Also see Links.

Domain
discord.gg
discord.com
Subject Issuer Validity Valid
duckbot.org
E1		 2024-04-17 -
2024-07-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://duckbot.org/
Frame ID: BCDE59F4F0CDEACCF03870894C4EA1F8
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4668989842378662&output=html&adk=1812271804&adf=3025194257&lmt=1713585276&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fduckbot.org%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713719571552&bpp=2&bdt=148&idt=226&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5087778364173&frm=20&pv=2&ga_vid=245438221.1713719572&ga_sid=1713719572&ga_hid=439263676&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329717%2C31082890%2C31082143%2C95321867&oid=2&pvsid=4084924399948952&tmod=571504727&uas=0&nvt=1&fsapi=1&fc=1920&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=238
Frame ID: 7F9774E8A3CF5031050557EFB164B5F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5EE1247C6A35A8609BAEE63BDF74467
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Duckbot

Page URL History Show full URLs

  1. http://duckbot.org/ HTTP 307
    https://duckbot.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

14
Requests

93 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

302 kB
Transfer

693 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://duckbot.org/ HTTP 307
    https://duckbot.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
duckbot.org/
Redirect Chain
  • http://duckbot.org/
  • https://duckbot.org/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://duckbot.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b9964ebba463e8be1308b9fbeb5936ab7d40d9b40121238e731d79d331c27e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
877f0058aac35b3e-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Apr 2024 17:12:51 GMT
last-modified
Sat, 20 Apr 2024 03:54:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2FYfPOfRWPqI9mU11W5qfJTQA9yLoMgHKqpW%2BTS09xnMt%2FQehYGhPwME5%2B9%2Ftybrzklpsy%2FnYnVAfC7N9bg4IkzyFItDSpvz0OLvtdMj6QaMigmgV2KJ%2FciL9TQgKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://duckbot.org/
Non-Authoritative-Reason
HttpsUpgrades
style.css
duckbot.org/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://duckbot.org/style.css
Requested by
Host: duckbot.org
URL: https://duckbot.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bc1bb567df497356724208c9b11f97494782860a67b9abe449ea7b28cd2bab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Feb 2024 04:10:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65deb251-2989"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCEUVYobJYM6WC8T9nHWdZPZp669GlU6p7HXwTTjtckN9OxaN3oqYf8f5T9LgAJRIb8w6%2FcFE%2FBJS3WrI2A9ycd2NT2OwWsamVTbpqrGYhrQRPh0UJl8Q2s9UEc9Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
877f00595b605b3e-FRA
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4668989842378662
Requested by
Host: duckbot.org
URL: https://duckbot.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
12d969e4a18d362c39554ac31ec4972ee0bca4b8000ed3270c06d546435d9e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Origin
https://duckbot.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50870
x-xss-protection
0
server
cafe
etag
2104583535215044175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 21 Apr 2024 17:12:51 GMT
favicon.png
duckbot.org/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckbot.org/favicon.png
Requested by
Host: duckbot.org
URL: https://duckbot.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff77363b94e23ba140bea5655a6f2d16e07ae8b482f09d5ec0c6419923c1d8e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:51 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Feb 2024 04:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65deb250-88c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxvmauAOrQf2LjwHzq3HBRnrE9KmUXTctbtBt01v1vg4afmZ4lsXoEY%2Byu%2BK7Ggdry7H5PkQd2HY8KvCwOETwfUJkRdn2m1guwEZgmEQAS%2BvNvQk5xaLzQFV39ubaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
877f00595b625b3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
2188
placeholder.jpg
duckbot.org/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckbot.org/placeholder.jpg
Requested by
Host: duckbot.org
URL: https://duckbot.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182ea0d5a9323a007ff64daa18a0ec6510f288c19a6b4d826adc342c2969e42a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:51 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Feb 2024 04:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65deb250-d16f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YN5MHgrsuNbmOfjg0e1ZDrqTFevFMsWJ%2FQAx04K4p3T23T4tejvOuKx8V8WbCUFzLXREEPEN%2Fk0pZE43xiFpoIf2fi9G7nqrW7c9HyLy2QjzAybIY2vz68PoJYvLEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
877f00595b645b3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
53615
email-decode.min.js
duckbot.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duckbot.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: duckbot.org
URL: https://duckbot.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Apr 2024 15:45:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"661e9d00-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=foWkKh%2BO9kMR9sH%2FvRLve6hsI%2BGipexFsF6KrXI%2BMAJBuGpHLsTdTJc9UCTJPy2H9JTw%2FfXzbJHwy71cZQOVDsoAQJyS7bia1XV3qdppdHoNgiODPHKp%2F2Qa%2FUWrYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
877f00596b725b3e-FRA
expires
Tue, 23 Apr 2024 17:12:51 GMT
gotham-webfont.woff2
duckbot.org/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://duckbot.org/gotham-webfont.woff2
Requested by
Host: duckbot.org
URL: https://duckbot.org/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aab0e44901361c2b9b1933542202e803e1a56cca8a6177d52d1ce889c856a06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/style.css
Origin
https://duckbot.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:51 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Feb 2024 04:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65deb250-7e38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2vddltxXyBWg%2FKc6gIqi%2FwhnCmSrEGN1uo5aTFx0F0I%2BtyBVKxDsSiiCsS7%2FQvDhJRQv0J2OuqWT%2FB58Dm%2FdWwAGaeiWRHaM9BgSrFE2NUrsivsV14yemt3m9hRYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
877f005a3c265b3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
32312
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/ 		412 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4668989842378662&plah=duckbot.org&aplac=true&bust=31082890
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4668989842378662
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
12c461dec32e416d597bf0714c3760bd0462ecf80e9b20787ae601ceb5dbe067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142910
x-xss-protection
0
server
cafe
etag
3376453256729008226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Apr 2024 17:12:51 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 7F97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4668989842378662&output=html&adk=1812271804&adf=3025194257&lmt=1713585276&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x945_r&format=0x0&url=https%3A%2F%2Fduckbot.org%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713719571552&bpp=2&bdt=148&idt=226&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5087778364173&frm=20&pv=2&ga_vid=245438221.1713719572&ga_sid=1713719572&ga_hid=439263676&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95329717%2C31082890%2C31082143%2C95321867&oid=2&pvsid=4084924399948952&tmod=571504727&uas=0&nvt=1&fsapi=1&fc=1920&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=238
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4668989842378662&plah=duckbot.org&aplac=true&bust=31082890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://duckbot.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Apr 2024 17:12:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240417&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4668989842378662&plah=duckbot.org&aplac=true&bust=31082890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6a1ea7e9696e03e358ec23496aefe2debb699599a5457a3ac66f3febcb6995af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12296
x-xss-protection
0
favicon.ico
duckbot.org/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://duckbot.org/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c11ff9ab2067422f6d45c9115c3abdab0c2c6cce8549009a46647309fe92a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Feb 2024 04:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65deb250-10be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfGV5m7AVcTwc2Uqj2gsAAsrK9kexvT2xS3IL%2BCIdMuKgDTan%2F2xfR2k%2Fn6ZR%2B7L0BbReoBH2NLP75Q9tDm4XqCkcfcJvQ3B1a9qtQ5yR%2Fvv%2F4gXdHifZ2I5DugmBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
877f005d2e7c5b3e-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4668989842378662&plah=duckbot.org&aplac=true&bust=31082890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://duckbot.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 17:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 17:12:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://duckbot.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
3214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Apr 2024 16:19:18 GMT
expires
Mon, 21 Apr 2025 16:19:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240417&jk=4084924399948952&bg=!7e6l7qHNAAZ55ZTXWeU7ADQBe5WfONNaAcx9HhpLl7-LCnAYvNT4XycGfVsn99nHSgptYVgPVnJAB4NfFlEWzStjjL8UAgAAACdSAAAAA2gBB34ANUMHpssnCWCmR33y5PUA4utzfZxTevz1zfkZ7yVprv2R_JqsJHFXet1TyUO7wJgIUwCDO_xamQLOr10uEzKM1DNvB4WfVotTe3qlZWIAbQTI07k1KPxO3sVzLEcXbV4ddupS78umqIzUlA93nKum-xha0d_XDUs66Voxf9_VE-ASnbuy_fgJ1Y3epBWAhwIP5ODt5N6N_dYsmsy4y0a9287Lc1uuOYraNHSYXC02vmN120FKV-g0l9c21TO6idQF-8KhsgBUjud3AciCVgoNq1SGuF9zElkbnPcykSzaJ15N_x45e0ou5MaW09rquJxYqxruZri2x47xbiGpEUvDCWwqBeLMUV7PA_PykwGZ_jd3bd0luPwsWOdfBWvQjIiZ5K6vp-dhWJGp0rKe29Ia9_ttWndOQNLJfHrDcEPCFpAPxsfmT8aeIlJTpy2tMWQ7JTYLUGpHSy9v9d81bgTBuj0cn8pQA2nXC0_RTvwbsi7CVW0E0AvjQi-Olfi81UtU1pIRn18JFylm6jgvD2N9JqqAVawsx35Ipsz3lCrPEd2vHQX-aobh2CsymwmpCpfQjIiYML4fnkOPzFiYYGBTf7TSAdGygspDX-BxmW4Qz1lU6LmS7ZsGciw2Qg5eZTznEUd9ZbDlgQrJ52jIuW1K6pe-kz_6gqNSnyd0BtwtZTjzaulSvzZdZEB4l0jc_lqkELpkgxUtgCOMpNEESAGeWmaRTh2RYjFSvcL_b5YueldqMi6yk-Qlb7pwk9a2dtCXXd79LKkPx559hBaws8w2_8yz_epMLXZx6fGhRqCtpNh72cz5NidPuIhXp38qJyWPFQ08GIx4mANVimIXgVJGF-rLDo8FqWXnpXnnEBwYf-wCQmgXNARNwYmhSmvn3N1m5pUjfeAaoD_KQW6szEp2Yc7TTRcx2b5Mr8Gc2UnptjD2glzfOOFwiBKjI9DxSMxAVt3v-EtMUqo7sPo3qcTwDs6xWD11kkwZKbjpGx2BFVY6M6yrWmvNn8LSYAD__Yy4Olw47YcT9g

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

0 Cookies