duup.top Open in urlscan Pro
45.83.192.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://duup.top/
Submission Tags: @phish_report
Submission: On November 15 via api (November 15th 2023, 9:12:31 pm UTC) from FI — Scanned from FI

Summary HTTP 95 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 95 HTTP transactions. The main IP is 45.83.192.64, located in Rotterdam, Netherlands and belongs to VPS-UA-AS, UA. The main domain is duup.top.

This is the only time duup.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	45.83.192.64 45.83.192.64	56851 (VPS-UA-AS) (VPS-UA-AS)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	34.107.149.195 34.107.149.195	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 1	52.48.41.58 52.48.41.58	16509 (AMAZON-02) (AMAZON-02)
1	34.253.164.210 34.253.164.210	16509 (AMAZON-02) (AMAZON-02)
3	34.107.173.171 34.107.173.171	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6812:1c93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223d:d000:8:cf94:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
5	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
95	18

14 45.83.192.64 (Rotterdam, Netherlands)

ASN56851 (VPS-UA-AS, UA)
PTR: 64.192.83.45.eushared11.twinservers.net

duup.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.149.195 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 195.149.107.34.bc.googleusercontent.com

webtrafficsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.41.58 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-41-58.eu-west-1.compute.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.164.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-164-210.eu-west-1.compute.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.173.171 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.173.107.34.bc.googleusercontent.com

consentag.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1c93 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.widgets.webengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsdk-files.webengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:d000:8:cf94:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

z71680627.webengage.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	duup.top duup.top	177 KB
7	ctnsnet.com cdn.ctnsnet.com — Cisco Umbrella Rank: 24800 i.ctnsnet.com — Cisco Umbrella Rank: 5849	2 KB
5	webtrafficsource.com webtrafficsource.com — Cisco Umbrella Rank: 59332	772 B
3	consentag.eu consentag.eu — Cisco Umbrella Rank: 31062	10 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	30 KB
2	webengage.com cdn.widgets.webengage.com wsdk-files.webengage.com — Cisco Umbrella Rank: 29245	90 KB
2	omguk.com 1 redirects track.omguk.com — Cisco Umbrella Rank: 35193	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 377	854 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	142 KB
1	google.fi www.google.fi — Cisco Umbrella Rank: 34851	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	343 B
1	webengage.co z71680627.webengage.co	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
0	Failed function sub() { [native code] }. Failed
95	17

	Domain	Requested by
14	duup.top	duup.top
5	i.ctnsnet.com	consentag.eu
5	webtrafficsource.com	duup.top webtrafficsource.com
3	consentag.eu	www.googletagmanager.com consentag.eu cdnjs.cloudflare.com
2	cdn.ctnsnet.com	consentag.eu
2	cdnjs.cloudflare.com	consentag.eu
2	track.omguk.com	1 redirects duup.top
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	duup.top connect.facebook.net
2	px.ads.linkedin.com	duup.top
2	www.googletagmanager.com	duup.top www.googletagmanager.com
1	www.google.fi	duup.top
1	www.google.com	duup.top
1	wsdk-files.webengage.com	z71680627.webengage.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	z71680627.webengage.co	cdn.widgets.webengage.com
1	www.facebook.com	duup.top
1	cdn.widgets.webengage.com	duup.top
0	adlpodnneegcnbophopdmhedicjbcgco Failed	duup.top client
95	19

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-25` - `2023-11-23`	3 months	crt.sh
webtrafficsource.com GTS CA 1D4	`2023-11-11` - `2024-02-09`	3 months	crt.sh
consentag.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-15` - `2024-06-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
webengage.co Amazon RSA 2048 M02	`2023-06-04` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.cdn77.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.ctnsnet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-11-10`	a year	crt.sh
webengage.com Cloudflare Inc ECC CA-3	`2023-03-23` - `2024-03-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 16 frames:

Primary Page: http://duup.top/
Frame ID: AA4EA1AE6AA73056F7E9B0369D6509D4
Requests: 72 HTTP requests in this frame

Frame: http://duup.top/black_files/anchor.html
Frame ID: 22D2D4BEA7ECB4FD3A68A3204038F6E2
Requests: 3 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource.html
Frame ID: AF4D7018B1AA19E6B2D92CE1CC9BF296
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/popup_silent.html
Frame ID: CECB4F712837553CA35724F46EC46259
Requests: 3 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource(1).html
Frame ID: 351C94AC940F3536D4677D081C5632F4
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/up.html
Frame ID: 4D2238123FCF7D939E19DB1AAB31147D
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/bframe.html
Frame ID: DB3CC4302CE4858D5F66E0EDFD5F833D
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource(2).html
Frame ID: D792029C2720CAFF2130783EDAC9F164
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource(3).html
Frame ID: 219FC565B45F988DEB681E1E69D99232
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource(4).html
Frame ID: 86485A262C14D15BEE7A44FF3E4E1585
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource(5).html
Frame ID: EFE5A09B8491A8C2C1F5DEA8C30A73D2
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource(6).html
Frame ID: AE88D908E37EB005CBC473738006032A
Requests: 1 HTTP requests in this frame

Frame: http://duup.top/black_files/blank.html
Frame ID: 7C9BBB796CCFC9E78E59234FF73D8335
Requests: 1 HTTP requests in this frame

Frame: https://consentag.eu/public/3.0.1/popup_silent.html
Frame ID: E45CF69B91420D57E0988AB2E002637F
Requests: 4 HTTP requests in this frame

Frame: https://z71680627.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=~71680627
Frame ID: 60FCE2DD0FF389E18C5380D04C1CF5FA
Requests: 2 HTTP requests in this frame

Frame: http://duup.top/black_files/saved_resource(7).html
Frame ID: B6E81A639B2360014453AD7CF199040B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

du - My Account

Detected technologies

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimise (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

track\.omguk\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

32 %
HTTPS

67 %
IPv6

17
Domains

19
Subdomains

18
IPs

5
Countries

566 kB
Transfer

1858 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

http://track.omguk.com/e/qs/?action=Content&MID=2325899&PID=53294&ref=http%3A//duup.top/ HTTP 301
https://track.omguk.com/e/qs/?action=Content&MID=2325899&PID=53294&ref=http%3A//duup.top/

Request Chain 70

http://cdn.widgets.webengage.com/js/webengage-min-v-6.0.js HTTP 307
https://cdn.widgets.webengage.com/js/webengage-min-v-6.0.js

95 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
duup.top/ 80 KB
18 KB 2182ms
745ms Document
text/html 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: 2c07ac55bf6b549216eb06d24fb646c29746d5d9072f2cd1caa8c21568bc2c19

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 18092
content-type: text/html
date: Wed, 15 Nov 2023 21:12:00 GMT
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding

GET adrum-ext.5af4efac0bb62cd6a369676618596c4a.js
duup.top/black_files/ 0
0

GET
H/1.1 200
OK insight.beta.min.js Show response
duup.top/black_files/ 41 KB
17 KB 4700ms
2240ms Script
application/javascript 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/insight.beta.min.js
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: f1affc5a4519444738495286362e833214d11646998cd2d5ece5e4de75cd8b8e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:05 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 16708
expires: Wed, 22 Nov 2023 21:12:05 GMT

GET insight.min.js
duup.top/black_files/ 0
0

GET main.MTdjYzNiZDU2MQ.js
duup.top/black_files/ 0
0

GET code.js
duup.top/black_files/ 0
0

GET 599409307633963
duup.top/black_files/ 0
0

GET fbevents.js
duup.top/black_files/ 0
0

GET quantum-du.js
duup.top/black_files/ 0
0

GET uwt.js
duup.top/black_files/ 0
0

GET min.pixel.js
duup.top/black_files/ 0
0

GET bat.js
duup.top/black_files/ 0
0

GET events.js
duup.top/black_files/ 0
0

GET analytics.js
duup.top/black_files/ 0
0

GET recaptcha__ru.js
duup.top/black_files/ 0
0

GET gtm.js
duup.top/black_files/ 0
0

GET
H/1.1 200
OK ReadSpeaker.js Show response
duup.top/black_files/ 9 KB
4 KB 404ms
190ms Script
application/javascript 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/ReadSpeaker.js
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: f5a79050187027c8758bea038fff4b90bf5243a41c8732f616b5bb3a35ecb4ff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:01 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4026
expires: Wed, 22 Nov 2023 21:12:01 GMT

GET
H/1.1 200
OK ReadSpeaker.Styles.css
duup.top/black_files/ 21 KB
5 KB 948ms
765ms Stylesheet
text/css 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/ReadSpeaker.Styles.css
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: 0aaca9bc3dde7d71787fce0fd2859da652434dd08d1e837abde8d1a65433d87f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:01 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4809
expires: Wed, 22 Nov 2023 21:12:01 GMT

GET ReadSpeaker.Core.js
duup.top/black_files/ 0
0

GET ReadSpeaker.pub.Config.js
duup.top/black_files/ 0
0

GET
H/1.1 200
OK main.16af4117.css
duup.top/black_files/ 13 KB
6 KB 952ms
764ms Stylesheet
text/css 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/main.16af4117.css
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: d88961276d39691c1665b16d95f2eb0b762c697b11d2bc96774548a5de6d184a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:01 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6084
expires: Wed, 22 Nov 2023 21:12:01 GMT

GET
H/1.1 200
OK ReadSpeaker.lib.RSLib.js Show response
duup.top/black_files/ 25 KB
10 KB 4663ms
4259ms Script
application/javascript 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/ReadSpeaker.lib.RSLib.js
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: 0e79cede02b20c3bab8736bf4457f51415177d0411d9f059beb9cd94db08d2f3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:05 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 9579
expires: Wed, 22 Nov 2023 21:12:05 GMT

GET ReadSpeaker.Base.js
duup.top/black_files/ 0
0

GET styles.css
adlpodnneegcnbophopdmhedicjbcgco/content/ 0
0

GET 17552657.js
duup.top/black_files/ 0
0

GET
H/1.1 200
OK identify_bb163.js Show response
duup.top/black_files/ 135 KB
42 KB 9843ms
8893ms Script
application/javascript 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/identify_bb163.js
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:10 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 42740
expires: Wed, 22 Nov 2023 21:12:10 GMT

GET
H/1.1 200
OK cc-visa-logo.9de5ed976961133ab058d183b905b998.svg
duup.top/black_files/ 3 KB
2 KB 212ms
197ms Image
image/svg+xml 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://duup.top/black_files/cc-visa-logo.9de5ed976961133ab058d183b905b998.svg
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: b7b05ad1c3a308d4781fb953d46080e6ee5bfbacb166eb0e807105f3fefc79fa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:02 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1202
expires: Wed, 22 Nov 2023 21:12:02 GMT

GET
H/1.1 200
OK cc-master-logo.0fced2f492f163434103b9c040995d7c.svg
duup.top/black_files/ 2 KB
1 KB 1485ms
1287ms Image
image/svg+xml 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://duup.top/black_files/cc-master-logo.0fced2f492f163434103b9c040995d7c.svg
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: 28bd53cec442bda2a970bfd4d1b058fd202cbd3438c05550f4c949fe5f6f3918

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:03 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 774
expires: Wed, 22 Nov 2023 21:12:03 GMT

GET cc-amex-logo.648a329e891cf2e3116e3c0efcd19e75.svg
duup.top/black_files/ 0
0

GET
H/1.1 200
OK magic-campaign-en.jpg
duup.top/black_files/ 28 KB
29 KB 2405ms
178ms Image
image/jpeg 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://duup.top/black_files/magic-campaign-en.jpg
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: 50c9b923a3e9a3d9bfdffef012bb61bcd2ae9e9ab587d46b3d0b04189ae650ac

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:05 GMT
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 28870
expires: Wed, 22 Nov 2023 21:12:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 591 KB
142 KB 252ms
121ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: duup.top
URL: http://duup.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1378d1cc3dba7b8110b2eb1255d5afdd0813e805ebca4d2b27d354d1fe6dddde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 144750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Nov 2023 21:12:27 GMT

GET 0
duup.top/black_files/ 0
0

GET d41d8cd98f00b204e9800998ecf8427e.js
duup.top/black_files/ 0
0

GET integration
duup.top/black_files/ 0
0

GET integration(1)
duup.top/black_files/ 0
0

GET d41d8cd98f00b204e9800998ecf8427e.js(1)
duup.top/black_files/ 0
0

GET integration(2)
duup.top/black_files/ 0
0

GET integration(3)
duup.top/black_files/ 0
0

GET integration(4)
duup.top/black_files/ 0
0

GET adsct
duup.top/black_files/ 0
0

GET adsct(1)
duup.top/black_files/ 0
0

GET styles.css
adlpodnneegcnbophopdmhedicjbcgco/caa/ 0
0

GET
H2 200 collect
px.ads.linkedin.com/ 0
162 B 237ms
236ms Image
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1700082725765&url=http%3A%2F%2Fduup.top%2F
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5C65A64CF5B14EF3AA74462EF077691C Ref B: FRAEDGE1216 Ref C: 2023-11-15T21:12:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKN1xCXlJ+0MFtZ1x4CQ==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
692 B 364ms
238ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: duup.top
URL: http://duup.top/black_files/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: http://duup.top/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Nov 2023 21:12:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9BB2B4F30A6640689098E9A973643742 Ref B: FRAEDGE1216 Ref C: 2023-11-15T21:12:05Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: http://duup.top
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYKN1r4+rAqDzWtpJafHg==

GET
H/1.1 200
OK anchor.html Show response
duup.top/black_files/ Frame 22D2 62 KB
36 KB 1975ms
769ms Document
text/html 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/anchor.html
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: fca61bc9a7a3c615deaaef26c9559d9bd6122458f33181853b5bc1f18070fc89

Request headers

Referer: http://duup.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 36271
content-type: text/html
date: Wed, 15 Nov 2023 21:12:29 GMT
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H/1.1 200
OK saved_resource.html Show response
duup.top/black_files/ Frame AF4D 149 B
394 B 2597ms
189ms Document
text/html 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/saved_resource.html
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: 97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

Referer: http://duup.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-length: 149
content-type: text/html
date: Wed, 15 Nov 2023 21:12:30 GMT
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22da92d2d0ed9dd76507088702badb488453899d661b7c5cbb4ccf94c6ea0efe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a816e9dc211c37e763505eb70bf524eed8db8cc268f956345a5bdad8bc88604

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 191ms
65ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: duup.top
URL: http://duup.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Nov 2023 21:12:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: u6PUdaHczoQmO5t1sxSKKFpGCRdM7CpvgbNEEAUwKLm7wnNiuNwPJ+36nyZXIA++CS9cCYKses/coeUBPD0fBw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK code.js Show response
webtrafficsource.com/track/ 414 B
685 B 110ms
71ms Script
application/javascript 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://webtrafficsource.com/track/code.js
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 8adae520b086ae1e967b49d806e5420c3aaf34e5b4610bcde8d2f304a50966fd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date: Wed, 15 Nov 2023 21:12:27 GMT
Via: 1.1 google
Content-Length: 414
Content-Type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popup_silent.html Show response
duup.top/black_files/ Frame CECB 12 KB
4 KB 3881ms
1289ms Document
text/html 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/popup_silent.html
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: 84e66dc2562a6b61dd108be3f8027b0438fbb0c0a282a742d3e8fa5ef375ca8a

Request headers

Referer: http://duup.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 4219
content-type: text/html
date: Wed, 15 Nov 2023 21:12:31 GMT
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H/1.1 200
OK saved_resource(1).html Show response
duup.top/black_files/ Frame 351C 6 KB
3 KB 4069ms
169ms Document
text/html 45.83.192.64
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://duup.top/black_files/saved_resource(1).html
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: HTTP/1.1
Server: 45.83.192.64 Rotterdam, Netherlands, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 64.192.83.45.eushared11.twinservers.net
Software: LiteSpeed /
Resource Hash: f03e80f0364cc0f9762ec9fd3ae3d701a8508ddd3a26865486f518c1c6855b14

Request headers

Referer: http://duup.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 2617
content-type: text/html
date: Wed, 15 Nov 2023 21:12:31 GMT
last-modified: Mon, 13 Nov 2023 17:58:16 GMT
server: LiteSpeed
vary: Accept-Encoding

GET ProximaNova-Regular.4d6b0ae73bbc0ee103b8.woff2
duup.top/webapp/static/media/ 0
0

GET ProximaNova-Bold.5e38a54e924b84960be0.woff2
duup.top/webapp/static/media/ 0
0

GET up.html
duup.top/black_files/ Frame 4D22 0
0

GET bframe.html
duup.top/black_files/ Frame DB3C 0
0

GET styles.css
adlpodnneegcnbophopdmhedicjbcgco/content/ 0
0

GET saved_resource(2).html
duup.top/black_files/ Frame D792 0
0

GET saved_resource(3).html
duup.top/black_files/ Frame 219F 0
0

GET saved_resource(4).html
duup.top/black_files/ Frame 8648 0
0

GET saved_resource(5).html
duup.top/black_files/ Frame EFE5 0
0

GET saved_resource(6).html
duup.top/black_files/ Frame AE88 0
0

GET blank.html
duup.top/black_files/ Frame 7C9B 0
0

POST
H2 200 tr Show response
webtrafficsource.com/ 0
75 B 68ms
67ms XHR
text/plain 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Requested by: Host: webtrafficsource.com
URL: http://webtrafficsource.com/track/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duup.top/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Length
date: Wed, 15 Nov 2023 21:12:27 GMT
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 tr
webtrafficsource.com/ Frame 0
0 135ms
69ms Preflight 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://duup.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type
access-control-allow-methods: POST,GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Nov 2023 21:12:27 GMT
via: 1.1 google

GET
H2 200 599409307633963 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 115ms
114ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/599409307633963?v=2.9.138&r=stable&domain=duup.top

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

567df9f61ae410760c18d2b7a5c6b6e3e7d6c1d0de17b9313f3d0344f8154ae9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Nov 2023 21:12:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: xF1ZP2WmpRVKHo4U2gUUfzs0up7FHf4obiLXtyGBYcmu+7dldusYBjSiK9raq7Un+D7ckT6VmnAcaA8Y+pcUnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 js
www.googletagmanager.com/gtag/ 0
0 69ms
68ms Script
text/html 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-5KPFGC19KJ&l=dataLayer&cx=c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 185ms
58ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Nov 2023 19:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6944
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 15 Nov 2023 21:16:44 GMT

GET
H2

200

/ Show response
track.omguk.com/e/qs/
Redirect Chain

http://track.omguk.com/e/qs/?action=Content&MID=2325899&PID=53294&ref=http%3A//duup.top/
https://track.omguk.com/e/qs/?action=Content&MID=2325899&PID=53294&ref=http%3A//duup.top/

389 B
965 B

227ms
80ms

Script
text/javascript

34.253.164.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://track.omguk.com/e/qs/?action=Content&MID=2325899&PID=53294&ref=http%3A//duup.top/

Requested by

Host: duup.top
URL: http://duup.top/

Protocol

Server

34.253.164.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-164-210.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8d7db296bea88a53d64bb97918b8322a127cf36e7930e8e9cebe508fa012b137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache
content-length: 389
x-xss-protection: 1; mode=block

Redirect headers

Location: https://track.omguk.com:443/e/qs/?action=Content&MID=2325899&PID=53294&ref=http%3A//duup.top/
Date: Wed, 15 Nov 2023 21:12:28 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H2 200 consenTag.js Show response
consentag.eu/public/3.0.1/ 6 KB
3 KB 106ms
31ms Script
text/javascript 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/public/3.0.1/consenTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.173.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 11 Nov 2023 02:25:41 GMT
content-encoding: gzip
age: 413207
x-guploader-uploadid: ABPtcPprcCGNTC_rgP7wHzGokoLNcBk8wNVZzAb1aejooPWb12n71Ngch3DbGN8KwriUcO3SyfguWy6a_nFUYapn-TOqMQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2606
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
etag: "bbf29cf3e8db1d93e091a797634232a9"
x-goog-hash: crc32c=Uvujaw==, md5=u/Kc8+jbHZPgkaeXY0IyqQ==
x-goog-generation: 1640523991137254
content-language: en
content-type: text/javascript
cache-control: no-transform
x-goog-stored-content-length: 2606
accept-ranges: bytes
expires: Sun, 10 Nov 2024 02:25:41 GMT

GET
H2

200

webengage-min-v-6.0.js Show response
cdn.widgets.webengage.com/js/
Redirect Chain

http://cdn.widgets.webengage.com/js/webengage-min-v-6.0.js
https://cdn.widgets.webengage.com/js/webengage-min-v-6.0.js

311 KB
88 KB

129ms
44ms

Script
application/javascript

2606:4700::6812:1c93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.widgets.webengage.com/js/webengage-min-v-6.0.js
Requested by: Host: duup.top
URL: http://duup.top/
Protocol: H2
Server: 2606:4700::6812:1c93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b18dfdffb2abf880a73e501fc722741f12187db786f31e0e96c33c74c5d759

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:28 GMT
via: 1.1 2fe761c42f710dbc97bfbe41f450bf42.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: HIT
x-amz-cf-pop: ARN54-C1
age: 14018
x-cache: Hit from cloudfront
last-modified: Tue, 14 Nov 2023 06:07:36 GMT
server: cloudflare
etag: W/"65530ea8-4dbb7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 826a7e17bf1d70f9-HEL
x-amz-cf-id: xIlRqv5Mp5_W42ep0a-ZlDv0Fl_--sZBtnziG8D26PoKM5r1oSMiRQ==
expires: Wed, 15 Nov 2023 17:28:36 GMT

Redirect headers

Location: https://cdn.widgets.webengage.com/js/webengage-min-v-6.0.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 182ms
58ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=599409307633963&ev=PageView&dl=http%3A%2F%2Fduup.top%2F&rl=&if=false&ts=1700082748019&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700082748018.76455878&ler=empty&it=1700082747825&coo=false&rqm=GET

Requested by

Host: duup.top
URL: http://duup.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 Nov 2023 21:12:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 popup_silent.html Show response
consentag.eu/public/3.0.1/ Frame E45C 12 KB
4 KB 64ms
63ms Document
text/html 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/public/3.0.1/popup_silent.html
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.173.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 028a986dd20d66c3950495d957214cda50669a831b7a5c8fcb9bf94c91f861f2

Request headers

Referer: http://duup.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 413200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-language: en
content-length: 3889
content-type: text/html
date: Sat, 11 Nov 2023 02:25:48 GMT
etag: "961f6921c00edbfac20c24cc4deda043"
expires: Sun, 10 Nov 2024 02:25:48 GMT
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
x-goog-generation: 1640523991162202
x-goog-hash: crc32c=fNucYA== md5=lh9pIcAO2/rCDCTMTe2gQw==
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3889
x-guploader-uploadid: ABPtcPqHg_OHCYCh9hxn38LqHKBqBM1lWDQWLwpwfsfeBmBJxmowTbw-5Xui11HQ54kIEZoJbilsAGQDgEOIgh9lgUDHeFZJbvtQ

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ Frame E45C 84 KB
27 KB 111ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://consentag.eu/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1719034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26909
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDKp2BHMhqn%2FEWbTDVnLoz4mRWSQRA3u1sK04Xvqm1djJXfQV5UJRg6kDwGYwSACAPzwhbJheakDvUM51YlnPlyjzoha3WB%2F1sx%2BPYBeYMKPEbDCFO7HaOrjZHWPENdBTqTHfloqfyW7D2xfxHc16jlO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826a7e189c564c8d-HEL
expires: Mon, 04 Nov 2024 21:12:28 GMT

GET
H2 200 mustache.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/ Frame E45C 9 KB
3 KB 106ms
41ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/mustache.min.js

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://consentag.eu/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 696087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2513
last-modified: Mon, 04 May 2020 16:13:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f29-2538"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3%2BLbwVJQlC%2F3Q7rLULPlZmCwQ8Am5f2e7%2BVbn%2FQhxCNw4%2BhK35nZNIsjW57pKVgz%2BcmM0UwRkI%2BSkDXgLFwKdHd2tpGmOuvsWgLj2dtYZBsY7ev6u9ajvu4v4wh2In4Emt3B%2FwlyADxDRFvHemd3CPY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826a7e189c584c8d-HEL
expires: Mon, 04 Nov 2024 21:12:28 GMT

GET
H2 200 storage-frame-1.18.htm Show response
z71680627.webengage.co/ Frame 60FC 3 KB
2 KB 176ms
54ms Document
text/html 2600:9000:223d:d000:8:cf94:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z71680627.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=~71680627
Requested by: Host: cdn.widgets.webengage.com
URL: http://cdn.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:d000:8:cf94:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98

Request headers

Referer: http://duup.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
age: 2696
cache-control: max-age=14400
content-encoding: gzip
content-type: text/html
date: Wed, 15 Nov 2023 20:27:33 GMT
etag: W/"60b76f62-d60"
expires: Thu, 16 Nov 2023 00:27:32 GMT
last-modified: Wed, 02 Jun 2021 11:45:38 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-id: yf44gTz4gsTRe_4HMDoWLk_SXTs4CEB49pqLgb9hp_IGOzSzZ4sKRA==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
202 B 78ms
77ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1992648399&t=pageview&_s=1&dl=http%3A%2F%2Fduup.top%2F&ul=en-us&de=UTF-8&dt=du%20-%20My%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAEK~&jid=740545373&gjid=854079871&cid=863796882.1700082748&tid=UA-407073-6&_gid=570772771.1700082748&_slc=1&gtm=45He3b81n71PK3S7Mv6507099&cd17=EN&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=863796882.1700082748&z=186405025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://duup.top/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://duup.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 207ms
65ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-407073-6&cid=863796882.1700082748&jid=740545373&gjid=854079871&_gid=570772771.1700082748&_u=YGBAgEABAAAAAGAEK~&z=2119170496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://duup.top/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 Nov 2023 21:12:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://duup.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 getuam Show response
consentag.eu/manager/consent/user/ Frame E45C 3 KB
3 KB 66ms
65ms XHR
application/json 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/manager/consent/user/getuam
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.173.107.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: afd1ef478c671424d48451e84e7bc3a7059a5610e4808cad9aa26cf42a3ecd47

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://consentag.eu/public/3.0.1/popup_silent.html
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 15 Nov 2023 21:12:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
etag: uk-1700082748-7ab33a1a25404b858657d90953630c64
content-length: 2832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H3 200 tr Show response
webtrafficsource.com/ 0
12 B 67ms
66ms XHR
text/plain 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Requested by: Host: webtrafficsource.com
URL: http://webtrafficsource.com/track/code.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://duup.top/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Length
date: Wed, 15 Nov 2023 21:12:28 GMT
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 204 tr
webtrafficsource.com/ Frame 0
0 67ms
67ms Preflight 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://duup.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type
access-control-allow-methods: POST,GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 15 Nov 2023 21:12:28 GMT
via: 1.1 google

GET
H2 200 d41d8cd98f00b204e9800998ecf8427e.js Show response
cdn.ctnsnet.com/ase/fetch/scraper/76037480/ 0
285 B 173ms
52ms Script
application/json 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctnsnet.com/ase/fetch/scraper/76037480/d41d8cd98f00b204e9800998ecf8427e.js?caid=4da5d6fb3c9d4e69bbfda3680247ffdd&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-77-nzt: ApySIYg3Nzf/DzUBANRmOAk3Nzf/vQAAAA
x-accel-expires: @1700262640
date: Wed, 15 Nov 2023 21:12:28 GMT
via: 1.1 google
x-77-age: 79308
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 79119
x-77-pop: frankfurtDE
x-77-nzt-ray: f6587a1d03c22abc3c3455652233c61f
x-77-cache: HIT
content-type: application/json
accept-ranges: bytes
x-accel-date: 1700003629
content-length: 0

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
312 B 140ms
64ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=68738460&nid=2142538&cont=s&loc=http%3A%2F%2Fduup.top%2F&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
142 B 140ms
65ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=76037483&nid=2142538&cont=s&loc=http%3A%2F%2Fduup.top%2F&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d41d8cd98f00b204e9800998ecf8427e.js Show response
cdn.ctnsnet.com/ase/fetch/scraper/67704427/ 0
284 B 172ms
53ms Script
application/json 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctnsnet.com/ase/fetch/scraper/67704427/d41d8cd98f00b204e9800998ecf8427e.js?caid=4da5d6fb3c9d4e69bbfda3680247ffdd&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-77-nzt: ApySIYg3Nzf/4+0AANRmOJw3Nzf/IwAAAA
x-accel-expires: @1700281014
date: Wed, 15 Nov 2023 21:12:28 GMT
via: 1.1 google
x-77-age: 60934
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 60899
x-77-pop: frankfurtDE
x-77-nzt-ray: f6587a1d03c22abc3c345565284ccf1f
x-77-cache: HIT
content-type: application/json
accept-ranges: bytes
x-accel-date: 1700021849
content-length: 0

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
141 B 140ms
65ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=76037490&nid=2142538&cont=s&loc=http%3A%2F%2Fduup.top%2F&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
442 B 76ms
75ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=69616513&nid=2142538&cont=s&loc=http%3A%2F%2Fduup.top%2F&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
442 B 77ms
76ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=79158399&nid=2142538&cont=s&loc=http%3A%2F%2Fduup.top%2F&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v4.js Show response
wsdk-files.webengage.com/webengage/~71680627/ Frame 60FC 8 KB
3 KB 552ms
542ms Script
application/x-javascript 2606:4700::6812:1c93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdk-files.webengage.com/webengage/~71680627/v4.js
Requested by: Host: z71680627.webengage.co
URL: https://z71680627.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=~71680627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4924db6cb461cabd771fb76345137775c7a734709683f84eb6d93988f52caed3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://z71680627.webengage.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 21:12:28 GMT
content-encoding: gzip
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-version-id: 79bHuZdJBS5m4FGEc9VFTLE1j1C6AiQa
cf-cache-status: REVALIDATED
x-amz-cf-pop: OSL50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2287
last-modified: Sat, 30 Sep 2023 08:50:18 GMT
server: cloudflare
etag: "9ad2fa97b296edb72fae713d0bbe512f"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=60, must-revalidate
accept-ranges: bytes
cf-ray: 826a7e19dacf70f9-HEL
x-amz-cf-id: ZU1J5u6j_OkffkdOj4bvJ0ERyQO1knjiP3KCpdLAFTrnTskrNy-wNg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 212ms
85ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-407073-6&cid=863796882.1700082748&jid=740545373&_u=YGBAgEABAAAAAGAEK~&z=456029103

Requested by

Host: duup.top
URL: http://duup.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
408 B 225ms
85ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-407073-6&cid=863796882.1700082748&jid=740545373&_u=YGBAgEABAAAAAGAEK~&z=456029103

Requested by

Host: duup.top
URL: http://duup.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: http://duup.top/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 21:12:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET styles__ltr.css
duup.top/black_files/ Frame 22D2 0
0

GET recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
duup.top/black_files/ Frame 22D2 0
0

GET jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
duup.top/black_files/ Frame CECB 0
0

GET mustache.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
duup.top/black_files/ Frame CECB 0
0

GET saved_resource(7).html
duup.top/black_files/ Frame B6E8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: duup.top
URL: http://duup.top/black_files/adrum-ext.5af4efac0bb62cd6a369676618596c4a.js

Domain: duup.top
URL: http://duup.top/black_files/insight.min.js

Domain: duup.top
URL: http://duup.top/black_files/main.MTdjYzNiZDU2MQ.js

Domain: duup.top
URL: http://duup.top/black_files/code.js

Domain: duup.top
URL: http://duup.top/black_files/599409307633963

Domain: duup.top
URL: http://duup.top/black_files/fbevents.js

Domain: duup.top
URL: http://duup.top/black_files/quantum-du.js

Domain: duup.top
URL: http://duup.top/black_files/uwt.js

Domain: duup.top
URL: http://duup.top/black_files/min.pixel.js

Domain: duup.top
URL: http://duup.top/black_files/bat.js

Domain: duup.top
URL: http://duup.top/black_files/events.js

Domain: duup.top
URL: http://duup.top/black_files/analytics.js

Domain: duup.top
URL: http://duup.top/black_files/recaptcha__ru.js

Domain: duup.top
URL: http://duup.top/black_files/gtm.js

Domain: duup.top
URL: http://duup.top/black_files/ReadSpeaker.Core.js

Domain: duup.top
URL: http://duup.top/black_files/ReadSpeaker.pub.Config.js

Domain: duup.top
URL: http://duup.top/black_files/ReadSpeaker.Base.js

Domain: adlpodnneegcnbophopdmhedicjbcgco
URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/content/styles.css

Domain: duup.top
URL: http://duup.top/black_files/17552657.js

Domain: duup.top
URL: http://duup.top/black_files/cc-amex-logo.648a329e891cf2e3116e3c0efcd19e75.svg

Domain: duup.top
URL: http://duup.top/black_files/0

Domain: duup.top
URL: http://duup.top/black_files/d41d8cd98f00b204e9800998ecf8427e.js

Domain: duup.top
URL: http://duup.top/black_files/integration

Domain: duup.top
URL: http://duup.top/black_files/integration(1)

Domain: duup.top
URL: http://duup.top/black_files/d41d8cd98f00b204e9800998ecf8427e.js(1)

Domain: duup.top
URL: http://duup.top/black_files/integration(2)

Domain: duup.top
URL: http://duup.top/black_files/integration(3)

Domain: duup.top
URL: http://duup.top/black_files/integration(4)

Domain: duup.top
URL: http://duup.top/black_files/adsct

Domain: duup.top
URL: http://duup.top/black_files/adsct(1)

Domain: adlpodnneegcnbophopdmhedicjbcgco
URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/caa/styles.css

Domain: duup.top
URL: http://duup.top/webapp/static/media/ProximaNova-Regular.4d6b0ae73bbc0ee103b8.woff2

Domain: duup.top
URL: http://duup.top/webapp/static/media/ProximaNova-Bold.5e38a54e924b84960be0.woff2

Domain: duup.top
URL: http://duup.top/black_files/up.html

Domain: duup.top
URL: http://duup.top/black_files/bframe.html

Domain: adlpodnneegcnbophopdmhedicjbcgco
URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/content/styles.css

Domain: adlpodnneegcnbophopdmhedicjbcgco
URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/content/styles.css

Domain: duup.top
URL: http://duup.top/black_files/saved_resource(2).html

Domain: duup.top
URL: http://duup.top/black_files/saved_resource(3).html

Domain: duup.top
URL: http://duup.top/black_files/saved_resource(4).html

Domain: duup.top
URL: http://duup.top/black_files/saved_resource(5).html

Domain: duup.top
URL: http://duup.top/black_files/saved_resource(6).html

Domain: duup.top
URL: http://duup.top/black_files/blank.html

Domain: duup.top
URL: http://duup.top/black_files/styles__ltr.css

Domain: duup.top
URL: http://duup.top/black_files/recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Domain: duup.top
URL: http://duup.top/black_files/jquery.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Domain: duup.top
URL: http://duup.top/black_files/mustache.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Domain: duup.top
URL: http://duup.top/black_files/saved_resource(7).html

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-21 01:00:18	Name: bcookie Value: "v=2&41d59351-677a-4eb1-8de5-17591e8895ea"
.linkedin.com/	1970-01-20 20:33:54	Name: li_gc Value: MTswOzE3MDAwODI3MjY7MjswMjHC+GQUISBjWW2Ga1Qigdbw/k8Y4k02OqoePoI3bMrOww==
.linkedin.com/	1970-01-20 16:16:09	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2642:u=1:x=1:i=1700082726:t=1700169126:v=2:sig=AQFCZ5Ixa1Sc97E0euKsnTU8gIUGlFn3"
.duup.top/	1970-01-20 18:24:18	Name: _gcl_au Value: 1.1.1319141387.1700082748
.duup.top/	1970-01-20 18:24:18	Name: _fbp Value: fb.1.1700082748018.76455878
.duup.top/	1970-01-21 01:50:42	Name: _ga Value: GA1.2.863796882.1700082748
.duup.top/	1970-01-20 16:16:09	Name: _gid Value: GA1.2.570772771.1700082748
.duup.top/	1970-01-20 16:14:42	Name: _dc_gtm_UA-407073-6 Value: 1
track.omguk.com/	1970-01-20 17:41:06	Name: OMG-Channel-2325899 Value: Channel%3D
track.omguk.com/	1970-01-20 17:41:06	Name: OMGID Value: UUserID%3D%7Bd20f634c-cf4d-4377-8013-671412675bce%7D
track.omguk.com/	1970-01-20 16:14:44	Name: OMGSession Value: SessionID%3D4b9b96cefe3b47ea953a772ac971440d%26SessionCount%3D0
.consentag.eu/	1970-01-20 19:50:42	Name: bid Value: uk-1700082748-7ab33a1a25404b858657d90953630c64
duup.top/	1970-01-21 01:00:18	Name: __tmbid Value: uk-1700082748-7ab33a1a25404b858657d90953630c64
.ctnsnet.com/	1970-01-21 01:00:18	Name: cid Value: 2c395177b1394fa1b92a9384f30f7dad

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/content/styles.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/caa/styles.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/content/styles.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://adlpodnneegcnbophopdmhedicjbcgco/content/styles.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-5KPFGC19KJ&l=dataLayer&cx=c Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: http://duup.top/black_files/anchor.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adlpodnneegcnbophopdmhedicjbcgco
cdn.ctnsnet.com
cdn.widgets.webengage.com
cdnjs.cloudflare.com
connect.facebook.net
consentag.eu
duup.top
i.ctnsnet.com
px.ads.linkedin.com
stats.g.doubleclick.net
track.omguk.com
webtrafficsource.com
wsdk-files.webengage.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
z71680627.webengage.co
adlpodnneegcnbophopdmhedicjbcgco
duup.top
2600:9000:223d:d000:8:cf94:88c0:93a1
2606:4700::6811:180e
2606:4700::6812:1c93
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9c
2a02:6ea0:c700::17
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.107.149.195
34.107.173.171
34.253.164.210
35.186.193.173
45.83.192.64
52.48.41.58
028a986dd20d66c3950495d957214cda50669a831b7a5c8fcb9bf94c91f861f2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0aaca9bc3dde7d71787fce0fd2859da652434dd08d1e837abde8d1a65433d87f
0e79cede02b20c3bab8736bf4457f51415177d0411d9f059beb9cd94db08d2f3
1378d1cc3dba7b8110b2eb1255d5afdd0813e805ebca4d2b27d354d1fe6dddde
16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98
1a816e9dc211c37e763505eb70bf524eed8db8cc268f956345a5bdad8bc88604
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22da92d2d0ed9dd76507088702badb488453899d661b7c5cbb4ccf94c6ea0efe
26b18dfdffb2abf880a73e501fc722741f12187db786f31e0e96c33c74c5d759
28bd53cec442bda2a970bfd4d1b058fd202cbd3438c05550f4c949fe5f6f3918
2c07ac55bf6b549216eb06d24fb646c29746d5d9072f2cd1caa8c21568bc2c19
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4924db6cb461cabd771fb76345137775c7a734709683f84eb6d93988f52caed3
50c9b923a3e9a3d9bfdffef012bb61bcd2ae9e9ab587d46b3d0b04189ae650ac
567df9f61ae410760c18d2b7a5c6b6e3e7d6c1d0de17b9313f3d0344f8154ae9
84e66dc2562a6b61dd108be3f8027b0438fbb0c0a282a742d3e8fa5ef375ca8a
89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462
8adae520b086ae1e967b49d806e5420c3aaf34e5b4610bcde8d2f304a50966fd
8d7db296bea88a53d64bb97918b8322a127cf36e7930e8e9cebe508fa012b137
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223
afd1ef478c671424d48451e84e7bc3a7059a5610e4808cad9aa26cf42a3ecd47
b7b05ad1c3a308d4781fb953d46080e6ee5bfbacb166eb0e807105f3fefc79fa
d88961276d39691c1665b16d95f2eb0b762c697b11d2bc96774548a5de6d184a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03e80f0364cc0f9762ec9fd3ae3d701a8508ddd3a26865486f518c1c6855b14
f1affc5a4519444738495286362e833214d11646998cd2d5ece5e4de75cd8b8e
f5a79050187027c8758bea038fff4b90bf5243a41c8732f616b5bb3a35ecb4ff
fca61bc9a7a3c615deaaef26c9559d9bd6122458f33181853b5bc1f18070fc89

duup.top Open in urlscan Pro 45.83.192.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

32 %HTTPS

67 %IPv6

17 Domains

19 Subdomains

18 IPs

5 Countries

566 kBTransfer

1858 kBSize

14 Cookies

0 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

duup.top Open in urlscan Pro
45.83.192.64 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

32 %
HTTPS

67 %
IPv6

17
Domains

19
Subdomains

18
IPs

5
Countries

566 kB
Transfer

1858 kB
Size

14
Cookies

95 HTTP transactions
2 data transactions