urlscan.io logo urlscan.io
SecurityTrails logo

t3tupps.metrup.top Open in urlscan Pro
185.177.74.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t3tupps.metrup.top/
Effective URL: https://t3tupps.metrup.top/
Submission: On December 24 via api from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 24 HTTP transactions. The main IP is 185.177.74.211, located in Spain and belongs to AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC. The main domain is t3tupps.metrup.top.
TLS certificate: Issued by E6 on December 18th 2024. Valid for: 3 months.
This is the only time t3tupps.metrup.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 185.177.74.211 206264 (AMARUTU-T...)
6 104.17.24.14 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
3 142.250.186.35 15169 (GOOGLE)
2 157.240.0.35 32934 (FACEBOOK)
1 3.122.218.248 16509 (AMAZON-02)
24 8
8    185.177.74.211 (Spain)

ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC)
t3tupps.metrup.top
6    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    3.122.218.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
getyourapi.site
Apex Domain
Subdomains		 Transfer
8 metrup.top
t3tupps.metrup.top
34 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
153 KB
3 gstatic.com
fonts.gstatic.com
68 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
1 getyourapi.site
getyourapi.site
552 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
136 KB
24 8
Domain Requested by
8 t3tupps.metrup.top t3tupps.metrup.top
6 cdnjs.cloudflare.com t3tupps.metrup.top
cdnjs.cloudflare.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com t3tupps.metrup.top
2 connect.facebook.net t3tupps.metrup.top
connect.facebook.net
1 getyourapi.site cdnjs.cloudflare.com
1 fonts.googleapis.com t3tupps.metrup.top
1 cdn.jsdelivr.net t3tupps.metrup.top
24 8

This site contains no links.

Subject Issuer Validity Valid
t3tupps.metrup.top
E6		 2024-12-18 -
2025-03-18		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-02 -
2024-12-31		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
getyourapi.site
E6		 2024-12-04 -
2025-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://t3tupps.metrup.top/
Frame ID: BFDFF191F1626EE054FDAABDDD75D563
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Whatsapp BOT

Page URL History Show full URLs

  1. http://t3tupps.metrup.top/ HTTP 307
    https://t3tupps.metrup.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

468 kB
Transfer

1493 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t3tupps.metrup.top/ HTTP 307
    https://t3tupps.metrup.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
t3tupps.metrup.top/
Redirect Chain
  • http://t3tupps.metrup.top/
  • https://t3tupps.metrup.top/
31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
cbdd0fe73de2176588bec5a02cf3352160898a3e350a7dff76976a8e990fa13e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 00:21:49 GMT
server
openresty
vary
Accept-Encoding Accept-Encoding Accept-Encoding

Redirect headers

Location
https://t3tupps.metrup.top/
Non-Authoritative-Reason
HttpsUpgrades
style.css
t3tupps.metrup.top/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t3tupps.metrup.top/css/style.css
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
585c0146cf1948192494ea6071a4a194721f9d9ce32845d033198d56922c8e4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
date
Tue, 24 Dec 2024 00:21:49 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
form.css
t3tupps.metrup.top/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t3tupps.metrup.top/css/form.css
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
15fa361dc19704b44a9e131f18f9eb34efaca7caf521268b6823d6d0f7fc7b96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
date
Tue, 24 Dec 2024 00:21:49 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
wallet.svg
t3tupps.metrup.top/img/ 		18 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3tupps.metrup.top/img/wallet.svg
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
6b8067706e17aa29fe81d5bd1b6a390fa81acbd16efcbe195a096135553801ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
date
Tue, 24 Dec 2024 00:21:49 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"64ed75bb-6b36"
age
952019
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAPrNzovgtAU9kWZFVSwvncmqIU1jTyhA1YiBBjAm8pmFYkTDO5K78BalYtVV%2Bk1vl1oV%2F%2FFMeOkkxFQgnEebqga%2BA8VBdqVWzKyNcYL22mji1D9BGfoYdHMhA0Ext9Z92ndbmCb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 00:21:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 00:21:49 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 29 Aug 2023 04:36:11 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6c6ef9ba50cfee-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
27446
server
cloudflare
apexcharts
cdn.jsdelivr.net/npm/ 		557 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/apexcharts
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc7944ec08a6bc6364aa8ea6632e389f5d00e7aacbca453993f1f4c8522c7fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"8b3c0-9B7uuCpvOFY3sc7l2d+1gjLCmAY"
age
5272
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTnQ3TJ76bx9n6U1qjgClZzlzjt0Z8LhvmUFNEkku6V5CExJfQc%2FGykPnf91EVJiTLS0cdS%2F9TqT9B8vZKYJNfGTv6e0CjVXRQnvYCkQbA3veNFhDOgMDgWsxoRXBlI8VzfukCu%2Fy4dlIsuNUIw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Tue, 24 Dec 2024 00:21:49 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220144-FRA, cache-lga21923-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6c6efabe402168-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
138646
server
cloudflare
x-jsd-version
4.3.0
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t3tupps.metrup.top
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ffe-1483"
age
363069
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SD%2F3MX5UCAYc9x1xxKOJ%2F5x61qbWRVpqCHY2xS%2BncBhl1lFezH1ZDPWej592wiYll3y%2BcXlxmBp2zQ7hWevsoTk%2Fm%2F%2FP9orEY7bfNMeY64BtlOx1kocbJYEyRq84ZeNWxxmPdO5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 00:21:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 00:21:49 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:02 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6c6efb6e48b117-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
1763
server
cloudflare
main.js
t3tupps.metrup.top/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t3tupps.metrup.top/js/main.js
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
3c2d80232124375dae3adeceeba25dcefbafa228019610bca4089a4a01cc10fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-85b"
age
4175333
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Fq9kG5wueqxqPWLqItzlgxg64xkSYvW0s2Pjr6TJMcpNnfhdsscHXwnjG1X6pBoEnv8Zvv05%2BS8keQa0PSPdeER1fxFWznx3qyb9irbWXvO7TxUWFTP2U0q0pAT6YaOBzm5vzFd"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 00:21:50 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6c6efbdb67cfee-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
2139
server
cloudflare
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-223d"
age
2227344
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtFkk9EK3ShtGmKbODgQtC69J%2FZCIGmkop91mK7TagGQRT%2Bf0Zr56s%2BdERQspdOah7AfimA67olPIXy7z%2B2QiZAsvnozh8eYaq5Qg9fUqZ3sDAw3HIvq40rYDv%2FwG1yCZXoI%2FMM6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 00:21:50 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6c6efc0b97cfee-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
8765
server
cloudflare
ModalPhoneError.js
t3tupps.metrup.top/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t3tupps.metrup.top/js/ModalPhoneError.js
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
0bd5dc97de86163a88e6982c16aad1323d8e3f4ff95a4e384a737588666a571d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 00:21:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 23 Dec 2024 22:23:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LP187igL' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LP187igL' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=23, mss=1232, tbw=4492, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
roeFob1U84hfogQcsm0vel/Krwz+udDeqlCn17Pzs3vZSpHT7Ggsx3OQqSs/MO8EJBIlpPPtpAlCCmX/bJmj5w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t3tupps.metrup.top
Referer
https://fonts.googleapis.com/

Response headers

age
572895
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:13:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:13:35 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t3tupps.metrup.top
Referer
https://fonts.googleapis.com/

Response headers

age
381542
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:22:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:22:48 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://t3tupps.metrup.top
Referer
https://fonts.googleapis.com/

Response headers

age
496848
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 06:21:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 06:21:02 GMT
last-modified
Tue, 02 May 2023 15:12:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22504
x-xss-protection
0
server
sffe
logo.svg
t3tupps.metrup.top/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3tupps.metrup.top/img/logo.svg
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
b1265e7fb21eb2b42316611b0727198f2c2e53ebeb15523e3536c9602ee314b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
886191283710500
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/886191283710500?v=2.9.179&r=stable&domain=t3tupps.metrup.top&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
14b7afb9b7263f5f61e76535c765cdd36e97a980fb25bca2d5db9156c4b26de3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WE5I6LFk' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WE5I6LFk' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=77, mss=1232, tbw=70508, tp=65, tpl=0, uplat=112, ullat=0
pragma
public
x-fb-debug
VsaHAVxsRjByZBq9jPgOiHeMJEHoI2dOAv33qryTRfUScgdlg6nEarv0TrK/lO7ZdIYI+i1Mxx8QQtkJZ82B+g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=886191283710500&ev=PageView&dl=https%3A%2F%2Ft3tupps.metrup.top%2F&rl=&if=false&ts=1734999710440&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734999710439.716785780641269004&ler=empty&cdl=API_unavailable&it=1734999710258&coo=false&exp=j3&rqm=GET
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=23, mss=1232, tbw=4542, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=886191283710500&ev=PageView&dl=https%3A%2F%2Ft3tupps.metrup.top%2F&rl=&if=false&ts=1734999710440&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734999710439.716785780641269004&ler=empty&cdl=API_unavailable&it=1734999710258&coo=false&exp=j3&rqm=FGET
Requested by
Host: t3tupps.metrup.top
URL: https://t3tupps.metrup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451767014542713175"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451767014542713175", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
ePGiI/Cky75tTtyw21Au0FFF7cFiXhN4se5rqSdrfsgDpoZhQjL9JOIauZKLA9WZnkwlv3xRWTmlfxxVU08sgA==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=23, mss=1232, tbw=4910, tp=13, tpl=0, uplat=126, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
geolocation
getyourapi.site/api/ 		145 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://getyourapi.site/api/geolocation
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software
openresty / Express
Resource Hash
c2fd9545f67f282b59185f4c088456588e8ab12ece984e0fc17f5035e3a34559

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://t3tupps.metrup.top/

Response headers

access-control-max-age
600
x-request-id
450d358f-ce2f-4b39-aa68-e72b76db73f0
access-control-expose-headers
content-type, authorization, x-request-id
etag
W/"91-etjWQEJQ1saBO0JuElmAMTVWYe4"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://t3tupps.metrup.top
content-length
145
date
Tue, 24 Dec 2024 00:21:51 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
openresty
access-control-allow-headers
origin, content-type, accept, authorization
favicon.ico
t3tupps.metrup.top/ 		9 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://t3tupps.metrup.top/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software
openresty /
Resource Hash
e30ccb6836d3379730be2f27b2472d70d0b321ae3a3f925ae8bce2a33c0aef69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

content-encoding
gzip
date
Tue, 24 Dec 2024 00:21:50 GMT
content-type
image/x-icon
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-1062f"
age
437473
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wH7y4x47iGyogdNFGQmFZJcKC2O2BmXJRd9O709Z0kKCmC8cj7u0VQPTieQoXHe83T5%2BKPdpD%2FK3Rouvm7KSVlAM5z7V4%2BgQuLI3xMW8Vb02Pd6whgNReVdnIaR52akJv3xkM2ka"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 00:21:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 00:21:51 GMT
content-type
image/png; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6c6f023f3ecfee-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
67119
server
cloudflare
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/ 		244 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://t3tupps.metrup.top/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-b3dd"
age
371903
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DW58i2qMS%2FlAGA7l3iuYm31zw20KmeYYWT3HOQbwS%2FQ1CMWJCasT%2FMk%2BDU%2BsKE1Z1M7BVRteOnWW%2FvuMHzZoLS94fXYtJ58r0rRSu3BJWiifPWkWkg%2BJTZoR%2ByH7YPDlmLmXwvoN"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 00:21:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 00:21:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6c6f023f3fcfee-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
46045
server
cloudflare

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery object| TreemapSquared function| SVG object| Apex function| ApexCharts object| toastr function| _0x52ff function| generateRandomCandle function| getChartHeight function| _0x3831 function| initializeChart function| updateProfit function| openLeadForm function| openModals function| closeModals function| checkModalOpen function| _0x1b5c function| _0x37ac object| intlTelInputGlobals function| intlTelInput function| parseURLParams object| intlTelInputUtils

1 Cookies

Domain/Path Name / Value
.metrup.top/ Name: _fbp
Value: fb.1.1734999710439.716785780641269004

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getyourapi.site
t3tupps.metrup.top
www.facebook.com
104.17.24.14
142.250.186.35
157.240.0.35
157.240.0.6
185.177.74.211
2606:4700::6812:ba1f
2a00:1450:4001:82f::200a
3.122.218.248
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0bd5dc97de86163a88e6982c16aad1323d8e3f4ff95a4e384a737588666a571d
14b7afb9b7263f5f61e76535c765cdd36e97a980fb25bca2d5db9156c4b26de3
15fa361dc19704b44a9e131f18f9eb34efaca7caf521268b6823d6d0f7fc7b96
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
3c2d80232124375dae3adeceeba25dcefbafa228019610bca4089a4a01cc10fb
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
585c0146cf1948192494ea6071a4a194721f9d9ce32845d033198d56922c8e4b
6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26
6b8067706e17aa29fe81d5bd1b6a390fa81acbd16efcbe195a096135553801ab
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1265e7fb21eb2b42316611b0727198f2c2e53ebeb15523e3536c9602ee314b0
b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2
c2fd9545f67f282b59185f4c088456588e8ab12ece984e0fc17f5035e3a34559
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
cbdd0fe73de2176588bec5a02cf3352160898a3e350a7dff76976a8e990fa13e
cdc7944ec08a6bc6364aa8ea6632e389f5d00e7aacbca453993f1f4c8522c7fe
e30ccb6836d3379730be2f27b2472d70d0b321ae3a3f925ae8bce2a33c0aef69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a