dcu-auth.bup.net Open in urlscan Pro
98.143.144.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dcu-auth.bup.net/dcu/
Submission: On December 20 via api (December 20th 2023, 10:29:48 pm UTC) from IN — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 20 domains to perform 49 HTTP transactions. The main IP is 98.143.144.55, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is dcu-auth.bup.net.

This is the only time dcu-auth.bup.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Digital Federal Credit Union (Banking) DCU (Banking)

Domain & IP information

	IP Address	AS Autonomous System
13	98.143.144.55 98.143.144.55	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2	18.165.183.10 18.165.183.10	16509 (AMAZON-02) (AMAZON-02)
4	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	18.210.30.70 18.210.30.70	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
8	52.215.118.143 52.215.118.143	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:d07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.140.62.164 63.140.62.164	16509 (AMAZON-02) (AMAZON-02)
1 1	34.243.189.130 34.243.189.130	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	63.140.62.214 63.140.62.214	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:97ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	54.77.9.4 54.77.9.4	16509 (AMAZON-02) (AMAZON-02)
1 2	52.5.50.31 52.5.50.31	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.197.120.184 54.197.120.184	14618 (AMAZON-AES) (AMAZON-AES)
49	15

13 98.143.144.55 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

dcu-auth.bup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.183.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-10.zrh55.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.210.30.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-30-70.compute-1.amazonaws.com

us.cobrowse.pega.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usassets.cobrowse.pega.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.215.118.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dcu.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:d07 (United States)

ASN13335 (CLOUDFLARENET, US)

frame.gleap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-164.data.adobedc.net

digitalfederalcreditunion.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.189.130 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-189-130.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-214.data.adobedc.net

digitalfederalcreditunion.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:97ee (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.9.4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-9-4.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.50.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-50-31.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.120.184 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-120-184.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	bup.net dcu-auth.bup.net	493 KB
8	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 dcu.demdex.net — Cisco Umbrella Rank: 145397	9 KB
5	pega.com us.cobrowse.pega.com — Cisco Umbrella Rank: 43385 usassets.cobrowse.pega.com — Cisco Umbrella Rank: 54887	567 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 431	84 KB
4	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5165	23 KB
3	gleap.io frame.gleap.io	424 KB
2	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1698	189 B
2	omtrdc.net digitalfederalcreditunion.sc.omtrdc.net — Cisco Umbrella Rank: 154203	801 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13515	86 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	1 KB
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799	205 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2174	351 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	418 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	635 B
1	media6degrees.com idpix.media6degrees.com — Cisco Umbrella Rank: 1668	205 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	98 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1110	517 B
1	gstatic.com fonts.gstatic.com	31 KB
49	20

	Domain	Requested by
13	dcu-auth.bup.net	dcu-auth.bup.net usassets.cobrowse.pega.com
7	dpm.demdex.net	assets.adobedtm.com dcu-auth.bup.net
5	assets.adobedtm.com	dcu-auth.bup.net assets.adobedtm.com
4	usassets.cobrowse.pega.com	dcu-auth.bup.net us.cobrowse.pega.com usassets.cobrowse.pega.com
4	mpsnare.iesnare.com	dcu-auth.bup.net mpsnare.iesnare.com
3	frame.gleap.io	dcu-auth.bup.net frame.gleap.io
2	mid.rkdms.com	1 redirects
2	digitalfederalcreditunion.sc.omtrdc.net	assets.adobedtm.com dcu-auth.bup.net
2	fonts.googleapis.com	dcu-auth.bup.net
2	cdn.plaid.com	dcu-auth.bup.net
1	sync.srv.stackadapt.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	pixel-sync.sitescout.com
1	fei.pro-market.net	1 redirects
1	ps.eyeota.net	1 redirects
1	c.bing.com	1 redirects
1	idpix.media6degrees.com	dcu-auth.bup.net
1	idsync.rlcdn.com	dcu-auth.bup.net
1	cm.everesttech.net	1 redirects
1	dcu.demdex.net	assets.adobedtm.com
1	fonts.gstatic.com	fonts.googleapis.com
1	us.cobrowse.pega.com	dcu-auth.bup.net
49	22

This site contains no links.

Subject Issuer	Validity	Valid
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.cobrowse.pega.com Amazon RSA 2048 M02	`2023-02-10` - `2024-03-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
frame.gleap.io GTS CA 1P5	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-21` - `2024-05-21`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://dcu-auth.bup.net/dcu/
Frame ID: 085B5363347BCAACDD922A74263B0614
Requests: 36 HTTP requests in this frame

Frame: https://frame.gleap.io/
Frame ID: 919124D28BFEA00389EE671E5F3076C2
Requests: 3 HTTP requests in this frame

Frame: https://dcu.demdex.net/dest5.html?d_nsid=0
Frame ID: 3D2054C7C32AC5E65CE21476483D9ECD
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DCU Online - Login

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

49
Requests

57 %
HTTPS

33 %
IPv6

20
Domains

22
Subdomains

15
IPs

3
Countries

1720 kB
Transfer

7003 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://cm.everesttech.net/cm/dd?d_uuid=45102471329042432760750800045250853021 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYNq2AAAAJcH1AO-

Request Chain 39

https://c.bing.com/c.gif?uid=45102471329042432760750800045250853021&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=353F356AC6CB6CC80F072687C7676D30

Request Chain 40

https://ps.eyeota.net/match?bid=6j5b2cv&uid=45102471329042432760750800045250853021&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 41

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=45102471329042432760750800045250853021 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-6763237988328650052

Request Chain 43

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=45102471329042432760750800045250853021?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 44

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=45102471329042432760750800045250853021&_ct=img HTTP 302
https://mid.rkdms.com/restricted

Request Chain 45

https://sync.srv.stackadapt.com/sync?nid=adobe HTTP 302
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=xzL0JbN6WlZxoQQYegnXlFD_B2Y

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dcu-auth.bup.net/dcu/ 30 KB
31 KB 1142ms
354ms Document
text/html 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: faf6ee500152e73b13b0f133f91f864b0ede0e2fb1639e5325b9fb910fdbfa9f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 30968
Content-Type: text/html
Date: Wed, 20 Dec 2023 22:29:42 GMT
ETag: "1dc0ca6-78f8-5e68f6887df00"
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 19 Aug 2022 03:08:12 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 142 KB
43 KB 198ms
79ms Script
application/javascript 18.165.183.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-10.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edf69752fc847b4454a787d73dbb01808e15a96234ebe5f1f699ef0d23d85c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 18:48:53 GMT
x-amz-version-id: fOIHkauKy0qd7Jv_JignGT1Fy5S_5X8M
content-encoding: gzip
via: 1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-amz-request-id: KATXKY01ERS2JJJ5
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
age: 13250
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: xTa2KOe+rXmRFgfl8/qA6It3f6nvwBfY81w5lnGdY4gkmjyPB57l34meUKLmX4+vuy2U6wu74DiMRTb2koegO/QvJ9V9vPJQCpS82OnxHk4=
last-modified: Wed, 20 Dec 2023 17:58:49 GMT
server: AmazonS3
etag: W/"33381675d45c305eff15906a8fe50fba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: pVIsL3Gjqrc4WNhrYjp45wqFD8rzMfICmUhypfqvCM05FHyP1h_T-w==

GET
H/1.1 404
Not Found config.js
dcu-auth.bup.net/dcu/js/ 0
0 205ms
203ms Script
text/html 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/js/config.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found loader_only.js
dcu-auth.bup.net/dcu/js/ 0
0 204ms
204ms Script
text/html 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/js/loader_only.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:43 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK vendor.7de76d70.css
dcu-auth.bup.net/dcu/css/ 435 KB
435 KB 382ms
199ms Stylesheet
text/css 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/css/vendor.7de76d70.css
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 830c662b25beb468bb939cdb6649edbb7b13c7225afa529b20d6862241877a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Last-Modified: Fri, 19 Aug 2022 02:51:30 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
ETag: "1dc0ca1-6ca34-5e68f2cce9080"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 444980

GET
H/1.1 200
OK app.7b1cd472.css
dcu-auth.bup.net/dcu/css/ 3 KB
3 KB 384ms
198ms Stylesheet
text/css 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/css/app.7b1cd472.css
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: a96b470af21607586d13477faa3389db771879c865f4be78b3db4f2624dfba52

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Last-Modified: Fri, 19 Aug 2022 02:51:00 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
ETag: "1dc0c9e-a94-5e68f2b04cd00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2708

GET
H/1.1 200
OK 64.64d4d70e.css
dcu-auth.bup.net/dcu/css/ 774 B
1 KB 389ms
201ms Stylesheet
text/css 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/css/64.64d4d70e.css
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 138a2c46b71532038ec611610575b2b709de80508ceaf9c73d3de140847ceb6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Last-Modified: Fri, 19 Aug 2022 02:50:42 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
ETag: "1dc0c9d-306-5e68f29f22480"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 774

GET
H/1.1 404
Not Found 64.390011c5.js
dcu-auth.bup.net/dcu/js/ 0
0 403ms
199ms Script
text/html 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/js/64.390011c5.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK chunk-common.d06af608.css
dcu-auth.bup.net/dcu/css/ 13 KB
13 KB 393ms
203ms Stylesheet
text/css 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/css/chunk-common.d06af608.css
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: c68f6f80ec1fb457c7b8a3a1e1fefe3ffbb4e276fc80f38ef8b35df8ab5715e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Last-Modified: Fri, 19 Aug 2022 02:51:12 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
ETag: "1dc0c9f-342d-5e68f2bbbe800"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13357

GET
H/1.1 404
Not Found chunk-common.112fec58.js
dcu-auth.bup.net/dcu/js/ 0
0 579ms
195ms Script
text/html 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/js/chunk-common.112fec58.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 2.658b5c49.css
dcu-auth.bup.net/dcu/css/ 2 KB
2 KB 393ms
204ms Stylesheet
text/css 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/css/2.658b5c49.css
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: 4b71b799a4bd1d311e45d774fc3d959c085921f5a6d695ee4bf53486238bd58a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Last-Modified: Fri, 19 Aug 2022 02:50:30 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
ETag: "1dc0c9c-6f5-5e68f293b0980"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1781

GET
H/1.1 404
Not Found 2.a6ab680e.js
dcu-auth.bup.net/dcu/js/ 0
0 587ms
199ms Script
text/html 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/js/2.a6ab680e.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
19 KB 190ms
57ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

05bde4545e394a73f41e5be112ba8fc2f159c7e220b977a9c3bbed4e6b059a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Dec 2023 22:29:42 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.5.0/ 505 B
1 KB 193ms
58ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.5.0/logo.js

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

58b9ddf5ef38dfd501de57495f947aab4a9031cf304e81a51b8130bf62125328

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Thu, 19 Dec 2024 22:29:42 GMT

GET
H2 200 launch-1574d0b03693.min.js Show response
assets.adobedtm.com/c710ed4af822/4edff89d26dd/ 199 KB
56 KB 151ms
40ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8ae4ca545f892c67f90978bae8a9c0aa9099bd5afa68f372715d6e8dd784d473

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 11:20:03 GMT
server: AkamaiNetStorage
etag: "47c52a2397a1745428fc4244b6f391c1:1682680803.908544"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://dcu-auth.bup.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 56839
expires: Wed, 20 Dec 2023 23:29:43 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 39ms
39ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://dcu-auth.bup.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Wed, 20 Dec 2023 23:29:43 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 40ms
39ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://dcu-auth.bup.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Wed, 20 Dec 2023 23:29:43 GMT

GET
H2 200 loadScripts Show response
us.cobrowse.pega.com/cobrowse/ 508 B
1 KB 140ms
119ms Script
application/javascript 18.210.30.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us.cobrowse.pega.com/cobrowse/loadScripts
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.30.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-30-70.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
server: nginx
x-powered-by: Express
etag: W/"1fc-7h1D3lVTGQGfiwcTpoOkY4A6m0E"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
content-length: 508

GET
H2 200 customer.js Show response
usassets.cobrowse.pega.com/assets/scripts/final/ 2 MB
279 KB 118ms
118ms Script
application/javascript 18.210.30.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.30.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-30-70.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 80072e3ba2648e63a98e513d6274d85db1cced79422b63761b6a6001c929fd1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
last-modified: Fri, 20 Oct 2023 09:19:19 GMT
server: nginx
etag: "65324617-45905"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 284933

GET
H2 200 default.css
usassets.cobrowse.pega.com/assets/stylesheets/customer/final/ 14 KB
4 KB 397ms
118ms Stylesheet
text/css 18.210.30.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.30.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-30-70.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0a91022b9da445fe9aaa584256fdf5d53cd999dbe519c1d6b7fef932ff23febf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:42 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 11:50:50 GMT
server: nginx
etag: "639b0a1a-da1"
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3489

GET
H/1.1 200
OK dcuLogoDark.png
dcu-auth.bup.net/dcu/ 8 KB
8 KB 204ms
204ms Image
image/png 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dcu-auth.bup.net/dcu/dcuLogoDark.png
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/dcu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:42 GMT
Last-Modified: Fri, 19 Aug 2022 02:49:04 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
ETag: "1dc0ca5-1e3f-5e68f241ac800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7743

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 146ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/css/64.64d4d70e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d5389c7f119dc4c74da821a932f6530191de67aa19a9274a134c0b2155f42b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 22:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 22:29:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 22:29:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
847 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/css/vendor.7de76d70.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d5389c7f119dc4c74da821a932f6530191de67aa19a9274a134c0b2155f42b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 22:24:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 22:29:43 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1365/ 0
43 KB 51ms
51ms Other
application/javascript 18.165.183.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1365/link-dynamic-loader.js
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-10.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:47:02 GMT
x-amz-version-id: 6iBAahzn_N1OPiwT6JExUuyt.2WyzyRL
content-encoding: gzip
via: 1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 52962
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Aug 2022 08:23:16 GMT
server: AmazonS3
etag: W/"94fa37b337b2581ed9a86a938d920efb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-id: iMwUNmKP3ANgl4Uw6uX5yz8bLmL8AGYJIbXkQmhmQFDqf8l97vxYkQ==

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 56ms
55ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3132bfe150ae7730f830f19ebec628879dfee1c2b7428bc9f7c55f5b31e4e340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:43 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Thu, 19 Dec 2024 22:29:43 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://dcu-auth.bup.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:14:35 GMT
x-content-type-options: nosniff
age: 191708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:14:35 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 58ms
58ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.3050445637967567

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6b69a96e4cd4c8f1458d065ab7ee044479d3e5c92c7fb5d24c9676234f646619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: http://dcu-auth.bup.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Wed, 20 Dec 2023 22:29:43 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 2 KB
1 KB 234ms
58ms XHR
application/json 52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1703111383541

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7eeb136f14c3c131f1997fc5d0f9e6e74d65bf4f683a24c0da7ec13c7e702dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://dcu-auth.bup.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v054-045ff60d9.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: yad5O1qWRgQ=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: http://dcu-auth.bup.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 836
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 48ms
47ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://dcu-auth.bup.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Wed, 20 Dec 2023 23:29:43 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 51ms
50ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://dcu-auth.bup.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Wed, 20 Dec 2023 23:29:43 GMT

GET
H2 200 / Show response
frame.gleap.io/ Frame 9191 638 B
858 B 224ms
93ms Document
text/html 2606:4700:20::681a:d07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frame.gleap.io/

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746c569694554e343e044a5e23158d6ecea90230c2ee7c3007291303a6a26399

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dcu-auth.bup.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838b536419d392ba-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 22:29:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZbZNptKvyeMe1m2RHlQ3JUukCrGRA5ExzeA9tMN3XhQW3QIH9fOoPf3sABpfRIrcjwBi2Fka6AkqCbm%2BXmo3T7ULqWcPrFZcnvIHZFNfIr7oZ90I7B7%2FZQU6M0mxeI%2Bn3jGyuxlQqNKk2LLUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 customer.js Show response
usassets.cobrowse.pega.com/assets/scripts/final/ 2 MB
279 KB 348ms
347ms Script
application/javascript 18.210.30.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
Requested by: Host: us.cobrowse.pega.com
URL: https://us.cobrowse.pega.com/cobrowse/loadScripts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.30.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-30-70.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 80072e3ba2648e63a98e513d6274d85db1cced79422b63761b6a6001c929fd1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: gzip
last-modified: Fri, 20 Oct 2023 09:19:19 GMT
server: nginx
etag: "65324617-45905"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 284933

GET
H2 200 dest5.html Show response
dcu.demdex.net/ Frame 3D20 7 KB
3 KB 72ms
56ms Document
text/html 52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dcu.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://dcu-auth.bup.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 20 Dec 2023 22:29:43 GMT
dcs: dcs-prod-irl1-2-v054-057f1d7f2.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Nov 2023 17:05:39 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: b+OUE9HrRxU=

GET
H2 200 id Show response
digitalfederalcreditunion.sc.omtrdc.net/ 2 B
267 B 172ms
55ms XHR
application/x-javascript 63.140.62.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfederalcreditunion.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=44976514582110205720762836068240328653&ts=1703111383781

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dcu-auth.bup.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: http://dcu-auth.bup.net
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZYNq2AAAAJcH1AO-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=45102471329042432760750800045250853021
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYNq2AAAAJcH1AO-

42 B
716 B

58ms
57ms

Image
image/gif

52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYNq2AAAAJcH1AO-

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/

Protocol

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0be504dcd.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: F2zp+VUVTVI=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYNq2AAAAJcH1AO-
Date: Wed, 20 Dec 2023 22:29:44 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 main.49337f82.js Show response
frame.gleap.io/static/js/ Frame 9191 2 MB
410 KB 94ms
93ms Script
application/javascript 2606:4700:20::681a:d07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frame.gleap.io/static/js/main.49337f82.js

Requested by

Host: frame.gleap.io
URL: https://frame.gleap.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a73f651099fb5bf24aa89cf2e937264dd15304df3ecc247a1859c5ef9d6b010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://frame.gleap.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"24d941479f0c23e28dffaa4fee855707"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CaBAVB9CPPCzGJ%2FSs2iF6JbmRhzrZsOKyGjrJgQSxwiwDNHzZEriPsfldpcM5pAUivnf3mZhxrpdfVwEq2josQQtrPA2YcTyz7RIhctOfam7yRhtdWZpZyfaT76ZDcLqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 838b5364ca5e92ba-FRA

GET
H2 200 main.780ccf56.css
frame.gleap.io/static/css/ Frame 9191 88 KB
13 KB 144ms
143ms Stylesheet
text/css 2606:4700:20::681a:d07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frame.gleap.io/static/css/main.780ccf56.css

Requested by

Host: frame.gleap.io
URL: https://frame.gleap.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ea07a6e8ad0b1de323363e4adc093d3d9730b0e2094bb42a7906628b308736

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://frame.gleap.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1f7ab948ec74cfe6f547268701261827"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej%2BNwaAAKbRd5Zt2BbRCIZrPNZdrCBxQufEaIdUiWjJg0V3VrI3R%2BcgxcLaffHzzTGeSPZuznVnC9WwOrDLLv2goDjVtCRL7b3I61SuAR5wGWEic2NY%2B1E1BycvDjT9n2FEaT%2FuDdPt%2F2%2BBpjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 838b5364ca5c92ba-FRA

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame 3D20 0
98 B 146ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=45102471329042432760750800045250853021
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK s54222585282689
digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.23.0-LDQM/ 43 B
534 B 108ms
56ms Image
image/gif 63.140.62.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.23.0-LDQM/s54222585282689?AQB=1&ndh=1&pf=1&t=20%2F11%2F2023%2023%3A29%3A43%203%20-60&vid=44976514582110205720762836068240328653&mid=44976514582110205720762836068240328653&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Adcu%3A&g=http%3A%2F%2Fdcu-auth.bup.net%2Fdcu%2F&c.&inList=3.0&getVisitDuration=2.1.1&getTimeSinceLastVisit=2.0.1&formatTime=2.0&apl=4.0&getTimeParting=6.3&p_fo=3.0&getVisitNum=4.2.1&endOfDatePeriod=1.2&getNewRepeat=3.0.1&getPercentPageViewed=5.0.2&handlePPVevents=4.0&.c&cc=USD&ch=dcu&server=dcu-auth.bup.net&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=dcu&c9=D%3Dv9&v9=http%3A%2F%2Fdcu-auth.bup.net%2Fdcu%2F&c10=undefined&v10=D%3Dc10&v11=projectfinance%3Aen%3Adcu%3A&c12=highestPercentViewed%3D%20%7C%20initialPercentViewed%3D%20%7C%20foldsSeen%3D%20%7C%20foldsAvailable%3D&v12=year%3D2023%20%7C%20month%3DDecember%20%7C%20date%3D20%20%7C%20day%3DWednesday%20%7C%20time%3D10%3A29%20PM&v13=New&c14=20&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=44976514582110205720762836068240328653&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1

Requested by

Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/

Protocol

HTTP/1.1

Server

63.140.62.214 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Dec 2023 22:29:44 GMT
server: jag
etag: 3657403848765145088-4617890965819487410
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 19 Dec 2023 22:29:44 GMT

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame 3D20 43 B
205 B 281ms
144ms Image
image/gif 2606:4700:4400::ac40:97ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=45102471329042432760750800045250853021
Requested by: Host: dcu-auth.bup.net
URL: http://dcu-auth.bup.net/dcu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:4400::ac40:97ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:44 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 20 Jun 2023 14:48:54 GMT
server: cloudflare
etag: "6491bc56-2b"
content-type: image/gif
accept-ranges: bytes
cf-ray: 838b5368090b5d76-FRA
content-length: 43

GET
H2

200

ibs:dpid=1957&dpuuid=353F356AC6CB6CC80F072687C7676D30
dpm.demdex.net/ Frame 3D20
Redirect Chain

https://c.bing.com/c.gif?uid=45102471329042432760750800045250853021&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=353F356AC6CB6CC80F072687C7676D30

42 B
716 B

58ms
58ms

Image
image/gif

52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=353F356AC6CB6CC80F072687C7676D30

Protocol

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0b71ea9a0.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: VIgyFXXUTXA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 22:29:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C10BEDD8CC354060A66433E1664AC221 Ref B: FRA31EDGE0822 Ref C: 2023-12-20T22:29:44Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=353F356AC6CB6CC80F072687C7676D30
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3D20
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=45102471329042432760750800045250853021&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
730 B

57ms
56ms

Image
image/gif

52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0752fc470.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: YbvNJuadRIY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 303,104
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Wed, 20 Dec 2023 22:29:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

ibs:dpid=575&dpuuid=-6763237988328650052
dpm.demdex.net/ Frame 3D20
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=45102471329042432760750800045250853021
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-6763237988328650052

42 B
715 B

58ms
58ms

Image
image/gif

52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=-6763237988328650052

Protocol

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0d3c4063c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 6oBNvRRAQMc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=-6763237988328650052
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/adobe/ Frame 3D20 0
187 B 153ms
44ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/adobe/usersync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D82530%26dpuuid%3D%24UUID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame 3D20
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=45102471329042432760750800045250853021?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
729 B

57ms
57ms

Image
image/gif

52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Protocol

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-05129358f.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: LU5ykEcgRUo=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 22:29:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control: no-cache
x-server: 10.45.7.14
content-length: 0
expires: 0

GET
H2

200

restricted
mid.rkdms.com/ Frame 3D20
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=45102471329042432760750800045250853021&_ct=img
https://mid.rkdms.com/restricted

0
0

128ms
128ms

Image
text/html

52.5.50.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Protocol: H2
Server: 52.5.50.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-50-31.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 22:29:45 GMT
server: awselb/2.0
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://mid.rkdms.com/restricted
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0

GET
H2

200

ibs:dpid=390122&dpuuid=xzL0JbN6WlZxoQQYegnXlFD_B2Y
dpm.demdex.net/ Frame 3D20
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adobe
https://dpm.demdex.net/ibs:dpid=390122&dpuuid=xzL0JbN6WlZxoQQYegnXlFD_B2Y

42 B
715 B

58ms
58ms

Image
image/gif

52.215.118.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=390122&dpuuid=xzL0JbN6WlZxoQQYegnXlFD_B2Y

Protocol

Server

52.215.118.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-118-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcu.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-022e7ff67.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 20 Dec 2023 22:29:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: lH/4BjMSSVg=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=390122&dpuuid=xzL0JbN6WlZxoQQYegnXlFD_B2Y
Date: Wed, 20 Dec 2023 22:29:45 GMT
Connection: keep-alive
Content-Length: 100
Content-Type: text/html; charset=utf-8

GET
H2 200 default.css
usassets.cobrowse.pega.com/assets/stylesheets/customer/final/ 14 KB
4 KB 118ms
118ms Stylesheet
text/css 18.210.30.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
Requested by: Host: usassets.cobrowse.pega.com
URL: https://usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.30.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-30-70.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0a91022b9da445fe9aaa584256fdf5d53cd999dbe519c1d6b7fef932ff23febf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcu-auth.bup.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:29:46 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 11:50:50 GMT
server: nginx
etag: "639b0a1a-da1"
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3489

GET
H/1.1 404
Not Found config Show response
dcu-auth.bup.net/dcu/undefined/api/ 315 B
564 B 198ms
197ms XHR
text/html 98.143.144.55
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://dcu-auth.bup.net/dcu/undefined/api/config?messagesType=customer&language=en-US&company=
Requested by: Host: usassets.cobrowse.pega.com
URL: https://usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
Protocol: HTTP/1.1
Server: 98.143.144.55 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://dcu-auth.bup.net/dcu/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 22:29:46 GMT
Server: Apache/2.4.57 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Digital Federal Credit Union (Banking) DCU (Banking)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mpsnare.iesnare.com/	1970-01-21 01:50:47	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: rqjA0ytyG9IulnNhfWvronEKib69e0ukTglWQXijh6w=
us.cobrowse.pega.com/	1970-01-20 17:15:16	Name: AWSALBCORS Value: LZD3wrTRfx1drv4nsm29nikNEWJHNsYS0eSy92QiAV5jFAcWQNENDippos9Nf6Oxb79DH+pjk1p6fVPKsgxZHPZ1BiSAe87aCL1k3g7amd8YibR07SsV/pnSMgxb
us.cobrowse.pega.com/	1970-01-20 17:08:04	Name: connect.sid Value: s%3AFfvCZe5gmkJUr4o6GOvRkpbO02av5bpk.1yU7UbgqKILCOEn5Qv4eccm%2B0lD94JCqnq0yUN179JU
.demdex.net/	1970-01-20 21:24:23	Name: demdex Value: 45102471329042432760750800045250853021
.bup.net/	1969-12-31 23:59:59	Name: AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg Value: 1
.bup.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-21 01:50:47	Name: everest_g_v2 Value: g_surferid~ZYNq2AAAAJcH1AO-
.dpm.demdex.net/	1970-01-20 21:24:23	Name: dpm Value: 45102471329042432760750800045250853021
.bup.net/	1970-01-21 02:41:11	Name: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19712%7CMCMID%7C44976514582110205720762836068240328653%7CMCAAMLH-1703716183%7C6%7CMCAAMB-1703716183%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1703118583s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19719%7CvVersion%7C5.5.0
.bing.com/	1970-01-21 02:26:47	Name: MUID Value: 353F356AC6CB6CC80F072687C7676D30
.c.bing.com/	1970-01-20 17:15:16	Name: MR Value: 0
.eyeota.net/	1970-01-20 17:05:11	Name: SERVERID Value: 17181~DM
.demdex.net/	1970-01-20 21:24:23	Name: dextp Value: 60-1-1703111383864\|477-1-1703111383987\|992-1-1703111384173\|1957-1-1703111384303\|30064-1-1703111384435\|575-1-1703111384536\|82530-1-1703111384637\|121998-1-1703111384737\|129099-1-1703111384839\|390122-1-1703111384940
sync.srv.stackadapt.com/	1970-01-21 01:50:47	Name: sa-user-id Value: s%3A0-c732f425-b37a-5a56-71a1-04187a09d794.0aLeS5q6gAiMwXHnOBO8VnphKuoMZGIIf0GnJdTCNII
.srv.stackadapt.com/	1970-01-21 01:50:47	Name: sa-user-id Value: s%3A0-c732f425-b37a-5a56-71a1-04187a09d794.0aLeS5q6gAiMwXHnOBO8VnphKuoMZGIIf0GnJdTCNII
sync.srv.stackadapt.com/	1970-01-21 01:50:47	Name: sa-user-id-v2 Value: s%3AxzL0JbN6WlZxoQQYegnXlFD_B2Y.vhuoBZuTSIwEHGCO4Ffg4hbyQw%2BA67ECD2IGI18GnsI
.srv.stackadapt.com/	1970-01-21 01:50:47	Name: sa-user-id-v2 Value: s%3AxzL0JbN6WlZxoQQYegnXlFD_B2Y.vhuoBZuTSIwEHGCO4Ffg4hbyQw%2BA67ECD2IGI18GnsI
sync.srv.stackadapt.com/	1970-01-21 01:50:47	Name: sa-user-id-v3 Value: s%3AAQAKIKIIJVc-Zd3NFzvZo4z2w6qonoUAJmLZGxXB1ah4SS0IEHwYBCDZ1Y2sBjABOgQ8w7t9QgTVr8D8.ewIXcYb4CAyvC57dqeIXLq%2BggYMsVMBAgDAlR9%2F9yNI
.srv.stackadapt.com/	1970-01-21 01:50:47	Name: sa-user-id-v3 Value: s%3AAQAKIKIIJVc-Zd3NFzvZo4z2w6qonoUAJmLZGxXB1ah4SS0IEHwYBCDZ1Y2sBjABOgQ8w7t9QgTVr8D8.ewIXcYb4CAyvC57dqeIXLq%2BggYMsVMBAgDAlR9%2F9yNI
usassets.cobrowse.pega.com/	1970-01-20 17:15:16	Name: AWSALBCORS Value: snyPZOipI6ZydhMOXJrrGA32RcFLEONhJc3PFunNm7Mx0gnlkyg+CTqdm9+uPQAYXWClTXYk8A2rK6L+tO19fW5eOYlSSI+rI5AQKlLTC2E8xIZ0ywoBbGHNHWu0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://dcu-auth.bup.net/dcu/js/config.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://dcu-auth.bup.net/dcu/js/64.390011c5.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://dcu-auth.bup.net/dcu/js/chunk-common.112fec58.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://dcu-auth.bup.net/dcu/js/2.a6ab680e.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://dcu-auth.bup.net/dcu/js/loader_only.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=45102471329042432760750800045250853021 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: http://dcu-auth.bup.net/dcu/undefined/api/config?messagesType=customer&language=en-US&company= Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
c.bing.com
cdn.plaid.com
cm.everesttech.net
dcu-auth.bup.net
dcu.demdex.net
digitalfederalcreditunion.sc.omtrdc.net
dpm.demdex.net
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
frame.gleap.io
idpix.media6degrees.com
idsync.rlcdn.com
mid.rkdms.com
mpsnare.iesnare.com
pixel-sync.sitescout.com
ps.eyeota.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
us.cobrowse.pega.com
usassets.cobrowse.pega.com
18.165.183.10
18.210.30.70
2600:1901:0:8eee::
2606:4700:20::681a:d07
2606:4700:4400::ac40:97ee
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:81c::2003
2a02:26f0:3500:591::1e80
3.124.210.90
34.243.189.130
35.244.174.68
52.215.118.143
52.5.50.31
54.197.120.184
54.228.71.178
54.77.9.4
63.140.62.164
63.140.62.214
98.143.144.55
98.98.134.242
05bde4545e394a73f41e5be112ba8fc2f159c7e220b977a9c3bbed4e6b059a5b
0a91022b9da445fe9aaa584256fdf5d53cd999dbe519c1d6b7fef932ff23febf
138a2c46b71532038ec611610575b2b709de80508ceaf9c73d3de140847ceb6b
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
19ea07a6e8ad0b1de323363e4adc093d3d9730b0e2094bb42a7906628b308736
1d5389c7f119dc4c74da821a932f6530191de67aa19a9274a134c0b2155f42b4
3132bfe150ae7730f830f19ebec628879dfee1c2b7428bc9f7c55f5b31e4e340
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b71b799a4bd1d311e45d774fc3d959c085921f5a6d695ee4bf53486238bd58a
58b9ddf5ef38dfd501de57495f947aab4a9031cf304e81a51b8130bf62125328
6b69a96e4cd4c8f1458d065ab7ee044479d3e5c92c7fb5d24c9676234f646619
746c569694554e343e044a5e23158d6ecea90230c2ee7c3007291303a6a26399
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eeb136f14c3c131f1997fc5d0f9e6e74d65bf4f683a24c0da7ec13c7e702dde
80072e3ba2648e63a98e513d6274d85db1cced79422b63761b6a6001c929fd1d
830c662b25beb468bb939cdb6649edbb7b13c7225afa529b20d6862241877a4e
8ae4ca545f892c67f90978bae8a9c0aa9099bd5afa68f372715d6e8dd784d473
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a73f651099fb5bf24aa89cf2e937264dd15304df3ecc247a1859c5ef9d6b010c
a96b470af21607586d13477faa3389db771879c865f4be78b3db4f2624dfba52
c68f6f80ec1fb457c7b8a3a1e1fefe3ffbb4e276fc80f38ef8b35df8ab5715e8
d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf69752fc847b4454a787d73dbb01808e15a96234ebe5f1f699ef0d23d85c6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82
faf6ee500152e73b13b0f133f91f864b0ede0e2fb1639e5325b9fb910fdbfa9f

dcu-auth.bup.net Open in urlscan Pro 98.143.144.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

57 %HTTPS

33 %IPv6

20 Domains

22 Subdomains

15 IPs

3 Countries

1720 kBTransfer

7003 kBSize

20 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dcu-auth.bup.net Open in urlscan Pro
98.143.144.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

57 %
HTTPS

33 %
IPv6

20
Domains

22
Subdomains

15
IPs

3
Countries

1720 kB
Transfer

7003 kB
Size

20
Cookies

49 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!