urlscan.io logo urlscan.io
SecurityTrails logo

dashboard.duitku.com Open in urlscan Pro
172.67.22.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sandbox.gateway.aspireapp.com/
Effective URL: https://dashboard.duitku.com/Account/Login
Submission: On September 19 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 59 HTTP transactions. The main IP is 172.67.22.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is dashboard.duitku.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 7th 2023. Valid for: a year.
This is the only time dashboard.duitku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    104.18.17.61 (None, )

ASN13335 (CLOUDFLARENET, US)
sandbox.gateway.aspireapp.com
3    104.22.52.208 (None, )

ASN13335 (CLOUDFLARENET, US)
passport.duitku.com
dashboard.duitku.com
35    172.67.22.96 (United States)

ASN13335 (CLOUDFLARENET, US)
dashboard.duitku.com
2    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    142.250.80.36 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net
www.google.com
2    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    142.251.41.8 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
1    142.250.81.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
38 duitku.com
passport.duitku.com
dashboard.duitku.com
1 MB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
td.doubleclick.net — Cisco Umbrella Rank: 189
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
401 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 140
967 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
73 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
4 KB
2 aspireapp.com
sandbox.gateway.aspireapp.com
502 B
1 gstatic.com
www.gstatic.com
213 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 670
7 KB
0 facebook.com Failed
www.facebook.com Failed
59 11
Domain Requested by
37 dashboard.duitku.com 2 redirects dashboard.duitku.com
static.cloudflareinsights.com
4 www.googletagmanager.com dashboard.duitku.com
www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.google.com dashboard.duitku.com
www.gstatic.com
2 td.doubleclick.net www.googletagmanager.com
2 connect.facebook.net dashboard.duitku.com
connect.facebook.net
2 fonts.googleapis.com dashboard.duitku.com
2 sandbox.gateway.aspireapp.com 2 redirects
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.gstatic.com www.google.com
1 static.cloudflareinsights.com dashboard.duitku.com
1 passport.duitku.com 1 redirects
0 www.facebook.com Failed
59 15

This site contains links to these domains. Also see Links.

Domain
www.duitku.com
docs.duitku.com
aspireapp.com
Subject Issuer Validity Valid
*.duitku.com
Thawte TLS RSA CA G1		 2023-09-07 -
2024-09-30		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://dashboard.duitku.com/Account/Login
Frame ID: 944E2A922E753BE56D1321B902B03618
Requests: 55 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10853321661?random=1726732734357&cv=11&fst=1726732734357&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49h0v876280435z8840837472za201zb840837472&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&hn=www.googleadservices.com&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&npa=0&pscdl=noapi&auid=986841577.1726732734&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 78BFBC1114FB6389EDF4FA8CD430135D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-VMSEK6LKPN&gacid=163087608.1726732734&gtm=45je49h0v890854532z8840837472za200zb840837472&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1525026848
Frame ID: 8965E8005E21E85B81EA692452E6B5EA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=en&v=EGbODne6buzpTnWrrBprcfAY&theme=light&size=normal&cb=md6f9vi1j2kd
Frame ID: 0E980B63C26FD3E140242869D9B8BD8E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=EGbODne6buzpTnWrrBprcfAY&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe
Frame ID: 8386EE1F66B1CCD3AA321C939F998629
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Duitku | Merchant Login

Page URL History Show full URLs

  1. https://sandbox.gateway.aspireapp.com/ HTTP 302
    https://sandbox.gateway.aspireapp.com/Merchant HTTP 302
    https://passport.duitku.com/merchant?ReturnUrl=%2fMerchant HTTP 307
    https://dashboard.duitku.com/ HTTP 302
    https://dashboard.duitku.com/Account/RedirectToLogin?ReturnUrl=%2f HTTP 302
    https://dashboard.duitku.com/Account/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

95 %
HTTPS

53 %
IPv6

11
Domains

15
Subdomains

14
IPs

2
Countries

1891 kB
Transfer

4488 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sandbox.gateway.aspireapp.com/ HTTP 302
    https://sandbox.gateway.aspireapp.com/Merchant HTTP 302
    https://passport.duitku.com/merchant?ReturnUrl=%2fMerchant HTTP 307
    https://dashboard.duitku.com/ HTTP 302
    https://dashboard.duitku.com/Account/RedirectToLogin?ReturnUrl=%2f HTTP 302
    https://dashboard.duitku.com/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
dashboard.duitku.com/Account/
Redirect Chain
  • https://sandbox.gateway.aspireapp.com/
  • https://sandbox.gateway.aspireapp.com/Merchant
  • https://passport.duitku.com/merchant?ReturnUrl=%2fMerchant
  • https://dashboard.duitku.com/
  • https://dashboard.duitku.com/Account/RedirectToLogin?ReturnUrl=%2f
  • https://dashboard.duitku.com/Account/Login
54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc465dc1fef52a2389e2f68b8bae5ebf1d5b90f530ab28f5f19401df3cbe5d50
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
8c580862fe9e749e-MIA
content-encoding
br
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 07:58:50 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
8c58085b39323dd3-MIA
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 07:58:48 GMT
location
/Account/Login
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 07:58:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 07:58:50 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 19 Sep 2024 06:33:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.min.css
dashboard.duitku.com/Content/metronic/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/font-awesome.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"b2793461cf9dd91:0"
x-content-type-options
nosniff
cf-ray
8c58086c3963749e-MIA
date
Thu, 19 Sep 2024 07:58:51 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:39 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
simple-line-icons.min.css
dashboard.duitku.com/Content/metronic/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/simple-line-icons.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad40d1b1a7c6baddfdc75a9a07aef0b14a97427fb777c1518073057bf38ffc73
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5afa9f61cf9dd91:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:51 GMT
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:40 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c58086c3965749e-MIA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
bootstrap.min.css
dashboard.duitku.com/Content/metronic/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/bootstrap.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4120ed2329fdcfb49b7040ac686a623ac76b962b5f0e46985cfdd099bd5b3e04
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"83dce060cf9dd91:0"
x-content-type-options
nosniff
cf-ray
8c58086c3966749e-MIA
date
Thu, 19 Sep 2024 07:58:51 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:39 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
bootstrap-switch.min.css
dashboard.duitku.com/Content/metronic/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/bootstrap-switch.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574a3f272a5bf61b3f372d2bbf820e973eb70e7ab66715e44302e2d3e2534b0d
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2687d260cf9dd91:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:50 GMT
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:39 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c58086c3968749e-MIA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
select2.min.css
dashboard.duitku.com/Content/metronic/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/select2.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea237985427db5573da7d02e2ce688fe2337a308f9a08dbd73697430f6bc0aed
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"136c9661cf9dd91:0"
x-content-type-options
nosniff
cf-ray
8c58086c396a749e-MIA
date
Thu, 19 Sep 2024 07:58:50 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
select2-bootstrap.min.css
dashboard.duitku.com/Content/metronic/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/select2-bootstrap.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47541c03df82d19eeaa45e593ad5e973f330c4f3d75308f08c967fed80effa58
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"667a8a61cf9dd91:0"
x-content-type-options
nosniff
cf-ray
8c58086c396b749e-MIA
date
Thu, 19 Sep 2024 07:58:51 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
components.min.css
dashboard.duitku.com/Content/metronic/ 		686 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/components.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c27f521fa240cf38d3864bd83ed6775fcf2387cfc0cb28f2a95ed09b91f9e3
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0603db67e97da1:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:51 GMT
content-type
text/css
last-modified
Fri, 26 Apr 2024 02:09:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c58086c396c749e-MIA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
plugins.min.css
dashboard.duitku.com/Content/metronic/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/plugins.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da64bf513e7fa57a02f9231408fc4aeb2302a499387b247d98e0d65ce040b936
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"b14f8361cf9dd91:0"
x-content-type-options
nosniff
cf-ray
8c58086c396e749e-MIA
date
Thu, 19 Sep 2024 07:58:51 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
login-5.min.css
dashboard.duitku.com/Content/metronic/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/login-5.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6009727c78222b1f6b7747ca114130ba10e6549fb0c90092d3ce29895368124e
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"05e7a6aba49da1:0"
x-content-type-options
nosniff
cf-ray
8c58086c396f749e-MIA
date
Thu, 19 Sep 2024 07:58:51 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Thu, 18 Jan 2024 02:59:56 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
ladda-themeless.min.css
dashboard.duitku.com/Content/metronic/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/ladda-themeless.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6ee44fc23aa59eac8c075dd11852665c5fe7b5f001779cc5a4373638fff0cf
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"c9b25a61cf9dd91:0"
x-content-type-options
nosniff
cf-ray
8c58086c3971749e-MIA
date
Thu, 19 Sep 2024 07:58:51 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Tue, 13 Jun 2023 08:16:40 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
merge.css
dashboard.duitku.com/Content/ 		116 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/merge.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219c94242007328c455a8a5792dc7918769e5d55e51dd5652138830354a35700
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"04935e74e1da1:0"
x-content-type-options
nosniff
cf-ray
8c58086c3972749e-MIA
date
Thu, 19 Sep 2024 07:58:51 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/css
last-modified
Mon, 29 Jul 2024 05:01:28 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 07:58:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 07:58:50 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 19 Sep 2024 07:04:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
duitku-logo-registration.png
dashboard.duitku.com/Content/Image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.duitku.com/Content/Image/duitku-logo-registration.png
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e9c2ac6c3adf14dbf5a822c00a9ac0c0dd5b376a97fcef49e21fc4f8232037
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

cf-cache-status
HIT
etag
"0d25dc4b7edd71:0"
cf-bgj
imgq:100,h2pri
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=6484
date
Thu, 19 Sep 2024 07:58:51 GMT
content-type
image/webp
content-disposition
inline; filename="duitku-logo-registration.webp"
vary
Accept, Accept-Encoding
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c58086d89dc749e-MIA
accept-ranges
bytes
content-length
2396
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
rocket-loader.min.js
dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66e7fb1c-302c"
x-content-type-options
nosniff
cf-ray
8c58086da9eb749e-MIA
expires
Sat, 21 Sep 2024 07:58:50 GMT
date
Thu, 19 Sep 2024 07:58:50 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 09:32:12 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dashboard.duitku.com
Referer
https://dashboard.duitku.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8c58086e2b38a69b-MIA
access-control-allow-origin
*
date
Thu, 19 Sep 2024 07:58:50 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f4.1e100.net
Software
ESF /
Resource Hash
7cb7b3e07675cd1ed331968cdc8e63cade8b8cff7bb3a60a7b8d74129e8dbfda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 07:58:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 19 Sep 2024 07:58:52 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
login-5.js
dashboard.duitku.com/Scripts/metronic/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/login-5.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13dc6d5553818d8cb21145e9dd5812854c5fa8992c81ff75b4f7ff1db3d86a70
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"05e7a6aba49da1:0"
x-content-type-options
nosniff
cf-ray
8c5808786da7749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Thu, 18 Jan 2024 02:59:56 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
app.js
dashboard.duitku.com/Scripts/metronic/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/app.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6008c75632f747f0448f13bd6781267fcc6788cafed5bdbbfa6ed9064e60701
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0f22ac1ece5d91:0"
cf-bgj
minify
x-content-type-options
nosniff
cf-polished
origSize=24363
date
Thu, 19 Sep 2024 07:58:52 GMT
content-type
application/javascript
last-modified
Wed, 13 Sep 2023 02:48:20 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808786da9749e-MIA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
ladda.min.js
dashboard.duitku.com/Scripts/metronic/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/ladda.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d23ec5e4987b90262e27a6548463a5173e346d98def3b6c630e504f8d09085
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:52 GMT
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808786daa749e-MIA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
spin.min.js
dashboard.duitku.com/Scripts/metronic/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/spin.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15514e48abb48d5cad89a150f3f30c104a822c76238229a539452318f3ab03ca
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786dab749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
select2.full.min.js
dashboard.duitku.com/Scripts/metronic/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/select2.full.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8c0a1953e5ea4dfddeb1dbd04bf03da2bf66b0542fba29bb642ecc2b9768d1
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808786dac749e-MIA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
additional-methods.min.js
dashboard.duitku.com/Scripts/metronic/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/additional-methods.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4826dd029056276f86e3d1b008ebbb4f9a2693048de9c090c5300edfe5d1f7c1
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786dae749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
jquery.validate.min.js
dashboard.duitku.com/Scripts/metronic/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.validate.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a4b0d05489daed2aa466b2df92fb6ae5749a7f13db41a75c87991bed2fa30d
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786daf749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
bootstrap-switch.min.js
dashboard.duitku.com/Scripts/metronic/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/bootstrap-switch.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91fd7b22275f4170d033565123e5e15fd111461ce6f199bcb52ec53c866f81c3
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786db0749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
jquery.backstretch.min.js
dashboard.duitku.com/Scripts/metronic/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.backstretch.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786db1749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
jquery.blockui.min.js
dashboard.duitku.com/Scripts/metronic/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.blockui.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1562ef5e592b67d9a95a9a3f7c2a05442a7e0f7b492dd0a56e43fea9acefe627
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786db2749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
jquery.slimscroll.min.js
dashboard.duitku.com/Scripts/metronic/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.slimscroll.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3edb9dd54b82d2464f9dfc7f9c5929bae551272823049992608b4528392d2e2a
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786db3749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
js.cookie.min.js
dashboard.duitku.com/Scripts/metronic/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/js.cookie.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba9f8dae6d1c5de349dd2801ce41be27f43a1d0d2ad679c6a41c95a0796db612
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808786db4749e-MIA
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
bootstrap.min.js
dashboard.duitku.com/Scripts/metronic/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/bootstrap.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786db5749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
jquery.min.js
dashboard.duitku.com/Scripts/metronic/ 		113 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c742f89146b051bd981875239a04fe6cfee0c1723600f582c659c0bc43b742
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808786db6749e-MIA
date
Thu, 19 Sep 2024 07:58:53 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/javascript
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		309 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NVVLSFFRBD
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19b5475033c9b249e2257616545b3f8e8ae93d304549a5d45ce1e265d37005f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Thu, 19 Sep 2024 07:58:52 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105893
date
Thu, 19 Sep 2024 07:58:52 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
duitku-feature-background.webp
dashboard.duitku.com/Content/Image/login/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.duitku.com/Content/Image/login/duitku-feature-background.webp
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294e76af1a5e8c250a93d2da0c55c222ed076ad3fd1d911eac20e17e733683d8
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

cf-cache-status
HIT
etag
"05e7a6aba49da1:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
video/webp
last-modified
Thu, 18 Jan 2024 02:59:56 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808788dc1749e-MIA
accept-ranges
bytes
content-length
34370
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
AvenirNext-Bold.ttf
dashboard.duitku.com/Content/fonts/ 		316 KB
317 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/fonts/AvenirNext-Bold.ttf
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Content/merge.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cdbd9ebafc71a9fcd6a39fb9ca921d0b80336eda8a97caa6909c2d2a837642
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dashboard.duitku.com
Referer
https://dashboard.duitku.com/Content/merge.css

Response headers

cf-cache-status
HIT
etag
"0ea6bceecf8da1:0"
x-content-type-options
nosniff
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
application/octet-stream
last-modified
Wed, 28 Aug 2024 01:51:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808789dc4749e-MIA
accept-ranges
bytes
content-length
323212
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
AvenirNext-Regular.ttf
dashboard.duitku.com/Content/fonts/ 		257 KB
258 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/fonts/AvenirNext-Regular.ttf
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Content/merge.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d31a6a48a49e223eb9144cfb997997120ed7d735b665c4259556a3d1c45d028
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dashboard.duitku.com
Referer
https://dashboard.duitku.com/Content/merge.css

Response headers

cf-cache-status
HIT
etag
"0b9de65d5da1:0"
x-content-type-options
nosniff
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
application/octet-stream
last-modified
Mon, 23 Oct 2023 03:06:22 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808789dc5749e-MIA
accept-ranges
bytes
content-length
263048
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
AvenirNext-DemiBold.ttf
dashboard.duitku.com/Content/fonts/ 		277 KB
278 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/fonts/AvenirNext-DemiBold.ttf
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Content/merge.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56378121431f76d242911a86a56f71f569bdababac9493a9dcab58c98d06d50a
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dashboard.duitku.com
Referer
https://dashboard.duitku.com/Content/merge.css

Response headers

cf-cache-status
HIT
etag
"0ea6bceecf8da1:0"
x-content-type-options
nosniff
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
application/octet-stream
last-modified
Wed, 28 Aug 2024 01:51:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808789dc6749e-MIA
accept-ranges
bytes
content-length
283816
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
gtm.js
www.googletagmanager.com/ 		326 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe34f5663c8b0dfbbbcf9e747c83701904a7002ac948e4612570a0711097b940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

content-encoding
br
expires
Thu, 19 Sep 2024 07:58:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 19 Sep 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
110393
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NVVLSFFRBD&gtm=45je49h0v885949011za200&_p=1726732733909&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=163087608.1726732734&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726732733&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&dt=Duitku%20%7C%20Merchant%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=11361
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NVVLSFFRBD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dashboard.duitku.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 07:58:54 GMT
content-type
text/plain
server
Golfe2
favicon.ico
dashboard.duitku.com/Content/Image/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/Image/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09328af2d0b5d684e57d1fd637d1d563a2f150a4aad2a29ed12e4a11cb6fb18
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
content-encoding
br
cf-cache-status
HIT
etag
W/"0d25dc4b7edd71:0"
x-content-type-options
nosniff
cf-ray
8c5808837a9a749e-MIA
date
Thu, 19 Sep 2024 07:58:54 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
image/x-icon
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
recaptcha__en.js
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 		538 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://dashboard.duitku.com
Referer
https://dashboard.duitku.com/

Response headers

content-encoding
gzip
age
13417
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 19 Sep 2025 04:15:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 04:15:17 GMT
last-modified
Tue, 03 Sep 2024 02:00:38 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
217247
x-xss-protection
0
server
sffe
duitku-feature-background.webp
dashboard.duitku.com/Content/Image/login/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.duitku.com/Content/Image/login/duitku-feature-background.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294e76af1a5e8c250a93d2da0c55c222ed076ad3fd1d911eac20e17e733683d8
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/Account/Login

Response headers

cf-cache-status
HIT
etag
"05e7a6aba49da1:0"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 07:58:53 GMT
content-type
video/webp
last-modified
Thu, 18 Jan 2024 02:59:56 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cache-control
max-age=14400
cf-ray
8c5808788dc1749e-MIA
accept-ranges
bytes
content-length
34370
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
rum
dashboard.duitku.com/cdn-cgi/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://dashboard.duitku.com/Account/Login

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8c580883aade749e-MIA
access-control-allow-origin
https://dashboard.duitku.com
date
Thu, 19 Sep 2024 07:58:54 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
js
www.googletagmanager.com/gtag/ 		321 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VMSEK6LKPN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c691aa32e437e80d0cbc8f416408c3159f883f19abcd55988f486252cdfcb9fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Thu, 19 Sep 2024 07:58:54 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106744
date
Thu, 19 Sep 2024 07:58:54 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
destination
www.googletagmanager.com/gtag/ 		236 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10853321661&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8bf364edcc6ccce0d60beb9d7e99eeba1bbf3f85d3f47381ac1e499c3f22acb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

content-encoding
br
expires
Thu, 19 Sep 2024 07:58:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 07:58:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 19 Sep 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
86670
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
6770
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 08:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Thu, 19 Sep 2024 06:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 19 Sep 2024 07:58:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4411, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
k2udEJiwho0kI54WiWU5H79Aw/3+3EKVDlURwNMiUFyKuIyaLklUFIwFeEM9e5X67Ho4TcbfV5rXJ/+CBoWY5Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
origin-agent-cluster
?0
collect
www.google-analytics.com/j/ 		3 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=759998611&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&ul=en-us&de=UTF-8&dt=Duitku%20%7C%20Merchant%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1885279493&gjid=199691950&cid=163087608.1726732734&tid=UA-90544022-1&_gid=1343809944.1726732734&_r=1&_slc=1&gtm=45He49h0n81MBLDQPGv840837472za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=920227327
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://dashboard.duitku.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dashboard.duitku.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
date
Thu, 19 Sep 2024 07:58:54 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
339610768069756
connect.facebook.net/signals/config/ 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/339610768069756?v=2.9.167&r=stable&domain=dashboard.duitku.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
0fac660064e57fc9524997e49fec1d3f7d3c12251023343d71cccd1c958bef03
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 19 Sep 2024 07:58:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=74, mss=1232, tbw=67083, tp=62, tpl=0, uplat=54, ullat=0
pragma
public
x-fb-debug
KekV3/fgJP1Sm3Fq0XQ2MCR4/0ZTM7BfHxJhvnLoPvYL0DwmupE0VSGz6rzlx7lQJyMFqtwBsWn2qZhg03YfdQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10853321661/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10853321661/?random=1726732734357&cv=11&fst=1726732734357&bg=ffffff&guid=ON&async=1&gtm=45be49h0v876280435z8840837472za201zb840837472&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&hn=www.googleadservices.com&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&npa=0&pscdl=noapi&auid=986841577.1726732734&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10853321661&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
5d3fa6d5189a688577573707a37320341fd1fde86ff13a0a762035b47e5a5e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2343
date
Thu, 19 Sep 2024 07:58:54 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10853321661
td.doubleclick.net/td/rul/ Frame 78BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/10853321661?random=1726732734357&cv=11&fst=1726732734357&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49h0v876280435z8840837472za201zb840837472&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&hn=www.googleadservices.com&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&npa=0&pscdl=noapi&auid=986841577.1726732734&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10853321661&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dashboard.duitku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 07:58:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VMSEK6LKPN&gtm=45je49h0v890854532z8840837472za200zb840837472&_p=1726732733909&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=163087608.1726732734&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726732734&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&dt=Duitku%20%7C%20Merchant%20Login&en=page_view&_fv=1&_ss=1&tfd=11842
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMSEK6LKPN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dashboard.duitku.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 07:58:54 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VMSEK6LKPN&cid=163087608.1726732734&gtm=45je49h0v890854532z8840837472za200zb840837472&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMSEK6LKPN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dashboard.duitku.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dashboard.duitku.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 07:58:54 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 8965 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-VMSEK6LKPN&gacid=163087608.1726732734&gtm=45je49h0v890854532z8840837472za200zb840837472&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1525026848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMSEK6LKPN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dashboard.duitku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 07:58:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 0E98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=en&v=EGbODne6buzpTnWrrBprcfAY&theme=light&size=normal&cb=md6f9vi1j2kd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2K8ycp1bwfMmKEHlWmoMgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dashboard.duitku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2K8ycp1bwfMmKEHlWmoMgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 07:58:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		0
0
/
www.google.com/pagead/1p-user-list/10853321661/ 		0
0
bframe
www.google.com/recaptcha/api2/ Frame 8386 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=EGbODne6buzpTnWrrBprcfAY&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y61JVDqggkY1IkBzocWTnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dashboard.duitku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Y61JVDqggkY1IkBzocWTnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 07:58:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=339610768069756&ev=PageView&dl=https%3A%2F%2Fdashboard.duitku.com&rl=&if=false&ts=1726732734630&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.1.1726732734624.91291341210389222&cs_est=true&pm=1&hrl=70bbe6&ler=empty&cdl=API_unavailable&it=1726732734323&coo=false&cs_cc=1&cas=4932657236783289&rqm=GET
Domain
www.facebook.com
URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=339610768069756&ev=PageView&dl=https%3A%2F%2Fdashboard.duitku.com&rl=&if=false&ts=1726732734630&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.1.1726732734624.91291341210389222&cs_est=true&pm=1&hrl=70bbe6&ler=empty&cdl=API_unavailable&it=1726732734323&coo=false&cs_cc=1&cas=4932657236783289&rqm=FGET
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/10853321661/?random=1726732734357&cv=11&fst=1726729200000&bg=ffffff&guid=ON&async=1&gtm=45be49h0v876280435z8840837472za201zb840837472&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&hn=www.googleadservices.com&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&npa=0&pscdl=noapi&auid=986841577.1726732734&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfsVpOwfdU5BNyjQhIstN4EZ4HsLiPmA&random=3082619747&rmt_tld=0&ipr=y

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| __cfQR object| __cfBeacon object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| $ function| jQuery function| onYouTubeIframeAPIReady object| gaGlobal object| jQuery111309445083529137159 function| Cookies function| Spinner object| Ladda object| App object| Login function| keypressHandler object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| __cfRLUnblockHandlers string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaData object| GooglebQhCsO object| recaptcha object| closure_lm_498674

11 Cookies

Domain/Path Name / Value
sandbox.gateway.aspireapp.com/ Name: ASP.NET_SessionId
Value: 1hafehjs0uc33szwlljyhzcz
dashboard.duitku.com/ Name: __RequestVerificationToken
Value: TlHdBSdpPJMIKJOdYI6J-AtpifOSjRRAGw1mCVLuqoe2lGjSf33vnahbowJCIzt529JHgWHwpRE2cKaqICt2ujb16xo1
.duitku.com/ Name: _ga_NVVLSFFRBD
Value: GS1.1.1726732733.1.0.1726732733.0.0.0
.duitku.com/ Name: _gcl_au
Value: 1.1.986841577.1726732734
.duitku.com/ Name: _gid
Value: GA1.2.1343809944.1726732734
.duitku.com/ Name: _gat_UA-90544022-1
Value: 1
.duitku.com/ Name: _ga
Value: GA1.1.163087608.1726732734
.duitku.com/ Name: _ga_VMSEK6LKPN
Value: GS1.1.1726732734.1.0.1726732734.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.duitku.com/ Name: _fbp
Value: fb.1.1726732734624.91291341210389222
.dashboard.duitku.com/ Name: __cfwaitingroom
Value: ChgxNEthbkhRZjJEVFdEbDlZOGEyVGp3PT0SlAJjby83MDUySHlGdDdTanhlMUhlckNQWGRRazBNbVhaMmlkZmxRTHEzUzFqT0pteldYdFFCNlNQd2ttRVUzd244QTB5Ymk2ekIwR1paMWQ1SHVQbFp0L3YxcUgxMytuaElkQmxnNUF1VXN2Nmp5Y2puR1JkU0l3WFhPeTZiSEQ3RTUraFZRbU9HS2x0Sjc0WmJtQndobkpQdXVwdXJET2xVQ2RLOC9qaEZTUkJJVkhTQWRRZ3BIa1AreUh5NEMwOVQ2clQ1WXJ4TzlFcllCdUlSTW5TbWtxUWhFVjdSSUdPZTZRS2R1SmpVVlVZVXg0VzRPTm9ldVJGK2laNDI5bS9PRkR1b0VnSXhORU1jZUlOdFMxdz0%3D

3 Console Messages

Source Level URL
Text
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.facebook.com/tr/?id=339610768069756&ev=PageView&dl=https%3A%2F%2Fdashboard.duitku.com&rl=&if=false&ts=1726732734630&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.1.1726732734624.91291341210389222&cs_est=true&pm=1&hrl=70bbe6&ler=empty&cdl=API_unavailable&it=1726732734323&coo=false&cs_cc=1&cas=4932657236783289&rqm=GET' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=339610768069756&ev=PageView&dl=https%3A%2F%2Fdashboard.duitku.com&rl=&if=false&ts=1726732734630&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.1.1726732734624.91291341210389222&cs_est=true&pm=1&hrl=70bbe6&ler=empty&cdl=API_unavailable&it=1726732734323&coo=false&cs_cc=1&cas=4932657236783289&rqm=FGET' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.google.com/pagead/1p-user-list/10853321661/?random=1726732734357&cv=11&fst=1726729200000&bg=ffffff&guid=ON&async=1&gtm=45be49h0v876280435z8840837472za201zb840837472&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&hn=www.googleadservices.com&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&npa=0&pscdl=noapi&auid=986841577.1726732734&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfsVpOwfdU5BNyjQhIstN4EZ4HsLiPmA&random=3082619747&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
dashboard.duitku.com
fonts.googleapis.com
googleads.g.doubleclick.net
passport.duitku.com
sandbox.gateway.aspireapp.com
static.cloudflareinsights.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.facebook.com
www.google.com
104.18.17.61
104.22.52.208
142.250.80.36
142.250.81.226
142.251.41.8
157.240.241.1
172.67.22.96
2001:4860:4802:36::181
2606:4700::6810:5049
2607:f8b0:4004:c06::9d
2607:f8b0:4006:808::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:822::2008
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0fac660064e57fc9524997e49fec1d3f7d3c12251023343d71cccd1c958bef03
13dc6d5553818d8cb21145e9dd5812854c5fa8992c81ff75b4f7ff1db3d86a70
15514e48abb48d5cad89a150f3f30c104a822c76238229a539452318f3ab03ca
1562ef5e592b67d9a95a9a3f7c2a05442a7e0f7b492dd0a56e43fea9acefe627
19b5475033c9b249e2257616545b3f8e8ae93d304549a5d45ce1e265d37005f0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d31a6a48a49e223eb9144cfb997997120ed7d735b665c4259556a3d1c45d028
219c94242007328c455a8a5792dc7918769e5d55e51dd5652138830354a35700
27c742f89146b051bd981875239a04fe6cfee0c1723600f582c659c0bc43b742
294e76af1a5e8c250a93d2da0c55c222ed076ad3fd1d911eac20e17e733683d8
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3edb9dd54b82d2464f9dfc7f9c5929bae551272823049992608b4528392d2e2a
4120ed2329fdcfb49b7040ac686a623ac76b962b5f0e46985cfdd099bd5b3e04
47541c03df82d19eeaa45e593ad5e973f330c4f3d75308f08c967fed80effa58
4826dd029056276f86e3d1b008ebbb4f9a2693048de9c090c5300edfe5d1f7c1
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
56378121431f76d242911a86a56f71f569bdababac9493a9dcab58c98d06d50a
574a3f272a5bf61b3f372d2bbf820e973eb70e7ab66715e44302e2d3e2534b0d
5d3fa6d5189a688577573707a37320341fd1fde86ff13a0a762035b47e5a5e32
6009727c78222b1f6b7747ca114130ba10e6549fb0c90092d3ce29895368124e
7cb7b3e07675cd1ed331968cdc8e63cade8b8cff7bb3a60a7b8d74129e8dbfda
7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
85d23ec5e4987b90262e27a6548463a5173e346d98def3b6c630e504f8d09085
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bf364edcc6ccce0d60beb9d7e99eeba1bbf3f85d3f47381ac1e499c3f22acb5
91fd7b22275f4170d033565123e5e15fd111461ce6f199bcb52ec53c866f81c3
9b8c0a1953e5ea4dfddeb1dbd04bf03da2bf66b0542fba29bb642ecc2b9768d1
a1a4b0d05489daed2aa466b2df92fb6ae5749a7f13db41a75c87991bed2fa30d
ad40d1b1a7c6baddfdc75a9a07aef0b14a97427fb777c1518073057bf38ffc73
b0e9c2ac6c3adf14dbf5a822c00a9ac0c0dd5b376a97fcef49e21fc4f8232037
b6008c75632f747f0448f13bd6781267fcc6788cafed5bdbbfa6ed9064e60701
ba9f8dae6d1c5de349dd2801ce41be27f43a1d0d2ad679c6a41c95a0796db612
c1c27f521fa240cf38d3864bd83ed6775fcf2387cfc0cb28f2a95ed09b91f9e3
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
c691aa32e437e80d0cbc8f416408c3159f883f19abcd55988f486252cdfcb9fe
cb6ee44fc23aa59eac8c075dd11852665c5fe7b5f001779cc5a4373638fff0cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d09328af2d0b5d684e57d1fd637d1d563a2f150a4aad2a29ed12e4a11cb6fb18
da64bf513e7fa57a02f9231408fc4aeb2302a499387b247d98e0d65ce040b936
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea237985427db5573da7d02e2ce688fe2337a308f9a08dbd73697430f6bc0aed
f6cdbd9ebafc71a9fcd6a39fb9ca921d0b80336eda8a97caa6909c2d2a837642
fc465dc1fef52a2389e2f68b8bae5ebf1d5b90f530ab28f5f19401df3cbe5d50
fe34f5663c8b0dfbbbcf9e747c83701904a7002ac948e4612570a0711097b940