urlscan.io logo urlscan.io
SecurityTrails logo

dashboard.duitku.com Open in urlscan Pro
104.22.52.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sandbox.gateway.aspireapp.com/
Effective URL: https://dashboard.duitku.com/Account/Login
Submission: On December 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 63 HTTP transactions. The main IP is 104.22.52.208, located in and belongs to CLOUDFLARENET, US. The main domain is dashboard.duitku.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 7th 2023. Valid for: a year.
This is the only time dashboard.duitku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700::6812:103d (United States)

ASN13335 (CLOUDFLARENET, US)
sandbox.gateway.aspireapp.com
3    104.22.53.208 (None, )

ASN13335 (CLOUDFLARENET, US)
passport.duitku.com
dashboard.duitku.com
30    104.22.52.208 (None, )

ASN13335 (CLOUDFLARENET, US)
dashboard.duitku.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
33 duitku.com
passport.duitku.com
dashboard.duitku.com
318 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
723 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
36 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
2 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
270 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
2 aspireapp.com
sandbox.gateway.aspireapp.com
402 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
0 facebook.com Failed
www.facebook.com Failed
0 google.de Failed
www.google.de Failed
63 12
Domain Requested by
32 dashboard.duitku.com 2 redirects dashboard.duitku.com
static.cloudflareinsights.com
5 www.gstatic.com www.google.com
5 www.google.com dashboard.duitku.com
www.gstatic.com
www.google.com
3 www.googletagmanager.com dashboard.duitku.com
www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net dashboard.duitku.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com dashboard.duitku.com
2 sandbox.gateway.aspireapp.com 2 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com dashboard.duitku.com
1 passport.duitku.com 1 redirects
0 www.facebook.com Failed
0 www.google.de Failed
63 17

This site contains links to these domains. Also see Links.

Domain
www.duitku.com
docs.duitku.com
Subject Issuer Validity Valid
*.duitku.com
Thawte TLS RSA CA G1		 2023-09-07 -
2024-09-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://dashboard.duitku.com/Account/Login
Frame ID: F003E395D3DE9BCB3206154FD02B8652
Requests: 55 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nqionfspdtkd
Frame ID: 484183FB2346DBEC493E83B96ABEF3FF
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe
Frame ID: 53B99E78E15A97B9CBD192F6B22D8B1C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Duitku | Merchant Login

Page URL History Show full URLs

  1. https://sandbox.gateway.aspireapp.com/ HTTP 302
    https://sandbox.gateway.aspireapp.com/Merchant HTTP 302
    https://passport.duitku.com/merchant?ReturnUrl=%2fMerchant HTTP 307
    https://dashboard.duitku.com/ HTTP 302
    https://dashboard.duitku.com/Account/RedirectToLogin?ReturnUrl=%2f HTTP 302
    https://dashboard.duitku.com/Account/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

63
Requests

90 %
HTTPS

86 %
IPv6

12
Domains

17
Subdomains

13
IPs

4
Countries

1470 kB
Transfer

4453 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sandbox.gateway.aspireapp.com/ HTTP 302
    https://sandbox.gateway.aspireapp.com/Merchant HTTP 302
    https://passport.duitku.com/merchant?ReturnUrl=%2fMerchant HTTP 307
    https://dashboard.duitku.com/ HTTP 302
    https://dashboard.duitku.com/Account/RedirectToLogin?ReturnUrl=%2f HTTP 302
    https://dashboard.duitku.com/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
dashboard.duitku.com/Account/
Redirect Chain
  • https://sandbox.gateway.aspireapp.com/
  • https://sandbox.gateway.aspireapp.com/Merchant
  • https://passport.duitku.com/merchant?ReturnUrl=%2fMerchant
  • https://dashboard.duitku.com/
  • https://dashboard.duitku.com/Account/RedirectToLogin?ReturnUrl=%2f
  • https://dashboard.duitku.com/Account/Login
37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737ab29687393a8a7df7d164c7e01d56e3a1b70fc008f9cb1d46f09d925aa1ca
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
83d1712ed8d21c97-FRA
content-encoding
br
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=utf-8
date
Fri, 29 Dec 2023 10:43:28 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
83d1712a2c4bbbfd-FRA
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_7jyv51_pQYNUcWjfz_Ts8fJvlhFyqeEfMAEd7G37Gc-1703846607-1-AR84InvR4YDspI0yyk6n5L5Mpwrlb2DShbb_FGhwkqAD-0e-xGAJYrt6_F-DEDaZ_FBKXyuLZ0uMRGv7oPzhCTZqmoTl7H2TjoWQAx3EuOTnaWT-n5J-BA0P8eM0_z5Q_kYZjetYc2JWqhfiZLB-yLEiUkIJDYHVxDKC06CPfrjW; report-to cf-csp-endpoint
content-type
text/html; charset=utf-8
date
Fri, 29 Dec 2023 10:43:27 GMT
location
/Account/Login
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_7jyv51_pQYNUcWjfz_Ts8fJvlhFyqeEfMAEd7G37Gc-1703846607-1-AR84InvR4YDspI0yyk6n5L5Mpwrlb2DShbb_FGhwkqAD-0e-xGAJYrt6_F-DEDaZ_FBKXyuLZ0uMRGv7oPzhCTZqmoTl7H2TjoWQAx3EuOTnaWT-n5J-BA0P8eM0_z5Q_kYZjetYc2JWqhfiZLB-yLEiUkIJDYHVxDKC06CPfrjW"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 10:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 08:49:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Dec 2023 10:43:28 GMT
font-awesome.min.css
dashboard.duitku.com/Content/metronic/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/font-awesome.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ebe1c97-FRA
simple-line-icons.min.css
dashboard.duitku.com/Content/metronic/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/simple-line-icons.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad40d1b1a7c6baddfdc75a9a07aef0b14a97427fb777c1518073057bf38ffc73
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ec01c97-FRA
bootstrap.min.css
dashboard.duitku.com/Content/metronic/ 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/bootstrap.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4120ed2329fdcfb49b7040ac686a623ac76b962b5f0e46985cfdd099bd5b3e04
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ec21c97-FRA
bootstrap-switch.min.css
dashboard.duitku.com/Content/metronic/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/bootstrap-switch.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574a3f272a5bf61b3f372d2bbf820e973eb70e7ab66715e44302e2d3e2534b0d
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ec41c97-FRA
select2.min.css
dashboard.duitku.com/Content/metronic/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/select2.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea237985427db5573da7d02e2ce688fe2337a308f9a08dbd73697430f6bc0aed
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ec51c97-FRA
select2-bootstrap.min.css
dashboard.duitku.com/Content/metronic/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/select2-bootstrap.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47541c03df82d19eeaa45e593ad5e973f330c4f3d75308f08c967fed80effa58
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ec71c97-FRA
components.min.css
dashboard.duitku.com/Content/metronic/ 		686 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/components.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9862729f05609ebfc219f0a730886c9f19f8dcbc94afaf229112bcc0d238fde7
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 11 May 2023 06:30:38 GMT
server
cloudflare
etag
W/"07b9919d283d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347eca1c97-FRA
plugins.min.css
dashboard.duitku.com/Content/metronic/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/plugins.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da64bf513e7fa57a02f9231408fc4aeb2302a499387b247d98e0d65ce040b936
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 11 May 2023 06:30:38 GMT
server
cloudflare
etag
W/"07b9919d283d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ecc1c97-FRA
login-5.min.css
dashboard.duitku.com/Content/metronic/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/login-5.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc8f7f44198d356c51866fcc24fae3d08579bf75d24b709179fe66d9960f9f7
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Wed, 28 Sep 2022 07:05:26 GMT
server
cloudflare
etag
W/"03f33af8d3d81:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ed11c97-FRA
ladda-themeless.min.css
dashboard.duitku.com/Content/metronic/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Content/metronic/ladda-themeless.min.css
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6ee44fc23aa59eac8c075dd11852665c5fe7b5f001779cc5a4373638fff0cf
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83d171347ed31c97-FRA
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 10:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 09:12:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Dec 2023 10:43:28 GMT
duitku-logo-registration.png
dashboard.duitku.com/Content/Image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.duitku.com/Content/Image/duitku-logo-registration.png
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e9c2ac6c3adf14dbf5a822c00a9ac0c0dd5b376a97fcef49e21fc4f8232037
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=6484
content-disposition
inline; filename="duitku-logo-registration.webp"
alt-svc
h3=":443"; ma=86400
content-length
2396
x-xss-protection
1; mode=block, 1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
"0d25dc4b7edd71:0"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83d171357fe21c97-FRA
rocket-loader.min.js
dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
server
cloudflare
content-encoding
gzip
etag
W/"6581a422-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
83d1713588021c97-FRA
expires
Sun, 31 Dec 2023 10:43:28 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://dashboard.duitku.com/
Origin
https://dashboard.duitku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83d171359b899b6e-FRA
login.jquery.min.js
dashboard.duitku.com/Scripts/metronic/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/login.jquery.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904de5890629ffa95f8e218d99193639b29e5e88a6c30e3c57336d67d43bab7e
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd181c97-FRA
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Dec 2023 10:43:29 GMT
login-5.js
dashboard.duitku.com/Scripts/metronic/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/login-5.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11017d7ddc3d977d089ae5e0e504d5288b7f5ace9d43c80a553dc04cf27bdfc6
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
HIT
content-encoding
br
cf-polished
origSize=3168
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
cf-bgj
minify
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd191c97-FRA
app.js
dashboard.duitku.com/Scripts/metronic/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/app.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6008c75632f747f0448f13bd6781267fcc6788cafed5bdbbfa6ed9064e60701
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
HIT
content-encoding
br
cf-polished
origSize=24363
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
cf-bgj
minify
last-modified
Wed, 13 Sep 2023 02:48:20 GMT
server
cloudflare
etag
W/"0f22ac1ece5d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd1b1c97-FRA
ladda.min.js
dashboard.duitku.com/Scripts/metronic/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/ladda.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d23ec5e4987b90262e27a6548463a5173e346d98def3b6c630e504f8d09085
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd1d1c97-FRA
spin.min.js
dashboard.duitku.com/Scripts/metronic/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/spin.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15514e48abb48d5cad89a150f3f30c104a822c76238229a539452318f3ab03ca
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd1f1c97-FRA
select2.full.min.js
dashboard.duitku.com/Scripts/metronic/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/select2.full.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8c0a1953e5ea4dfddeb1dbd04bf03da2bf66b0542fba29bb642ecc2b9768d1
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd211c97-FRA
additional-methods.min.js
dashboard.duitku.com/Scripts/metronic/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/additional-methods.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4826dd029056276f86e3d1b008ebbb4f9a2693048de9c090c5300edfe5d1f7c1
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd221c97-FRA
jquery.validate.min.js
dashboard.duitku.com/Scripts/metronic/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.validate.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a4b0d05489daed2aa466b2df92fb6ae5749a7f13db41a75c87991bed2fa30d
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd231c97-FRA
bootstrap-switch.min.js
dashboard.duitku.com/Scripts/metronic/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/bootstrap-switch.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91fd7b22275f4170d033565123e5e15fd111461ce6f199bcb52ec53c866f81c3
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd241c97-FRA
jquery.backstretch.min.js
dashboard.duitku.com/Scripts/metronic/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.backstretch.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd261c97-FRA
jquery.blockui.min.js
dashboard.duitku.com/Scripts/metronic/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.blockui.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1562ef5e592b67d9a95a9a3f7c2a05442a7e0f7b492dd0a56e43fea9acefe627
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd271c97-FRA
jquery.slimscroll.min.js
dashboard.duitku.com/Scripts/metronic/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.slimscroll.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3edb9dd54b82d2464f9dfc7f9c5929bae551272823049992608b4528392d2e2a
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd281c97-FRA
js.cookie.min.js
dashboard.duitku.com/Scripts/metronic/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/js.cookie.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba9f8dae6d1c5de349dd2801ce41be27f43a1d0d2ad679c6a41c95a0796db612
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd291c97-FRA
bootstrap.min.js
dashboard.duitku.com/Scripts/metronic/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/bootstrap.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd2a1c97-FRA
jquery.min.js
dashboard.duitku.com/Scripts/metronic/ 		113 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/Scripts/metronic/jquery.min.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c742f89146b051bd981875239a04fe6cfee0c1723600f582c659c0bc43b742
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
W/"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83d1713acd2d1c97-FRA
js
www.googletagmanager.com/gtag/ 		251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NVVLSFFRBD
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bcc65906f92a2ea03af8b46c48ddd3dbac0564fec004eddc18a70cd0f598562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87909
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Dec 2023 10:43:29 GMT
duitku-feature-background.png
dashboard.duitku.com/Content/Image/login/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.duitku.com/Content/Image/login/duitku-feature-background.png
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca48c035fdf7f7ec106a1aa276ae4a9e4c0dd6a7316506bdc05cc590b9269c4f
Security Headers
Name Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
content-security-policy
img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
HIT
cf-polished
origSize=105480, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
38961
x-xss-protection
1; mode=block, 1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Dec 2021 11:19:16 GMT
server
cloudflare
etag
"0d25dc4b7edd71:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83d1713add351c97-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dashboard.duitku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 06:07:43 GMT
x-content-type-options
nosniff
age
102946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 06:07:43 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dashboard.duitku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 06:01:30 GMT
x-content-type-options
nosniff
age
103319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 06:01:30 GMT
gtm.js
www.googletagmanager.com/ 		281 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66381bc73eea572bb018dd3b088eb4b38c818365ddddf1870f865a8301d62cd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96036
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Dec 2023 10:43:29 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NVVLSFFRBD&gtm=45je3bt0v885949011&_p=1703846609309&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=32000247.1703846609&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703846609&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&dt=Duitku%20%7C%20Merchant%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5340
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NVVLSFFRBD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 10:43:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.duitku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VMSEK6LKPN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
134dac8b12748a5c2573bbdaf6c63c7dbc960b38aa4bea0058bee67d1f217648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92434
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Dec 2023 10:43:29 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10853321661/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10853321661/?random=1703846609387&cv=11&fst=1703846609387&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v840837472&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&hn=www.googleadservices.com&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&auid=1121270550.1703846609&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dee800d6772203c0bd45d9e20432f3d601a77ece142710b410a0644f37b5895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 10:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBLDQPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Dec 2023 09:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3312
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 29 Dec 2023 11:48:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dashboard.duitku.com
URL: https://dashboard.duitku.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 29 Dec 2023 10:43:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
lEICI23QEiyN5H9AEXurK+CIwwB6lVIKwOYuDb1gRr9Zvp5tosK1pDxuoHYDiQ2U81PHMWPhzwvsbpCIu1B2LQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
339610768069756
connect.facebook.net/signals/config/ 		140 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/339610768069756?v=2.9.138&r=stable&domain=dashboard.duitku.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03a8193dbdfb55016fee4db5720cf1d38759de7ee5a4467dc09f852dc800e85c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 29 Dec 2023 10:43:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
xPmBEA3BYSliPOFCzqldfQ/uPUiNansZrqvX7B/3TM5LTJnf3Ji/+ajnyUbAGqosfL5oyMXAvEhPMc8IUM5dhg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VMSEK6LKPN&gtm=45je3bt0v890854532z8840837472&_p=1703846609309&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=32000247.1703846609&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703846609&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&dt=Duitku%20%7C%20Merchant%20Login&en=page_view&_fv=1&_ss=1&tfd=5472
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMSEK6LKPN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 10:43:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.duitku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VMSEK6LKPN&cid=32000247.1703846609&gtm=45je3bt0v890854532z8840837472&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMSEK6LKPN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.duitku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 10:43:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.duitku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1076620948&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&ul=en-us&de=UTF-8&dt=Duitku%20%7C%20Merchant%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1149730122&gjid=1587731891&cid=32000247.1703846609&tid=UA-90544022-1&_gid=560266184.1703846609&_r=1&_slc=1&gtm=45He3bt0n81MBLDQPGv840837472&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1865637887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dashboard.duitku.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 10:43:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.duitku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10853321661/ 		0
0
/
www.google.de/pagead/1p-user-list/10853321661/ 		0
0
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90544022-1&cid=32000247.1703846609&jid=1149730122&gjid=1587731891&_gid=560266184.1703846609&_u=YADAAEAAAAAAACAAI~&z=568273272
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dashboard.duitku.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 29 Dec 2023 10:43:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dashboard.duitku.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
0
ga-audiences
www.google.com/ads/ 		0
0
ga-audiences
www.google.de/ads/ 		0
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dashboard.duitku.com/
Origin
https://dashboard.duitku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 09:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 09:56:51 GMT
rum
dashboard.duitku.com/cdn-cgi/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dashboard.duitku.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dashboard.duitku.com/Account/Login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Fri, 29 Dec 2023 10:43:29 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://dashboard.duitku.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83d1713f899a1c97-FRA
anchor
www.google.com/recaptcha/api2/ Frame 4841 		42 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nqionfspdtkd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3b1ae53a488eb7083465ed7c7578ee1431e46abf8f9369e39fce5b14a87fcc76
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GB9ACLRSpTm1NgziseezKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dashboard.duitku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GB9ACLRSpTm1NgziseezKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 10:43:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4841 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nqionfspdtkd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Dec 2024 22:33:50 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4841 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nqionfspdtkd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 09:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 09:56:51 GMT
mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
www.google.com/js/bg/ Frame 4841 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nqionfspdtkd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 19:03:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
315595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 19:03:35 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 4841 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nqionfspdtkd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe&co=aHR0cHM6Ly9kYXNoYm9hcmQuZHVpdGt1LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nqionfspdtkd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Dec 2023 10:43:30 GMT
bframe
www.google.com/recaptcha/api2/ Frame 53B9 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6b89903502328358b716ff902b39a503b02d5969ad52316742840ace702de220
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ItYg8pDb-6Ze1T7Oc4Tnqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dashboard.duitku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ItYg8pDb-6Ze1T7Oc4Tnqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 10:43:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 53B9 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 22:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Dec 2024 22:33:50 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 53B9 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcW1xwkAAAAAOrDMhXLSyd7h4RSl2NO0eO0lFVe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 09:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 09:56:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VMSEK6LKPN&cid=32000247.1703846609&gtm=45je3bt0v890854532z8840837472&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=735440218
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/10853321661/?random=1703846609387&cv=11&fst=1703844000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v840837472&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_cGFLQIOio7sB7a6SnnUd-0G3f50J6g&random=2843576048&rmt_tld=0&ipr=y
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/10853321661/?random=1703846609387&cv=11&fst=1703844000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v840837472&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_cGFLQIOio7sB7a6SnnUd-0G3f50J6g&random=2843576048&rmt_tld=1&ipr=y
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=339610768069756&ev=PageView&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&rl=&if=false&ts=1703846609522&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703846609521.2003517431&cs_est=true&ler=empty&it=1703846609447&coo=false&rqm=GET
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90544022-1&cid=32000247.1703846609&jid=1149730122&_u=YADAAEAAAAAAACAAI~&z=760011684
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90544022-1&cid=32000247.1703846609&jid=1149730122&_u=YADAAEAAAAAAACAAI~&z=760011684

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaData function| $ function| jQuery object| jQuery111307958949207974673 function| Cookies function| Spinner object| Ladda object| App object| Login function| keypressHandler object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| jQuery_3_4_1 boolean| __cfRLUnblockHandlers object| recaptcha object| closure_lm_486555

9 Cookies

Domain/Path Name / Value
sandbox.gateway.aspireapp.com/ Name: ASP.NET_SessionId
Value: iqyi3oijqbyynmgdprspieel
.duitku.com/ Name: _ga_NVVLSFFRBD
Value: GS1.1.1703846609.1.0.1703846609.0.0.0
.duitku.com/ Name: _gcl_au
Value: 1.1.1121270550.1703846609
.duitku.com/ Name: _ga_VMSEK6LKPN
Value: GS1.1.1703846609.1.0.1703846609.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.duitku.com/ Name: _ga
Value: GA1.2.32000247.1703846609
.duitku.com/ Name: _gid
Value: GA1.2.560266184.1703846609
.duitku.com/ Name: _gat_UA-90544022-1
Value: 1
.duitku.com/ Name: _fbp
Value: fb.1.1703846609521.2003517431

6 Console Messages

Source Level URL
Text
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VMSEK6LKPN&cid=32000247.1703846609&gtm=45je3bt0v890854532z8840837472&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=735440218' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.google.com/pagead/1p-user-list/10853321661/?random=1703846609387&cv=11&fst=1703844000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v840837472&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_cGFLQIOio7sB7a6SnnUd-0G3f50J6g&random=2843576048&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.google.de/pagead/1p-user-list/10853321661/?random=1703846609387&cv=11&fst=1703844000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v840837472&u_w=1600&u_h=1200&url=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&label=RKFZCMKs76ADEL2Xorco&frm=0&tiba=Duitku%20%7C%20Merchant%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_cGFLQIOio7sB7a6SnnUd-0G3f50J6g&random=2843576048&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.facebook.com/tr/?id=339610768069756&ev=PageView&dl=https%3A%2F%2Fdashboard.duitku.com%2FAccount%2FLogin&rl=&if=false&ts=1703846609522&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703846609521.2003517431&cs_est=true&ler=empty&it=1703846609447&coo=false&rqm=GET' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90544022-1&cid=32000247.1703846609&jid=1149730122&_u=YADAAEAAAAAAACAAI~&z=760011684' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".
security error URL: https://dashboard.duitku.com/Account/Login
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90544022-1&cid=32000247.1703846609&jid=1149730122&_u=YADAAEAAAAAAACAAI~&z=760011684' because it violates the following Content Security Policy directive: "img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src 'self' *.googleapis.com *.hubspot.com *.duitku.com *.tawk.to *.elistva.com blob: data:; default-src https: data: wss://*.elistva.com wss://*.tawk.to 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
dashboard.duitku.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
passport.duitku.com
region1.analytics.google.com
region1.google-analytics.com
sandbox.gateway.aspireapp.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.facebook.com
www.google.com
www.google.de
104.22.52.208
104.22.53.208
2001:4860:4802:34::36
2606:4700::6810:3965
2606:4700::6812:103d
2a00:1450:4001:80b::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a03:2880:f083:100:face:b00c:0:3
03a8193dbdfb55016fee4db5720cf1d38759de7ee5a4467dc09f852dc800e85c
0bcc65906f92a2ea03af8b46c48ddd3dbac0564fec004eddc18a70cd0f598562
11017d7ddc3d977d089ae5e0e504d5288b7f5ace9d43c80a553dc04cf27bdfc6
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
134dac8b12748a5c2573bbdaf6c63c7dbc960b38aa4bea0058bee67d1f217648
15514e48abb48d5cad89a150f3f30c104a822c76238229a539452318f3ab03ca
1562ef5e592b67d9a95a9a3f7c2a05442a7e0f7b492dd0a56e43fea9acefe627
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
27c742f89146b051bd981875239a04fe6cfee0c1723600f582c659c0bc43b742
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3b1ae53a488eb7083465ed7c7578ee1431e46abf8f9369e39fce5b14a87fcc76
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3edb9dd54b82d2464f9dfc7f9c5929bae551272823049992608b4528392d2e2a
4120ed2329fdcfb49b7040ac686a623ac76b962b5f0e46985cfdd099bd5b3e04
47541c03df82d19eeaa45e593ad5e973f330c4f3d75308f08c967fed80effa58
4826dd029056276f86e3d1b008ebbb4f9a2693048de9c090c5300edfe5d1f7c1
574a3f272a5bf61b3f372d2bbf820e973eb70e7ab66715e44302e2d3e2534b0d
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
66381bc73eea572bb018dd3b088eb4b38c818365ddddf1870f865a8301d62cd0
6b89903502328358b716ff902b39a503b02d5969ad52316742840ace702de220
737ab29687393a8a7df7d164c7e01d56e3a1b70fc008f9cb1d46f09d925aa1ca
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d23ec5e4987b90262e27a6548463a5173e346d98def3b6c630e504f8d09085
904de5890629ffa95f8e218d99193639b29e5e88a6c30e3c57336d67d43bab7e
91fd7b22275f4170d033565123e5e15fd111461ce6f199bcb52ec53c866f81c3
9862729f05609ebfc219f0a730886c9f19f8dcbc94afaf229112bcc0d238fde7
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
9b8c0a1953e5ea4dfddeb1dbd04bf03da2bf66b0542fba29bb642ecc2b9768d1
9dee800d6772203c0bd45d9e20432f3d601a77ece142710b410a0644f37b5895
a1a4b0d05489daed2aa466b2df92fb6ae5749a7f13db41a75c87991bed2fa30d
ad40d1b1a7c6baddfdc75a9a07aef0b14a97427fb777c1518073057bf38ffc73
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e9c2ac6c3adf14dbf5a822c00a9ac0c0dd5b376a97fcef49e21fc4f8232037
b6008c75632f747f0448f13bd6781267fcc6788cafed5bdbbfa6ed9064e60701
ba9f8dae6d1c5de349dd2801ce41be27f43a1d0d2ad679c6a41c95a0796db612
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
ca48c035fdf7f7ec106a1aa276ae4a9e4c0dd6a7316506bdc05cc590b9269c4f
cb6ee44fc23aa59eac8c075dd11852665c5fe7b5f001779cc5a4373638fff0cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
da64bf513e7fa57a02f9231408fc4aeb2302a499387b247d98e0d65ce040b936
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ea237985427db5573da7d02e2ce688fe2337a308f9a08dbd73697430f6bc0aed
fbc8f7f44198d356c51866fcc24fae3d08579bf75d24b709179fe66d9960f9f7