www.duping.net Open in urlscan Pro
160.153.63.167 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Submission: On May 02 via api (May 2nd 2022, 2:26:06 am UTC) from CH — Scanned from DE

Summary HTTP 21 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 160.153.63.167, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.duping.net. The Cisco Umbrella rank of the primary domain is 934333.

This is the only time www.duping.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	160.153.63.167 160.153.63.167	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	23.36.163.225 23.36.163.225	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:baf2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	5

16 160.153.63.167 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-160-153-63-167.ip.secureserver.net

www.duping.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.36.163.225 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-225.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:baf2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	duping.net www.duping.net — Cisco Umbrella Rank: 934333	25 KB
3	wsimg.com 2 redirects img1.wsimg.com — Cisco Umbrella Rank: 8889 img6.wsimg.com — Cisco Umbrella Rank: 11274	12 KB
2	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13038	580 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 430	164 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1285	417 B
21	5

	Domain	Requested by
16	www.duping.net	www.duping.net
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	2 redirects
1	img6.wsimg.com	www.duping.net
1	cdn.jsdelivr.net	www.duping.net
1	polyfill.io	www.duping.net
21	6

This site contains links to these domains. Also see Links.

Domain
blog.bnn.co
www.ukcdp.co.uk
www.cdp1998.org

Subject Issuer	Validity	Valid
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2021-09-14` - `2022-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Frame ID: 54F92AA878C15074BEFB0C24C0371DAA
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

迴避政治投共之實質者：收回你的假清高！

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

21
Requests

19 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

202 kB
Transfer

881 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.bnn.co/hero/200901/zgmzdlhzb/5_1.shtml
Title: https://blog.bnn.co/hero/200901/zgmzdlhzb/5_1.shtml

Search URL Search Domain Scan URL

URL: https://www.ukcdp.co.uk/founding/found86.htm
Title: https://www.ukcdp.co.uk/founding/found86.htm

Search URL Search Domain Scan URL

URL: http://www.cdp1998.org/file/2019050701.htm
Title: http://www.cdp1998.org/file/2019050701.htm

Search URL Search Domain Scan URL

URL: http://www.cdp1998.org/gybd.htm
Title: http://www.cdp1998.org/gybd.htm

Search URL Search Domain Scan URL

URL: http://www.cdp1998.org/file/2013071902.htm
Title: http://www.cdp1998.org/file/2013071902.htm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request show.php Show response
www.duping.net/XHC/ 19 KB
10 KB 328ms
178ms Document
text/html 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache / PHP/5.6.40
Resource Hash: 17a87132baebe48ac72cba520c8eff6bf589ae453fcedb91635f25f36653ae74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 9741
Content-Type: text/html; charset=gb2312
Date: Mon, 02 May 2022 02:26:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5
Pragma: xhc-return=1450820
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK XHC11.css
www.duping.net/stylesheets/comm/ 68 B
356 B 151ms
150ms Stylesheet
text/css 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.duping.net/stylesheets/comm/XHC11.css
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 1d06c70bf7922b879f5c588308c13ccfaf4f473b484b4f55d14101e66b299f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:19 GMT
Server: Apache
ETag: "6a6042a-44-4c0155aea66c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 68

GET
H/1.1 200
OK xhc.js Show response
www.duping.net/javascripts/ 2 KB
1 KB 299ms
150ms Script
application/javascript 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.duping.net/javascripts/xhc.js
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: ab866978e2d645b8c3b95ccd3e4bfe3790d74ec0d56a7e8373615794cfb26e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Aug 2015 15:53:01 GMT
Server: Apache
ETag: "6a60417-99c-51d1f369cf140-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5
Content-Length: 960

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 484ms
166ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=es6
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 02:26:01 GMT
content-encoding: br
last-modified: Mon, 25 Apr 2022 20:56:28 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/101.0.0
server-timing: cache-lax10677, PASS, fastly;desc="Edge time";dur=14
accept-ranges: bytes
content-length: 94

GET
H2 200 tex-mml-chtml.js Show response
cdn.jsdelivr.net/npm/mathjax@3/es5/ 790 KB
164 KB 49ms
32ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js

Requested by

Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afede2b4e32d1868daa74c7ed7486eea35bf8190b3c47b282ab39dee0c914866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 02:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17170
x-jsd-version: 3.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c574f-kndDlBbZP11Yh1KTCW8vTtVnU98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVkuT6d6ydzfVCst4LCGE1vX7M91MzzkoAygY2UAHAvCTsfT%2FIqXonj%2FrBbR522x1WaUCe7g82BTFUSEwh65eJf%2BgNil8c%2Fn937GWaipdgb2l5Cgg1Za6xJzEVfOv6xRJTTmUveA1ceoXl%2Fzbe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 704d4f47f81a8fd6-FRA

GET
H/1.1 200
OK dlpl05s.gif
www.duping.net/images/ 3 KB
4 KB 150ms
150ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/dlpl05s.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: dbb73788fd449984eef50af67b9b84cfb281e5be4931a168601b641105533c70

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603e5-d42-4c01559d7be40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3394

GET
H/1.1 200
OK 12open.gif
www.duping.net/images/ 130 B
397 B 149ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/12open.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 4526dcf260c00ea6184baa195ca3dfef6c581a74708f92efe9fba370418281ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603d0-82-4c01559d7be40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 130

GET
H/1.1 200
OK editor.js Show response
www.duping.net/javascripts/ 12 KB
4 KB 151ms
150ms Script
application/javascript 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.duping.net/javascripts/editor.js
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 43bf7cff769802cf032c5732774a7555cb3dd8fab6de6930a3e4cfc773ae895f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 May 2012 17:12:01 GMT
Server: Apache
ETag: "6a60411-2f30-4c0164d079a40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3430

GET
H2

200

tccl.min.js Show response
img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/
Redirect Chain

https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js

44 KB
11 KB

17ms
8ms

Script
application/javascript

23.36.163.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: H2
Server: 23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-225.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 135, 135
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
x-amz-request-id: N5JSXGJTVEFZM8E9
x-edgeconnect-midmile-rtt: 15, 15
x-amz-server-side-encryption: AES256
date: Mon, 02 May 2022 02:26:01 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 11155
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
date: Mon, 02 May 2022 02:26:01 GMT
cache-control: max-age=5
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0
expires: Mon, 02 May 2022 02:26:06 GMT

GET
H/1.1 200
OK screen.css
www.duping.net/stylesheets/comm/ 9 KB
3 KB 151ms
151ms Stylesheet
text/css 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.duping.net/stylesheets/comm/screen.css
Requested by: Host: www.duping.net
URL: http://www.duping.net/stylesheets/comm/XHC11.css
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: c9ccefcafa539f3da0089461cd580b031863c7f9f900b94ebecd49a7f06e2054

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/stylesheets/comm/XHC11.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 23:08:47 GMT
Server: Apache
ETag: "6a60426-242a-51f3054e8fdc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2283

GET
H/1.1 200
OK bold.gif
www.duping.net/images/ 77 B
343 B 273ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/bold.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 5a06b08f4619c06f877557c20544f7199b6c0e95efeb2aef65d2776edee39175

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603db-4d-4c01559d7be40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 77

GET
H/1.1 200
OK underline.gif
www.duping.net/images/ 129 B
396 B 274ms
150ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/underline.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: c9f5ffcaf732a65a9cf83008b2f5ac353f1129bba060796c31dd8a126f01df6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a60407-81-4c01559d7be40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 129

GET
H/1.1 200
OK italic.gif
www.duping.net/images/ 119 B
412 B 298ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/italic.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 5b3b24550734c7243a009de052d2be91afb5dd690e33519fd03ac5e6883ffd37

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603f6-77-4c01559d7be40"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5
Content-Length: 119

GET
H/1.1 200
OK justifyleft.gif
www.duping.net/images/ 72 B
364 B 297ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/justifyleft.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 0b2241d05bd2fa9b9f31fb0ad0f6d8dd506e9da6f7571d5240d1ba276c93e1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603f9-48-4c01559d7be40"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5
Content-Length: 72

GET
H/1.1 200
OK justifycenter.gif
www.duping.net/images/ 71 B
363 B 174ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/justifycenter.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: b3080457b2cbea336d84222dbfb1dd846a4c83832e183b2ef28e2eb8922beca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603f8-47-4c01559d7be40"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5
Content-Length: 71

GET
H/1.1 200
OK justifyright.gif
www.duping.net/images/ 71 B
363 B 175ms
150ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/justifyright.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 3d8c46170afe4329b3fdaa1a45a4a4302929b5ebbe6b1393da5e185ec0374f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603fa-47-4c01559d7be40"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5
Content-Length: 71

GET
H/1.1 200
OK indent.gif
www.duping.net/images/ 131 B
398 B 150ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/indent.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: ec2c5285f29f345aaaecdaf73d44a4e9353635a4035fc3d4a50090ab5c9331d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603f5-83-4c01559d7be40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 131

GET
H/1.1 200
OK link.gif
www.duping.net/images/ 185 B
452 B 150ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/link.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 2048b980c17cb3705d8b9fcf33578b477dc7e30d04d74b46aa33ecd587d89d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603fc-b9-4c01559d7be40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 185

GET
H/1.1 200
OK image.gif
www.duping.net/images/ 173 B
440 B 150ms
149ms Image
image/gif 160.153.63.167
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.duping.net/images/image.gif
Requested by: Host: www.duping.net
URL: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
Protocol: HTTP/1.1
Server: 160.153.63.167 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-160-153-63-167.ip.secureserver.net
Software: Apache /
Resource Hash: 63d80cb4e4c76937e673ddcda9e8f51f46f36d859f50aeb5f7368f5903babbe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/XHC/show.php?bbs=11&post=1450820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 02:26:01 GMT
Last-Modified: Tue, 15 May 2012 16:04:01 GMT
Server: Apache
ETag: "6a603f4-ad-4c01559d7be40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 173

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
290 B 164ms
99ms XHR
image/gif 2a02:26f0:6c00::210:baf2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1651458361668&dh=www.duping.net&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&vci=2098279501&cv=2.0.0&z=1085836009&vg=9e036ce6-c889-59fa-be4f-cca73e3289c5&vtg=9e036ce6-c889-59fa-be4f-cca73e3289c5&dp=%2FXHC%2Fshow.php&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0778%22%2C%22id%22%3A%228450914%22%7D&hit_id=8031d79c-0e92-573c-8d7e-defef73ecb74&ht=pageview

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
date: Mon, 02 May 2022 02:26:02 GMT
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: http://www.duping.net
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
290 B 161ms
101ms XHR
image/gif 2a02:26f0:6c00::210:baf2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?cts=1651458362060&dh=www.duping.net&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&vci=2098279501&cv=2.0.0&z=762954365&vg=9e036ce6-c889-59fa-be4f-cca73e3289c5&vtg=9e036ce6-c889-59fa-be4f-cca73e3289c5&dp=%2FXHC%2Fshow.php&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22p3plcpnl0778%22%2C%22id%22%3A%228450914%22%7D&hit_id=32e78bba-5fad-5959-86cf-96342cade25f&ht=perf&tce=1651458360866&tcs=1651458360717&tdc=1651458362055&tdclee=1651458361736&tdcles=1651458361729&tdi=1651458361729&tdl=1651458361050&tdle=1651458360717&tdls=1651458360717&tfs=1651458360716&tns=1651458360716&trqs=1651458360866&tre=1651458361046&trps=1651458361044&tles=1651458362055&tlee=0&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00::210:baf2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.duping.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
date: Mon, 02 May 2022 02:26:02 GMT
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: http://www.duping.net
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.duping.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: c2rqh13stpab11k150edkalph1
.duping.net/	1970-01-20 11:29:54	Name: _tccl_visitor Value: 9e036ce6-c889-59fa-be4f-cca73e3289c5
.duping.net/	1970-01-20 02:44:20	Name: _tccl_visit Value: 9e036ce6-c889-59fa-be4f-cca73e3289c5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
events.api.secureserver.net
img1.wsimg.com
img6.wsimg.com
polyfill.io
www.duping.net
160.153.63.167
23.36.163.225
2606:4700::6810:5514
2a02:26f0:6c00::210:baf2
2a04:4e42:e00::282
0b2241d05bd2fa9b9f31fb0ad0f6d8dd506e9da6f7571d5240d1ba276c93e1a0
17a87132baebe48ac72cba520c8eff6bf589ae453fcedb91635f25f36653ae74
1d06c70bf7922b879f5c588308c13ccfaf4f473b484b4f55d14101e66b299f40
2048b980c17cb3705d8b9fcf33578b477dc7e30d04d74b46aa33ecd587d89d2c
3d8c46170afe4329b3fdaa1a45a4a4302929b5ebbe6b1393da5e185ec0374f87
43bf7cff769802cf032c5732774a7555cb3dd8fab6de6930a3e4cfc773ae895f
4526dcf260c00ea6184baa195ca3dfef6c581a74708f92efe9fba370418281ec
5a06b08f4619c06f877557c20544f7199b6c0e95efeb2aef65d2776edee39175
5b3b24550734c7243a009de052d2be91afb5dd690e33519fd03ac5e6883ffd37
63d80cb4e4c76937e673ddcda9e8f51f46f36d859f50aeb5f7368f5903babbe7
6cb0efedc1729d965016a35584cb00b03aa46e1a5e170f4b3ce092c7c3e99ec7
ab866978e2d645b8c3b95ccd3e4bfe3790d74ec0d56a7e8373615794cfb26e0a
afede2b4e32d1868daa74c7ed7486eea35bf8190b3c47b282ab39dee0c914866
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3080457b2cbea336d84222dbfb1dd846a4c83832e183b2ef28e2eb8922beca8
c9ccefcafa539f3da0089461cd580b031863c7f9f900b94ebecd49a7f06e2054
c9f5ffcaf732a65a9cf83008b2f5ac353f1129bba060796c31dd8a126f01df6c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbb73788fd449984eef50af67b9b84cfb281e5be4931a168601b641105533c70
ec2c5285f29f345aaaecdaf73d44a4e9353635a4035fc3d4a50090ab5c9331d5

www.duping.net Open in urlscan Pro 160.153.63.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

19 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

202 kBTransfer

881 kBSize

3 Cookies

5 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

3 Cookies

Indicators

www.duping.net Open in urlscan Pro
160.153.63.167 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

19 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

202 kB
Transfer

881 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions