urlscan.io logo urlscan.io
SecurityTrails logo

dutsh-helppackage.ecranul.ro Open in urlscan Pro
85.9.63.169  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dutsh-helppackage.ecranul.ro/public/4Z0P6EcsW9t1hDlng8XthBjzyjBRv8TR
Effective URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Submission: On February 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 85.9.63.169, located in Bucharest, Romania and belongs to GTS-BACKBONE GTS Telecom, RO. The main domain is dutsh-helppackage.ecranul.ro.
TLS certificate: Issued by R3 on January 13th 2023. Valid for: 3 months.
This is the only time dutsh-helppackage.ecranul.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
3 19 85.9.63.169 5606 (GTS-BACKB...)
2 2a04:4e42::485 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 18.238.4.47 16509 (AMAZON-02)
1 13.225.41.47 16509 (AMAZON-02)
1 13.226.204.22 16509 (AMAZON-02)
1 52.51.89.236 16509 (AMAZON-02)
1 108.156.211.80 16509 (AMAZON-02)
1 104.198.23.205 15169 (GOOGLE)
38 14
19    85.9.63.169 (Bucharest, Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
PTR: cw85-i-fc169.romania-webhosting.com
dutsh-helppackage.ecranul.ro
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:3030::6815:ba0 (United States)

ASN13335 (CLOUDFLARENET, US)
killbot.org
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:3038::6815:ea90 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-in.com
6    2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    18.238.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-47.phl51.r.cloudfront.net
static.hotjar.com
1    13.225.41.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-41-47.dfw50.r.cloudfront.net
script.hotjar.com
1    13.226.204.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-204-22.dfw55.r.cloudfront.net
vars.hotjar.com
1    52.51.89.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-89-236.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    108.156.211.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-211-80.dfw56.r.cloudfront.net
vc.hotjar.io
1    104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com
r.lr-in.com
Apex Domain
Subdomains		 Transfer
19 ecranul.ro
dutsh-helppackage.ecranul.ro
284 KB
7 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3111
ka-f.fontawesome.com — Cisco Umbrella Rank: 5588
287 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1182
vars.hotjar.com — Cisco Umbrella Rank: 1255
in.hotjar.com — Cisco Umbrella Rank: 2286
73 KB
2 lr-in.com
cdn.lr-in.com — Cisco Umbrella Rank: 33081
r.lr-in.com — Cisco Umbrella Rank: 43000
162 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 343
82 KB
2 killbot.org
killbot.org
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 468
3 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3050
258 B
0 Failed
function sub() { [native code] }. Failed
38 9
Domain Requested by
19 dutsh-helppackage.ecranul.ro 3 redirects dutsh-helppackage.ecranul.ro
6 ka-f.fontawesome.com kit.fontawesome.com
dutsh-helppackage.ecranul.ro
2 cdnjs.cloudflare.com dutsh-helppackage.ecranul.ro
cdnjs.cloudflare.com
2 killbot.org cdn.jsdelivr.net
2 cdn.jsdelivr.net dutsh-helppackage.ecranul.ro
1 r.lr-in.com cdn.lr-in.com
1 vc.hotjar.io dutsh-helppackage.ecranul.ro
1 in.hotjar.com dutsh-helppackage.ecranul.ro
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com dutsh-helppackage.ecranul.ro
1 cdn.lr-in.com dutsh-helppackage.ecranul.ro
1 kit.fontawesome.com dutsh-helppackage.ecranul.ro
0 eofcbnmajmjmplflapaojjnihcjkigck Failed dutsh-helppackage.ecranul.ro
38 14

This site contains no links.

Subject Issuer Validity Valid
*.ecranul.ro
R3		 2023-01-13 -
2023-04-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-29 -
2023-06-28		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
api.logrocket.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Frame ID: 7F6FF0C91DA87C7AB6EB8C0C3B6BA163
Requests: 37 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 07E84962EF3E8D983D9DA5FD72E0C8D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DHL

Page URL History Show full URLs

  1. https://dutsh-helppackage.ecranul.ro/public/4Z0P6EcsW9t1hDlng8XthBjzyjBRv8TR HTTP 302
    https://dutsh-helppackage.ecranul.ro/public HTTP 301
    https://dutsh-helppackage.ecranul.ro/public/ Page URL
  2. https://dutsh-helppackage.ecranul.ro/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs/ HTTP 301
    https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

38
Requests

95 %
HTTPS

46 %
IPv6

9
Domains

14
Subdomains

14
IPs

3
Countries

892 kB
Transfer

4147 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dutsh-helppackage.ecranul.ro/public/4Z0P6EcsW9t1hDlng8XthBjzyjBRv8TR HTTP 302
    https://dutsh-helppackage.ecranul.ro/public HTTP 301
    https://dutsh-helppackage.ecranul.ro/public/ Page URL
  2. https://dutsh-helppackage.ecranul.ro/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs/ HTTP 301
    https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://dutsh-helppackage.ecranul.ro/public/4Z0P6EcsW9t1hDlng8XthBjzyjBRv8TR HTTP 302
  • https://dutsh-helppackage.ecranul.ro/public HTTP 301
  • https://dutsh-helppackage.ecranul.ro/public/

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dutsh-helppackage.ecranul.ro/public/
Redirect Chain
  • https://dutsh-helppackage.ecranul.ro/public/4Z0P6EcsW9t1hDlng8XthBjzyjBRv8TR
  • https://dutsh-helppackage.ecranul.ro/public
  • https://dutsh-helppackage.ecranul.ro/public/
558 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
b27a95b2f21c5165ba455820169b55e2c4f0c80af3f08e29710d92d6ac12cd84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-length
317
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 15:12:53 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

content-length
707
content-type
text/html
date
Tue, 14 Feb 2023 15:12:52 GMT
location
https://dutsh-helppackage.ecranul.ro/public/
server
LiteSpeed
main.min.js
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Feb 2023 15:12:54 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
27414
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1164
x-served-by
cache-fra-eddf8230107-FRA, cache-ewr18183-EWR
x-jsd-version-type
branch
etag
W/"a7c-3clzt6jQEoCCCFpNJxdD1AwWMyw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
whois
killbot.org/api/v2/ 		83 B
813 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:ba0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVhiBLm4NB31YqsxXVKFtNqTpRh6Z%2BXRTyyk7OskUd6QcTYpzRdzcz0RFmO6y%2Bi6mPQOjt8ggxPV17ipZZ7CGM5zJ8leo5dYJw%2FjXmhGMcHHk9GF%2FwLNhepdY5sCXaWlUYSmY8YmfBALbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
7996bea64b418ce6-EWR
bug-bounty
Report to live chat :)
expires
Thu, 19 Nov 1981 08:52:00 GMT
Primary Request qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
dutsh-helppackage.ecranul.ro/public/
Redirect Chain
  • https://dutsh-helppackage.ecranul.ro/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs/
  • https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
59 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
dae81dee90cf667f63813bf823dbf244acc786447741b167c3b58bc6dc198db0

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-length
14643
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 15:12:54 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
707
content-type
text/html
date
Tue, 14 Feb 2023 15:12:53 GMT
location
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
server
LiteSpeed
f7165dd215.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/f7165dd215.js
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3781276c947446303f95592499e641929c792c682fcfc73b390184963b4adc36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
39
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7996beaabf5d8cd6-EWR
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F0J_MFIXzdOg32VK2KMD
main.min.js
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
794436da3513bb03f61bcd950dc8905b6ecb9d9f3ee03481d6a4e8f73a43a335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Feb 2023 15:12:55 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
27415
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1164
x-served-by
cache-fra-eddf8230107-FRA, cache-ewr18183-EWR
x-jsd-version-type
branch
etag
W/"a7c-3clzt6jQEoCCCFpNJxdD1AwWMyw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
app.css
dutsh-helppackage.ecranul.ro/public/css/ 		429 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
content-encoding
br
last-modified
Wed, 03 Aug 2022 14:29:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
51485
expires
Tue, 21 Feb 2023 15:12:54 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
425660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxn9Ige9f1hiGdPIDGbDONoUvXiKPhz7FxDxNE6qwYxpn3ebCCq4Nvn%2F4tL7kaoYDANyvsP4LzZoq4wUxLOOO7%2Fwmwx15z8fSgArrs0CimHndn6PWF37kwVKS3mn%2FhFGhKBL3NzUs52hts8Uz%2BJvJVio"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7996beaabca48c15-EWR
expires
Sun, 04 Feb 2024 15:12:55 GMT
logger-1.min.js
cdn.lr-in.com/ 		805 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in.com/logger-1.min.js
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b37426bb92146241755268460ed5126f78ac97730908780d7d35c8c82d3343
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21981-LGA
last-modified
Mon, 13 Feb 2023 22:32:45 GMT
server
cloudflare
x-timer
S1676327738.307614,VS0,VE1
etag
W/"3590a6dd8fb28207117e1077866bb3c5ca03765165c2821cc73ed425dc5695e1"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGEJ03sgpYNkL7zwGJ2qUaaFo6w9YaGlioYhLYmUTk%2F4V882r1xz%2B8EhaPQyJijtvGjtg89x%2BrLwVigmwGVIkftFump9xy2SUJWFuJGQIPislDvAwhKTjR7HPl3C4Mn8WzJULO9fukbko2lK"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7996beab0ba3c32b-EWR
x-cache-hits
1
fonts.css
eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/ 		0
0
logo.png
dutsh-helppackage.ecranul.ro/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dutsh-helppackage.ecranul.ro/images/logo.png
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
last-modified
Wed, 03 Aug 2022 14:29:04 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1998
expires
Tue, 21 Feb 2023 15:12:54 GMT
all.png
dutsh-helppackage.ecranul.ro/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dutsh-helppackage.ecranul.ro/images/all.png
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
last-modified
Wed, 03 Aug 2022 14:29:04 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12499
expires
Tue, 21 Feb 2023 15:12:54 GMT
foo.png
dutsh-helppackage.ecranul.ro/images/ 		599 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dutsh-helppackage.ecranul.ro/images/foo.png
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
c7c3a1cba36dd297b22ea64727b2365076485d3dba7b8f925961097051b81d46

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
app.js
dutsh-helppackage.ecranul.ro/public/js/ 		2 MB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/public/js/app.js
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
content-encoding
br
last-modified
Wed, 03 Aug 2022 14:29:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
195222
expires
Tue, 21 Feb 2023 15:12:54 GMT
session-recorder.js
dutsh-helppackage.ecranul.ro/public/js/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/public/js/session-recorder.js
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:51 GMT
content-encoding
br
last-modified
Wed, 03 Aug 2022 14:29:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10820
expires
Tue, 21 Feb 2023 15:12:51 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ 		100 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.3.0/css/free.min.css?token=f7165dd215
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
PHL50-C1
age
595078
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 Jan 2023 18:17:21 GMT
server
cloudflare
etag
W/"b7d524a460c5ceb6420db3aec0be8c92"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmfabjSD3f3fGp7ri2vy39wRHSOULaklXksLlJBlWZ%2B9dEwlwx%2BopjQ1PUIyiSwFsPvrfBnEsZusBayAoYKA4jwqk9jsUmGG667spo7Tq8hvMV4DWP79TpbSdzhKf%2B0QghHw8xVjvo5nnpi1XaaUgb2Suw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7996beab0e451a44-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
7qk65xWDKczw6oomyD2a5Hh9jZdxWspCLipll5QAxGlEehvPHtis-A==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-shims.min.css?token=f7165dd215
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
via
1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
PHL50-C1
age
595078
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 Jan 2023 18:17:21 GMT
server
cloudflare
etag
W/"3a57f9df341838cc106903c71730d13b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QygVwliEBlnqM8C30Qw3Su8cEzTYLt6F9tuax2XLHvszof7pBVPYVcRxxhbUoRHLXHP85anRc%2F8x%2FMf4fBjZuW50Q0TsTagDXJ2hXLNzDKeErROSwqkn9pYaE1DGBpYgXVer2U2FrMsCTAzAIwPys2pIwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7996beab0e471a44-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
8jdGVSdmefLlvnUBhmS0Ur_dbtxZeW7WrGRDH1co77jU6d4fakkPIQ==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ 		823 B
718 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v5-font-face.min.css?token=f7165dd215
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
PHL50-C1
age
595078
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 Jan 2023 18:17:21 GMT
server
cloudflare
etag
W/"fdedb74e19e1bffdcab908079cabd49a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BB3CUy1IVivzu0JCl2xconnypSKZkjaVq0IufAX2wNoJE9El8M8sv0d5xkjE47AKQGoiFOFL4VWPoLtQfDtYjcm4ZaCzEM0mvK829k7pBjB7QmaRspEkcDr7mkV%2FZdV7EOxIdvhoVPmpJCfhmvQm%2FJb2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7996beab0e481a44-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
OvS8wxIvNo-_2KxWyLZJ76Q_ad7JaNmqjNM5O9hcBr9dhJkaN4xzcg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.3.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-font-face.min.css?token=f7165dd215
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f7165dd215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
via
1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
PHL50-C1
age
595078
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 Jan 2023 18:17:21 GMT
server
cloudflare
etag
W/"00bb3d26f3fee308e5747eb9f5760b48"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfGHvdLj7EhXR9H%2BWy7DhU43wicgNY8O7F53nfCzoishmbo243y0i%2BImF%2Fpt4szeTkQCHNovY%2BxYBgUtZ5AItfGkmWH0Q6XkEQ6%2BHSSOV%2BwiRcqEBR9rwMs6LYbHt1p5e%2BxV74zH4M9S9xz61YGNmsFXfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7996beab0e4a1a44-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
znYTZXTxBcQqlZPPd-yVlyEwsHgOJghK7iR5Ba1DllgT44mlwCH8EA==
whois
killbot.org/api/v2/ 		83 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:ba0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8991bad621d759d15a02caaec9797e4d9dcf8e2d2ff64e1a0cebc07675b6aed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJF2Dm%2Fkev5BzjcwbYyAR6VKtawWhMIlbUnJ5fswoWkeh93%2FX9k6CuFmSt9cBtCPfiiJv0yAznhzNBjfjpBwwxZu6dx9PfL%2BiSiG4sFjDKGeDpXX9FXd1v3CsMTtFqG1fKfqUtq57MG1EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
7996beaaef698ce6-EWR
bug-bounty
Report to live chat :)
expires
Thu, 19 Nov 1981 08:52:00 GMT
hotjar-2895475.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2895475.js?sv=6
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
/
Resource Hash
420fcf5a781f33572c549ea9fd415f7fefb1fdabf12fa6e409d6d0f33dff343a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
14
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/c25a2ef480eae368ebb6669ff7e86cfd
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
lOe3Lv18ayzPGh248oWltYuYzyDaH6qcgZ2jTH8QvYWFEiaVYLfsfg==
roboto-latin-400-normal.woff2
dutsh-helppackage.ecranul.ro/fonts/vendor/@fontsource/roboto/files/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
webfa-solid-900.woff2
dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:54 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
webfa-brands-400.woff2
dutsh-helppackage.ecranul.ro/public/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
924206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4C2biDlZexqJu3VrF8UOAS%2FrBtokUrXo8fVYiL2aXVpyjL7dnyK3Cw2GR8hZcWDre2lpZBxft6VlJmJ%2FmJ%2BjsnFn5QaFksCPWeYFQTNDjeY5vq8gJarE74Etn4uJClYM94UoMf7b2lDd0mJiEVQQAlz"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7996bead2cfe17f1-EWR
expires
Sun, 04 Feb 2024 15:12:55 GMT
modules.5dca1694a4338dade13b.js
script.hotjar.com/ 		261 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5dca1694a4338dade13b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2895475.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.41.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-41-47.dfw50.r.cloudfront.net
Software
/
Resource Hash
68212c3281ce75ccacc67cad7cc209eda658306c66dddd4875340aa65e3639e3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 08:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 a29822829c600346e3d9340fbf747f6c.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW50-C1
age
23030
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68080
last-modified
Tue, 14 Feb 2023 08:48:49 GMT
etag
"902c7d4a043c8419d7d05fb340da4f92"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
sLqpW83oAaxOXH_YWisCc9jVNmUpVm34VNbZOtOHOAOM-fJG832svA==
roboto-all-400-normal.woff
dutsh-helppackage.ecranul.ro/fonts/vendor/@fontsource/roboto/files/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
webfa-solid-900.woff
dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
webfa-brands-400.woff
dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
webfa-solid-900.ttf
dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
5bfec640-35d1-4557-a161-d42c0c2e1c21
https://dutsh-helppackage.ecranul.ro/ 		443 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dutsh-helppackage.ecranul.ro/5bfec640-35d1-4557-a161-d42c0c2e1c21
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0296fd423e572241204233375f7719b4fcff146d2e979dc7325e434c3c1b1b6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length
454052
Content-Type
webfa-brands-400.ttf
dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
85.9.63.169 Bucharest, Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
cw85-i-fc169.romania-webhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/public/css/app.css
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:55 GMT
cache-control
no-cache, private
content-encoding
br
server
LiteSpeed
content-length
2032
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.3.0/webfonts/ 		146 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.3.0/webfonts/free-fa-solid-900.woff2
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a963d0d6baf5f8ad3a8d21c2bff2971d0819789204815a7082d8d4776dec4a80

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:56 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
PHL50-C1
age
595078
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
149896
last-modified
Tue, 31 Jan 2023 18:29:16 GMT
server
cloudflare
etag
"c00cd95af40d3d74e114025555250f09"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hm0HMJlYyVofuSwCZF%2FhmsfbU44zA8qe7AIYu0VGPOwaR%2FCh3j8AFyxOBE37w9yj82CHJl%2BFDGXQI6osPhBHPoAXf%2Fj4CQW%2BXryHNqMOyESwGaTgEqUc4gKNCDEL6BY7JS5akdEefIg7QMS1lhqE%2BWLyyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7996beb0ca4b1a44-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
8OHovOhUujEGIoOdsjOVRs9PL882AUO8KrlI0s57fNa_KrkkNz_c6A==
box-e031119f9e9e307a08fa610f85dbfb52.html
vars.hotjar.com/ Frame 07E8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2895475.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.204.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-204-22.dfw55.r.cloudfront.net
Software
/
Resource Hash
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
957770
cache-control
max-age=31536000
content-encoding
br
content-length
1034
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 13:10:06 GMT
etag
"112fdf47cdb80b9ce3d033ed09717460"
last-modified
Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 3752ccf5503decd10d1a32bdcf2a0cb4.cloudfront.net (CloudFront)
x-amz-cf-id
98UA1vmK1QUpRgAZNC3WB-CixK5Iw3EN7WnI8O5ioNBBFEdYzFKbqQ==
x-amz-cf-pop
DFW55-C2
x-cache
Hit from cloudfront
x-robots-tag
none
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.3.0/webfonts/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.3.0/webfonts/free-fa-brands-400.woff2
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/qwPV17NxHQmcP7Scc15fCcZZuqqaAWxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a5aba06e482e1506bdf5b3a730147d4a0ed7f088f6425cc9b166bf8a105fd8

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/
Origin
https://dutsh-helppackage.ecranul.ro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:56 GMT
via
1.1 266398c48167bf812d01820529b531e0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
BOS50-P1
age
441970
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
108000
last-modified
Tue, 31 Jan 2023 18:29:16 GMT
server
cloudflare
etag
"3a97d67deb684f79e3c15c05718be7e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt7M5LHdEEVqFXFlry7EOsdBZWRRP%2BwumEwIZHzG0J1qS5eRkukhXqZkrGbNe5AGqKGu58OLzyUd4E8akmnHuUh8DvXsJZ7XATrqH0wkytx06VSUIGjVieflWGZCanBUt28vfImfhTLYq194g%2BypIuJzTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7996beb1cbf6176c-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
unczjzBMnW462MGSmcUL8FPf6cCUWyvrpdx_XXp_6lHIDKU5XhM6-g==
visit-data
in.hotjar.com/api/v2/client/sites/2895475/ 		147 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2895475/visit-data?sv=6
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/js/session-recorder.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.89.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-89-236.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b

Request headers

Referer
https://dutsh-helppackage.ecranul.ro/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 14 Feb 2023 15:12:56 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
2895475
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2895475?s=0.25&r=0.1358767103159919
Requested by
Host: dutsh-helppackage.ecranul.ro
URL: https://dutsh-helppackage.ecranul.ro/public/js/session-recorder.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.211.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-211-80.dfw56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:56 GMT
via
1.1 346313f93be9e5600efa5834c34fe526.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
DFW56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
ojsjxkDAY8YsmeEIy5LOgDmIuCY_qfZcmVf88Myv8LaaccRttXjLyA==
i
r.lr-in.com/ 		104 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-in.com/i?a=mnnzup%2Fdus&r=5-25b53492-b196-45f3-8c51-91c52a85a0ec&t=f276f5ac-4556-4860-bb69-335708e21764&s=0&rs=0%2Cu&u=9fd08200-12ba-446d-af77-b6486920ffda&is=1
Requested by
Host: cdn.lr-in.com
URL: https://cdn.lr-in.com/logger-1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
205.23.198.104.bc.googleusercontent.com
Software
/ Express
Resource Hash
56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dutsh-helppackage.ecranul.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:12:59 GMT
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"68-bKW1I+6ujOEijWzRIER2LWMXtxA"
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries
content-length
104

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
eofcbnmajmjmplflapaojjnihcjkigck
URL
chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| FontAwesomeKitConfig object| _0x3185 function| _0x501f function| _0x34aede function| redirect string| sessionHash function| hj object| _hjSettings object| regeneratorRuntime object| __SDKCONFIG__ function| _LRLogger object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackChunk function| jQuery function| $ object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| intlTelInputUtils function| openNav function| closeNav function| _lrMutationObserver function| _lrXMLHttpRequest boolean| _lr_loaded boolean| errorInB boolean| errorInC object| authTimeout boolean| hasBLogin boolean| isInBLogin object| bLogin function| Pusher object| Echo

11 Cookies

Domain/Path Name / Value
dutsh-helppackage.ecranul.ro/ Name: XSRF-TOKEN
Value: eyJpdiI6Imlta3BvQmZrUWxBTXRYRm1vQkhSM1E9PSIsInZhbHVlIjoiNS9Yc01WWDBLMC83SmlmZWlYa2JGNDN0SVVWOEtuTHhaaVhUWWhjVVN2eGdIb295WG56YUxHZHlSbUhwWkt0ekFyZW9xeElMVUt3RnVsTi9idG9JdEpXS0FsVVpIS3E5SE03Wk05SzZCV1lEUmxRYUdDa2dvdjB3c2RqMjZ6YXAiLCJtYWMiOiJmMzkxNDI4ZjU5NTY4ZDRlZWQ3YjQyYjMxNWVhNTIzMjZjN2IwNjRiNzRmODYwNWRhYWFjYjM2OTgzZGQwNjAxIiwidGFnIjoiIn0%3D
dutsh-helppackage.ecranul.ro/ Name: laravel_session
Value: eyJpdiI6IndZeVNoSUhSWDQvLzBtNENrend1VUE9PSIsInZhbHVlIjoiZUtJalg4enhCNHk3SEVvMGhlZzBVQjhjS0lBQWV4cFBsREVoQnQ4UHJMT1BFSkFOSVlxV3BiVTdoV09lZFVkYzF2QTBjb2poekZPTEw1NHI0UWN2czBSdEs1ZUpMa2FYckVIN3ZtZFl3bFZiVThpNWJrTkI0VzgzWGd2dldMc3EiLCJtYWMiOiI3Y2YxOWZhMWNiOGNjMTNlODkyMmE4MTdmYTU5ZDhhMWRlZjg5NDQxZjliZGM2YmI2ZDVlMjMzYTQ0ZGYyZWFlIiwidGFnIjoiIn0%3D
dutsh-helppackage.ecranul.ro/ Name: _lr_tabs_-mnnzup%2Fdus
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-25b53492-b196-45f3-8c51-91c52a85a0ec%22%2C%22lastActivity%22:1676387576289}
dutsh-helppackage.ecranul.ro/ Name: _lr_hb_-mnnzup%2Fdus
Value: {%22heartbeat%22:1676387576290}
dutsh-helppackage.ecranul.ro/ Name: _lr_uf_-mnnzup
Value: a1b727a6-52d3-42d3-b39e-e040ef7cd9c7
.ecranul.ro/ Name: _hjSessionUser_2895475
Value: eyJpZCI6ImNiZDVhN2ZmLWJlMTEtNTU5OS1hMWZlLTFhMDhjZDNmZDJjYyIsImNyZWF0ZWQiOjE2NzYzODc1NzY1MzksImV4aXN0aW5nIjpmYWxzZX0=
.ecranul.ro/ Name: _hjFirstSeen
Value: 1
.ecranul.ro/ Name: _hjIncludedInSessionSample_2895475
Value: 1
.ecranul.ro/ Name: _hjSession_2895475
Value: eyJpZCI6ImNkODFlOTA0LTg5YzctNDk5NC04MjgzLTQ0Yzk1Njg3N2ZkMyIsImNyZWF0ZWQiOjE2NzYzODc1NzY3NDIsImluU2FtcGxlIjp0cnVlfQ==
dutsh-helppackage.ecranul.ro/ Name: _hjIncludedInPageviewSample
Value: 1
.ecranul.ro/ Name: _hjAbsoluteSessionInProgress
Value: 1

12 Console Messages

Source Level URL
Text
network error URL: https://killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network error URL: https://killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/images/foo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dutsh-helppackage.ecranul.ro/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.lr-in.com
cdnjs.cloudflare.com
dutsh-helppackage.ecranul.ro
eofcbnmajmjmplflapaojjnihcjkigck
in.hotjar.com
ka-f.fontawesome.com
killbot.org
kit.fontawesome.com
r.lr-in.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
eofcbnmajmjmplflapaojjnihcjkigck
104.198.23.205
108.156.211.80
13.225.41.47
13.226.204.22
18.238.4.47
2606:4700:3030::6815:ba0
2606:4700:3038::6815:ea90
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700:e4::ac40:a916
2a04:4e42::485
52.51.89.236
85.9.63.169
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
3781276c947446303f95592499e641929c792c682fcfc73b390184963b4adc36
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
420fcf5a781f33572c549ea9fd415f7fefb1fdabf12fa6e409d6d0f33dff343a
4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3
56c57ddb04140a37df2f0b9ae80dbdd58368da58e2705746420039eeb6a60b90
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
68212c3281ce75ccacc67cad7cc209eda658306c66dddd4875340aa65e3639e3
7622f903aea5ca12c0cedd665448ad8496c4c9b954f42768c55f1a011897797b
794436da3513bb03f61bcd950dc8905b6ecb9d9f3ee03481d6a4e8f73a43a335
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9
a963d0d6baf5f8ad3a8d21c2bff2971d0819789204815a7082d8d4776dec4a80
aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8
b27a95b2f21c5165ba455820169b55e2c4f0c80af3f08e29710d92d6ac12cd84
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
c7c3a1cba36dd297b22ea64727b2365076485d3dba7b8f925961097051b81d46
d1b37426bb92146241755268460ed5126f78ac97730908780d7d35c8c82d3343
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
dae81dee90cf667f63813bf823dbf244acc786447741b167c3b58bc6dc198db0
e0296fd423e572241204233375f7719b4fcff146d2e979dc7325e434c3c1b1b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7a5aba06e482e1506bdf5b3a730147d4a0ed7f088f6425cc9b166bf8a105fd8
f8991bad621d759d15a02caaec9797e4d9dcf8e2d2ff64e1a0cebc07675b6aed
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545