| cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js | 104.17.25.14 | 200 OK | 3.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js IP104.17.25.14:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (542) Hashcc290e6c3aeecf5021dd82ad8df2512a fb983aecd3940e8ebbfe5e74c8099cee9223c957 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
GET /ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 3074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-2087"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 476491
expires: Sun, 27 Apr 2025 04:49:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zBejZm0tt%2F%2FhBDi6LByBaiFKOlwiBPSYZjD30mE8SBN%2BD3OOTJcOpd0LlByF3ROaZ3xC66ydsVQgHkvvYBvy7pic8qgk33sRJ%2FCof%2FSLUlAXJKxI4nivhRZzJwiMTxmMjLUwcxX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87fe95b1396f1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js | 104.17.25.14 | 200 OK | 418 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js IP104.17.25.14:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65317) Size418 kB (418541 bytes) Hashd5beb8fa265f90be5ccadd6b32b8672f 7bdc23c06b51e7e42c05de486680a3c18aa5ce5a 6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
GET /ajax/libs/font-awesome/6.2.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 418541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-662ed"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 559298
expires: Sun, 27 Apr 2025 04:49:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3fDUpdRgnSejJOfH0r7kvZzS4Lkk01XPut1t%2BOkH61PvvUdiMfaBEC8DenbYR9jj8sLKFSQH6bu3CqKAjkMg8xAhaFQGeM7b7pyHmSaYJz2agmEnc4VLdpPfpi4BZ6zTUOsxjXT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87fe95b129621c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css | 151.101.193.229 | 200 OK | 25 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css IP151.101.193.229:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (65306) Hashabe91756d18b7cd60871a2f47c1e8192 7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 04:49:40 GMT
age: 28580620
x-served-by: cache-fra-eddf8230097-FRA, cache-hel1410026-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js | 151.101.193.229 | 200 OK | 24 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP151.101.193.229:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Tue, 07 May 2024 04:49:40 GMT
age: 1271963
x-served-by: cache-fra-eddf8230080-FRA, cache-hel1410026-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
X-Firefox-Spdy: h2
|
|
| priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 | 104.21.50.226 | 200 OK | 32 kB |
URL User Request GET HTTP/2priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 IP104.21.50.226:443
CertificateIssuerGoogle Trust Services LLC Subjectpriscillatuft.com Fingerprint01:C1:53:6B:7F:14:23:A7:F4:DF:A3:8F:0D:96:B9:3E:51:B7:65:AC ValidityTue, 07 May 2024 00:08:42 GMT - Mon, 05 Aug 2024 00:08:41 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash1e068e754ec91376759d59fcd5a6ee8e d15f36b1f21043c22fc3bbdb903584af7f677e10 22a36b289d5bda8bc935b0b6e40a6fc9909a35ea85e54eb17fde5d7f7222add9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /droeem/deum/tracking/fV5EjH/msg.php?id=47670483 HTTP/1.1
Host: priscillatuft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 04:49:39 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.18, PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=cuphcuaguln10a9au12b4qe2m2; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azssyWwc9Tm7z%2FpR3nffp53GXruIuXM0Ns98btgaP8uxU94QUIyJHxp67eJXsA6CmmhBMkCnEk%2B6RlgthESW2tPAWifV%2FHPjETB3PFd6PH%2F2FuoTNiwu%2B9rTPzNRIXw6I9NpzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe95ae198c0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap | 142.250.74.106 | 200 OK | 901 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap IP142.250.74.106:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash8d995d7b7f48bd7de6f2cafcdf1ff660 7ef5458ec215812187a37deae6b15809a803f596 a646801927cf6bb016d40f5e41fa229a656114b5e51b790dab3b6bb16f862103
GET /css2?family=Lato:wght@300;400;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 04:49:40 GMT
date: Tue, 07 May 2024 04:49:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 142.250.74.67 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP142.250.74.67:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://priscillatuft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:49:40 GMT
expires: Fri, 02 May 2025 13:49:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 399600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 142.250.74.67 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP142.250.74.67:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://priscillatuft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:55:21 GMT
expires: Sat, 03 May 2025 01:55:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 356059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 | 142.250.74.67 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 IP142.250.74.67:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22504, version 1.0 Hash1c6c65523675abc6fcd78e804325bd77 898d9808304dc157f5dcb18ca169ec6e2b96b3d7 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://priscillatuft.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:33:07 GMT
expires: Fri, 02 May 2025 02:33:07 GMT
cache-control: public, max-age=31536000
age: 440193
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| priscillatuft.com/droeem/deum/tracking/media/js/js.js | 104.21.50.226 | 200 OK | 4.4 kB |
URL GET HTTP/3priscillatuft.com/droeem/deum/tracking/media/js/js.js IP104.21.50.226:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subjectpriscillatuft.com Fingerprint01:C1:53:6B:7F:14:23:A7:F4:DF:A3:8F:0D:96:B9:3E:51:B7:65:AC ValidityTue, 07 May 2024 00:08:42 GMT - Mon, 05 Aug 2024 00:08:41 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashdcea589058820765286c215198981177 85039198b5dbfa1001d795baa2c75fef03019874 f4fdc1abf40fd24896bc44d0753494cfeaf5a40160847ca1b904a28d68a2a726
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /droeem/deum/tracking/media/js/js.js HTTP/1.1
Host: priscillatuft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483
Cookie: PHPSESSID=cuphcuaguln10a9au12b4qe2m2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: text/javascript
x-accel-version: 0.01
last-modified: Thu, 13 Oct 2022 14:01:12 GMT
etag: W/"1d-5eaeaf11cda00"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjbFCpADIwoI%2FefDKqZrMlHPWbselSFZVElAha9vXopA1Pu76COPJ8%2FP%2BYnCV%2BIBCVh0iyMsIIDonCYcekDDi08QTPzNmjWD%2B1Z9dHi4edEuj0VKLArnTlVK9pH%2BY%2BRXcngmeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe95b0dc0eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| priscillatuft.com/droeem/deum/tracking/media/imgs/ff.ico | 104.21.50.226 | 200 OK | 1.2 kB |
URL GET HTTP/3priscillatuft.com/droeem/deum/tracking/media/imgs/ff.ico IP104.21.50.226:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subjectpriscillatuft.com Fingerprint01:C1:53:6B:7F:14:23:A7:F4:DF:A3:8F:0D:96:B9:3E:51:B7:65:AC ValidityTue, 07 May 2024 00:08:42 GMT - Mon, 05 Aug 2024 00:08:41 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashd8106bf3a1d00ab43b01e6e3c92500eb 202b5e8654ab1b28351378293bca3b9d844cc29b 9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /droeem/deum/tracking/media/imgs/ff.ico HTTP/1.1
Host: priscillatuft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483
Cookie: PHPSESSID=cuphcuaguln10a9au12b4qe2m2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 27 Oct 2020 00:25:00 GMT
etag: W/"5f9768dc-47e"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ix2S9V4WirTnx3dw298rhpWU9ehAaJxBaf8sTznIc%2Bavq5TL0%2B0plKkfJkLuNEta2iLBG0l3uOYOJu334bTp8qmlRFxnrcC5YWUTZtC9w34PFp191GD0RPOOzaTHDmDhhxPgIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe95b6bfc7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| priscillatuft.com/droeem/deum/tracking/media/css/helpers.css | 104.21.50.226 | 200 OK | 42 kB |
URL GET HTTP/3priscillatuft.com/droeem/deum/tracking/media/css/helpers.css IP104.21.50.226:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subjectpriscillatuft.com Fingerprint01:C1:53:6B:7F:14:23:A7:F4:DF:A3:8F:0D:96:B9:3E:51:B7:65:AC ValidityTue, 07 May 2024 00:08:42 GMT - Mon, 05 Aug 2024 00:08:41 GMT
File typeASCII text, with very long lines (41897), with CRLF line terminators Hash726c60fc192383fbcf04e19677ad0959 e2e966c2b6164806392449ced617227c27d36ab8 1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /droeem/deum/tracking/media/css/helpers.css HTTP/1.1
Host: priscillatuft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483
Cookie: PHPSESSID=cuphcuaguln10a9au12b4qe2m2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: text/css
last-modified: Thu, 06 Oct 2022 12:31:42 GMT
etag: W/"633ecaae-a3ab"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XWNKuviZwfK9ZeSczb7UjkoasdrzvSp6oyP1q9GtoBl0v9yBCGui799E6pKOr%2Fa7w4K88lmJGLDZ3Cl71xkhv2203kSKZR2dXlgCx0%2BibUIzz%2BmCoGwqxqr39cR2v6OySs1kNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe95b0cc05b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| priscillatuft.com/droeem/deum/tracking/media/css/style.css | 104.21.50.226 | 200 OK | 8.4 kB |
URL GET HTTP/3priscillatuft.com/droeem/deum/tracking/media/css/style.css IP104.21.50.226:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subjectpriscillatuft.com Fingerprint01:C1:53:6B:7F:14:23:A7:F4:DF:A3:8F:0D:96:B9:3E:51:B7:65:AC ValidityTue, 07 May 2024 00:08:42 GMT - Mon, 05 Aug 2024 00:08:41 GMT
File typeASCII text, with very long lines (8777), with no line terminators Hashb07d8185857e8eee31e24a88b1b795f3 5d6ab60a260907b1a5d400c9c314c8fb787cd060 3f25d946d5ffd7cc5e83182e9de2be5b10a9975bc02e8d0596fe67cd2dc7b9d5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /droeem/deum/tracking/media/css/style.css HTTP/1.1
Host: priscillatuft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483
Cookie: PHPSESSID=cuphcuaguln10a9au12b4qe2m2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 09:01:40 GMT
etag: W/"634d19f4-20a5"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrWbuxSUIkvQwCAoj3qKJp%2FgRduRkfn168XC9ZrySVH5AdWtQua8xrqb3xPTxvTL2rhsW8SFplqJqswbfdDqHICvUDlBNvGxhLKOtsAUYpXsBB6Xp3fN3Y%2F1Qg6pbTI1efNIzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe95b0cc09b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| priscillatuft.com/droeem/deum/tracking/media/imgs/logo.svg | 104.21.50.226 | 200 OK | 1.6 kB |
URL GET HTTP/3priscillatuft.com/droeem/deum/tracking/media/imgs/logo.svg IP104.21.50.226:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subjectpriscillatuft.com Fingerprint01:C1:53:6B:7F:14:23:A7:F4:DF:A3:8F:0D:96:B9:3E:51:B7:65:AC ValidityTue, 07 May 2024 00:08:42 GMT - Mon, 05 Aug 2024 00:08:41 GMT
File typeSVG Scalable Vector Graphics image Hash81da319018ec6b19d902b2403f7b017d fc9e5d348bf1394d29114340e224e8f92b543e19 5a3d930217a60c991040b3bcd1d3c42e5860a395461cc04454d5626cf0869bfc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /droeem/deum/tracking/media/imgs/logo.svg HTTP/1.1
Host: priscillatuft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483
Cookie: PHPSESSID=cuphcuaguln10a9au12b4qe2m2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Oct 2020 00:17:44 GMT
etag: W/"5f976728-643"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpEGeRLRJCkcrkJ6QbzrbOhl2jRQQYYN93sMGYvUhymrXyYGnpZKlz592enGEucIgwmWuipqqn71CNhkDtBKjiiCapPrrwtj%2Fqn70peF%2FNWTBVauiUrJrW9WXLFIU7Taoy%2B6UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe95b0cc0bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| priscillatuft.com/droeem/deum/tracking/media/imgs/glo-footer-logo.svg | 104.21.50.226 | 200 OK | 12 kB |
URL GET HTTP/3priscillatuft.com/droeem/deum/tracking/media/imgs/glo-footer-logo.svg IP104.21.50.226:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerGoogle Trust Services LLC Subjectpriscillatuft.com Fingerprint01:C1:53:6B:7F:14:23:A7:F4:DF:A3:8F:0D:96:B9:3E:51:B7:65:AC ValidityTue, 07 May 2024 00:08:42 GMT - Mon, 05 Aug 2024 00:08:41 GMT
File typeSVG Scalable Vector Graphics image Hashd1b0e043744fd642282117a03d308b17 d8abe7a0887b804e516c45a344c542e291a1a84b 5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - DHL |
GET /droeem/deum/tracking/media/imgs/glo-footer-logo.svg HTTP/1.1
Host: priscillatuft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483
Cookie: PHPSESSID=cuphcuaguln10a9au12b4qe2m2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:49:40 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Oct 2020 00:39:22 GMT
etag: W/"5f976c3a-2ec0"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmhpz3S%2FHA063I3cw%2B7ixh2iSwHNbMORiGbTTj4gSjRWeOTfCKw%2FJrsQT976Sq6v030wNt3Ygt54IAmRhCS26VUJqkGFqHPKmLh%2BrM3S1cGpMQKCYdjrw21ekEnF7WdunqYRUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe95b0cc0db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| code.jquery.com/jquery-3.6.1.min.js | 151.101.66.137 | 200 OK | 90 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.1.min.js IP151.101.66.137:443
Requested byhttps://priscillatuft.com/droeem/deum/tracking/fV5EjH/msg.php?id=47670483 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://priscillatuft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15e40"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 07 May 2024 04:49:40 GMT
age: 913571
x-served-by: cache-lga13629-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 20, 130330
x-timer: S1715057380.092842,VS0,VE0
vary: Accept-Encoding
content-length: 30957
X-Firefox-Spdy: h2
|
|