| cuthub.net/8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9 | 188.114.96.1 | 302 Found | 12 kB |
URL User Request GET HTTP/2cuthub.net/8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
Hashb293e27292f9bc9c989a507e75e7688f 57168bf447cd6f98cd56ca261c4731aad623d060 e9e7b0767343e427b43d566a9ad87cf2695194fe7eafb790d105ec9058e4892e
GET /8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 17:46:49 GMT
content-type: text/html; charset=UTF-8
location: https://cuthub.net/8hLDI9
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IldsaFZUWkdyMHJpblNvSlR1STdzRXc9PSIsInZhbHVlIjoicGJTVWpVN1NTMzQwby9LSXJ1bkM0VTZBWkJ4dHF4MUpQaUV5K0h5MHpwUGZzdnZSQjJrcHNpN3JBWFZQMFBCNm91d21MbjJhM2JWZVVJbzBuclZ6Ym4zRmw1YnFINlh0NFc3UFhmU3ZQemszV3d3QmlYUTFlcjREZVliSXN5VmMiLCJtYWMiOiI4MWNhZmI3NDQxMDYyZmE0YmJhMzAxMzE3NmM5NDZjZGEzNzU5YmJlODcyYzBjOTA3ODRkZDdjOGZhZDkwNmQ2IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:49 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IjFLSDRlL2RMMFdMVUVESWtrek5Ha3c9PSIsInZhbHVlIjoiRkVUM3BnWGtrQ0xVeXJYK3VEeEVjWVBqTnkrQmFoT1RTaVVjMnVnTWpzeEtFYWVvU2lya0RHdjFNOUJDZ2xUc1hZSVhObGpXTDdHWlFwRXdkQUNKTW0vWXBtY1Z0b0dieE16UGp2ZHhGdG9VWkJrbDBFckZBZzBLNGV5ZGdHbGgiLCJtYWMiOiIwM2FhZDJiZTkyYzgwYWFhMmRkMTI1NmVkZGYxMGEzMzViN2VjN2IwMTIyYjRlNjI0NmIxNDkzY2M2NTdkMWU0IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:49 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zKQSsd0alEqB%2BvjFan%2BwWWyCS2odmdM3cHIQGjzOykvQn%2B%2BzuoHAcDmWAw6rAZXpVL1ItkS2Z%2B%2FvHBF2jan8wQMGc%2FvqBFjxpjvFydc63NPlKeWUtdDuoBA%2Buuk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a864f8799c0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 188.114.96.1 | 200 OK | 139 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (58204), with CRLF, LF line terminators Size139 kB (139141 bytes) Hashdf4f845d530de266f79b7d9ad7ec8eab 4040b940971ebf634f04303278a00656f6c8e652 6487c7c3dfd8af882bdae1ef34f8136a2e7a4f4ded1e53c9c7eb4b134db2208c
GET /8hLDI9 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IldsaFZUWkdyMHJpblNvSlR1STdzRXc9PSIsInZhbHVlIjoicGJTVWpVN1NTMzQwby9LSXJ1bkM0VTZBWkJ4dHF4MUpQaUV5K0h5MHpwUGZzdnZSQjJrcHNpN3JBWFZQMFBCNm91d21MbjJhM2JWZVVJbzBuclZ6Ym4zRmw1YnFINlh0NFc3UFhmU3ZQemszV3d3QmlYUTFlcjREZVliSXN5VmMiLCJtYWMiOiI4MWNhZmI3NDQxMDYyZmE0YmJhMzAxMzE3NmM5NDZjZGEzNzU5YmJlODcyYzBjOTA3ODRkZDdjOGZhZDkwNmQ2IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjFLSDRlL2RMMFdMVUVESWtrek5Ha3c9PSIsInZhbHVlIjoiRkVUM3BnWGtrQ0xVeXJYK3VEeEVjWVBqTnkrQmFoT1RTaVVjMnVnTWpzeEtFYWVvU2lya0RHdjFNOUJDZ2xUc1hZSVhObGpXTDdHWlFwRXdkQUNKTW0vWXBtY1Z0b0dieE16UGp2ZHhGdG9VWkJrbDBFckZBZzBLNGV5ZGdHbGgiLCJtYWMiOiIwM2FhZDJiZTkyYzgwYWFhMmRkMTI1NmVkZGYxMGEzMzViN2VjN2IwMTIyYjRlNjI0NmIxNDkzY2M2NTdkMWU0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:50 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:50 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYKB2aK%2Bc%2BYm%2F3lrwc6K%2FQoFKDg0YPFtInJ7BbJPxKPSrd3%2FuCmKm5%2B7M9K0XIC9AIPIdRQmzUYIai4ekc36XkaMEhkXzfskExk4E2hagK7XMKb1gHdtryE3XJ9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a864fc9e600b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nachodusking.com/1clkn/34742 | 23.109.170.75 | 200 OK | 26 B |
URL GET HTTP/1.1nachodusking.com/1clkn/34742 IP23.109.170.75:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectnachodusking.com FingerprintB8:6B:3B:CA:97:24:AD:72:AC:B6:E1:60:2E:84:A1:B5:AF:9D:83:FE ValiditySun, 14 Apr 2024 23:31:38 GMT - Sat, 13 Jul 2024 23:31:37 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/34742 HTTP/1.1
Host: nachodusking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:46:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 27-Apr-2024 17:46:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 27-Apr-2024 17:46:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| www.googletagmanager.com/gtag/js?id=UA-197252557-1 | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-197252557-1 IP142.250.74.168:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash6e8bf70d25c369b72a4bfcbc549996ff 93c3d925b2d5c0d4b89713fadd13aabed90f6012 defbbd1a0800bafbd9c5b951a2e3488b47a9b47bbb235e3249d7727b88e407e7
GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:51 GMT
expires: Fri, 26 Apr 2024 17:46:51 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cuthub.net/img/menu.svg | 188.114.96.1 | 200 OK | 917 B |
IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typeSVG Scalable Vector Graphics image Hashe194fab3eea9f00d5a3814c4df00ac8c 4a9760c8ec110364d025527e26730e78ae0b3ac0 3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
GET /img/menu.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S3tfFlfIUC8FeaEs5WiU4Z2m7HgapFw2qZlmhxbhlIxwb4zfYZtRKqYQX1ktnBjaRR1bp%2FiS8GvnIhWUzBxKuKhM983tRup16qTZZL4WUSbux5g9ug2Ie3DaDuv%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a865075ae456c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 42662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 42359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cuthub.net/js/ads.js | 188.114.96.1 | 200 OK | 16 kB |
IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typeJavaScript source, ASCII text, with very long lines (1491), with no line terminators Hash663675db8bdf037ef8a96ceec4c0eaac 00a32b1173b6c96bf349f6adb7f00e0c6a24faa4 54827120728e3e7d171b392b13b3f5fe2d2ec344d6bdd491c1d44eb2760eecbe
GET /js/ads.js HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 08 Apr 2024 13:27:25 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xARnbwpS6unuCafgknGgw8h%2BQkNRd8fPiimdEz4%2FcYN%2BoksBhWAqRfORSlCqX9eMcvdnjyJRVW8aAvKslc6PqoQz477bB2Ju4x8IFWU1Ezz0Ciy9VPJy%2FnDKJ4%2BM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc3256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 42359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| absentcleannewspapers.com/f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js | 192.243.61.225 | 200 OK | 16 kB |
URL GET HTTP/1.1absentcleannewspapers.com/f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectabsentcleannewspapers.com FingerprintA6:E7:75:05:4C:FA:FF:D2:F7:67:61:89:73:1B:66:32:AF:19:2F:7D ValidityTue, 26 Mar 2024 06:03:56 GMT - Mon, 24 Jun 2024 06:03:55 GMT
File typeJavaScript source, ASCII text, with very long lines (44084), with no line terminators Hash8ffdc88d874d39ada707dbe7553dd54f 4b77c822d9422971d2751b110a1d880ebffaaa64 e0f58a2c12961b433ce05a4135429d5199c8603c0ac8612ebdb04e38eab8f88d
GET /f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js HTTP/1.1
Host: absentcleannewspapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1e14372c861051e40d16e7ad5f8b3bb7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash0136dcf202defb5272a2f0d22d8ce8f1 e9220f39f92b41f3f5f3b96bf876150d4d6796c4 4289f54f15b6dcec01216f5fdcc9e3e09b326396234151e426f9bfd6faa1201e
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cuthub.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ddc35a03-cba5-4bd6-8d3c-95489bb7d436:3:1; expires=Mon, 24 Apr 2034 17:46:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| quitesousefulhe.info/ZFNxNEpLbBJHdzYWP1opPDtIV3s2FiVaCFUGNGYFBxsrYhtUOFdAIwBuQAR4UGJDAGwUOhUJe0IgBVU+ESBMBWwNPRdbd0IlTAVkV2dfB3xKZ1dBd1V1BUQrA25AEjoQJx0Je1NiRQV/V2VABnpRag | 104.21.13.159 | 204 No Content | 0 B |
URL GET HTTP/2quitesousefulhe.info/ZFNxNEpLbBJHdzYWP1opPDtIV3s2FiVaCFUGNGYFBxsrYhtUOFdAIwBuQAR4UGJDAGwUOhUJe0IgBVU+ESBMBWwNPRdbd0IlTAVkV2dfB3xKZ1dBd1V1BUQrA25AEjoQJx0Je1NiRQV/V2VABnpRag IP104.21.13.159:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectquitesousefulhe.info Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7 ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZFNxNEpLbBJHdzYWP1opPDtIV3s2FiVaCFUGNGYFBxsrYhtUOFdAIwBuQAR4UGJDAGwUOhUJe0IgBVU+ESBMBWwNPRdbd0IlTAVkV2dfB3xKZ1dBd1V1BUQrA25AEjoQJx0Je1NiRQV/V2VABnpRag HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqiKX7oiTfXODpsMKGetn4rw0qGls0h0ABk1sinIskd6GkC4AFmmMp36VYd5bUY1Omp%2BjI6Bg7a96eq4H%2F7F8MOjozPptNLLh8yNGTmzXCute3uiTKgvgKVVwan87ccJQNlR0cjQ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8650b8f075684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cuthub.net/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 | 188.114.96.1 | 200 OK | 208 B |
URL GET HTTP/3cuthub.net/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typePNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced Hash31f073499665afb237f3294219d2d7c6 c1ada0510e31f661dab66203c15a3d6c8f5468d0 59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/css/frontend.css?id=2396ffb76e738e465b53
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104177
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDDeom1mliOJKhSXOoCx3dosP8ggopYHV7qkUm44wc8V8mIVvIrRtVzmSkYv%2BhT02zf6uhGe4f0lWV6UrZUt1RMxzMUNi%2FnzOSmHPmr8Wjoi2a%2B9h%2FnauqqYg1z3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650c8b1556c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cuthub.net/js/frontend.js?id=f7e07cec5812d52a9077 | 188.114.96.1 | 200 OK | 270 kB |
URL GET HTTP/3cuthub.net/js/frontend.js?id=f7e07cec5812d52a9077 IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size270 kB (270330 bytes) Hashf7e07cec5812d52a9077a4baf1b4348b 669d6cfda9a2b056cebe7f5a31dfa50d7d73405e 24c59cb722ec2564f9f0ea38d57ebd2c6b66a88485aaa9035f3afd68376d4c87
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /js/frontend.js?id=f7e07cec5812d52a9077 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 08 Apr 2024 13:27:25 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqRj8E7xPc5CzxzAcQcfLvyoMgk45nm30YS92Usqh3g11vPM4j2q8mFAPlZ5FKkStkPIynPRjsSxTVdIUrkrDtGL7ExuHj5uLQ%2FKmqyP87LHxF7uV6YUXGGcR2%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc3456c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 216.58.207.227 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP216.58.207.227:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 42360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| quitesousefulhe.info/Z2JDMmNIXSBBXikJK2ExCSMEVzQxGBBjKVA7cHggJTozWAUMM2VGCgNfcgJRVlJ2AUUXCycPUkERN1MXEhF+A0UODCVdXkEUfgNNVFZtAVVJVmVHXlZEN0ICAF9yFBMTFi8PUlBTdwNWVFRyAFJXUw | 104.21.13.159 | 204 No Content | 0 B |
URL GET HTTP/2quitesousefulhe.info/Z2JDMmNIXSBBXikJK2ExCSMEVzQxGBBjKVA7cHggJTozWAUMM2VGCgNfcgJRVlJ2AUUXCycPUkERN1MXEhF+A0UODCVdXkEUfgNNVFZtAVVJVmVHXlZEN0ICAF9yFBMTFi8PUlBTdwNWVFRyAFJXUw IP104.21.13.159:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectquitesousefulhe.info Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7 ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Z2JDMmNIXSBBXikJK2ExCSMEVzQxGBBjKVA7cHggJTozWAUMM2VGCgNfcgJRVlJ2AUUXCycPUkERN1MXEhF+A0UODCVdXkEUfgNNVFZtAVVJVmVHXlZEN0ICAF9yFBMTFi8PUlBTdwNWVFRyAFJXUw HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MHnp02wPNtk9kysdsTIbK2xUNn3o9dHp5kKST1Npo%2FsyPv%2FCxZeK3%2BLlpL8yE8Of5dofSYXtRqZhlL%2B%2BTZjncOIWcMj6OV4vLECfT6b7hhcW32BcL2Y%2B652mYGVloqvh3g7y0vk6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8650bffab5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:59 GMT
expires: Sat, 26 Apr 2025 06:04:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 42113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| onservantasr.info/UWk2NFcwC1VZaDBUVBIiIwULEWUXTARyM2BfRVs1KxpBRTg/EUcaND0GQ1AxIwZYQHk/DEIRZRdZV2MBFCdbDBwSAEZlAhNZe30WJQxhYjNgK1pENgATZHEUNlBvfmccC3dmFjwud3EaFD58Vx8QMHp6FiItfEwaJAt3BBoSAGBhHQJZXXEWFABiTBJ0W3RhOxszZ00/CShnAQ4IBXt2FD0BB3EWZSd0BzwSOmQEARpYB2cfKQpEZiAEJHNdLxMrYwwGGzhFdxU5UUJjMBwgZ3wNJj5dUAEIOGRSBgNYB3ZnIQh8BhIUMUFhGhoCe2wDFw0GYDs1D3laehgqZVg4PzBnZjEWEXhcFQJcZ2FlPi5kXy8JDXBxHBIOAkYSYFlAYmQAIW4FOwQNd1AcBlhjXQ8pWXt1LiUmZVgkOw9ndhUGPHtMFGBdEF4kPgdGCTsfH1xuNTQGV1YdFShiAxo | 3.164.230.67 | 200 OK | 1.2 kB |
URL GET HTTP/2onservantasr.info/UWk2NFcwC1VZaDBUVBIiIwULEWUXTARyM2BfRVs1KxpBRTg/EUcaND0GQ1AxIwZYQHk/DEIRZRdZV2MBFCdbDBwSAEZlAhNZe30WJQxhYjNgK1pENgATZHEUNlBvfmccC3dmFjwud3EaFD58Vx8QMHp6FiItfEwaJAt3BBoSAGBhHQJZXXEWFABiTBJ0W3RhOxszZ00/CShnAQ4IBXt2FD0BB3EWZSd0BzwSOmQEARpYB2cfKQpEZiAEJHNdLxMrYwwGGzhFdxU5UUJjMBwgZ3wNJj5dUAEIOGRSBgNYB3ZnIQh8BhIUMUFhGhoCe2wDFw0GYDs1D3laehgqZVg4PzBnZjEWEXhcFQJcZ2FlPi5kXy8JDXBxHBIOAkYSYFlAYmQAIW4FOwQNd1AcBlhjXQ8pWXt1LiUmZVgkOw9ndhUGPHtMFGBdEF4kPgdGCTsfH1xuNTQGV1YdFShiAxo IP3.164.230.67:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerAmazon Subjectonservantasr.info Fingerprint4E:0A:E9:00:74:B8:B3:C9:4F:2A:1E:4E:6D:FA:10:D6:85:BC:6F:CE ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3050), with no line terminators Hashc2548bee5d759bdd94284d1696466b22 79aa986fea0915b976448e3b79e8118554bfca15 9cb09bff162bf17f9794af79f1dafaa53387a6d4c0c728d81ec6a9fe156e4948
GET /UWk2NFcwC1VZaDBUVBIiIwULEWUXTARyM2BfRVs1KxpBRTg/EUcaND0GQ1AxIwZYQHk/DEIRZRdZV2MBFCdbDBwSAEZlAhNZe30WJQxhYjNgK1pENgATZHEUNlBvfmccC3dmFjwud3EaFD58Vx8QMHp6FiItfEwaJAt3BBoSAGBhHQJZXXEWFABiTBJ0W3RhOxszZ00/CShnAQ4IBXt2FD0BB3EWZSd0BzwSOmQEARpYB2cfKQpEZiAEJHNdLxMrYwwGGzhFdxU5UUJjMBwgZ3wNJj5dUAEIOGRSBgNYB3ZnIQh8BhIUMUFhGhoCe2wDFw0GYDs1D3laehgqZVg4PzBnZjEWEXhcFQJcZ2FlPi5kXy8JDXBxHBIOAkYSYFlAYmQAIW4FOwQNd1AcBlhjXQ8pWXt1LiUmZVgkOw9ndhUGPHtMFGBdEF4kPgdGCTsfH1xuNTQGV1YdFShiAxo HTTP/1.1
Host: onservantasr.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1198
date: Fri, 26 Apr 2024 17:46:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: ITK7an1_4UcXXBcJh04CbF4laYrmHrYy-7j0fnztpPmi5QXUlPNAdg==
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Hash7c29e16755378afa6747adda13e31637 3b3f42b3f9da1ded5ebb894ce599fe1fdb7183ab 81a0a348eb5a9e3bda27d89e9d80c5cd9a42a58a56f5b06f40e399f2c444622f
GET /gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:52 GMT
expires: Fri, 26 Apr 2024 17:46:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| d16sobzswqonxq.cloudfront.net/6OXg4NWFaF1ZTXk0RXAhQCUoMBFMNXkhHBF9FW0AVUQ1aGw9cDB5fElYWSAgKej5sbRl7IFETFUMcBQVHVRlWUlwfHVZWXAheWVEDBEweQRFWEwVDE1YJUlAWUQ9SExRYRVVaG1AUVFRECz4NG1EcSggdGQhJHQYjHEoIWQhXDUAQUwkAAAM+D0wdBiMcSg-hHFxxLeQxXF0gREFMJH11WClZdCnNTCUkIBVAJSR0HUV8RSlAHVgAdBycAThYFR0xFCQ | 3.164.247.179 | | 598 B |
URL d16sobzswqonxq.cloudfront.net/6OXg4NWFaF1ZTXk0RXAhQCUoMBFMNXkhHBF9FW0AVUQ1aGw9cDB5fElYWSAgKej5sbRl7IFETFUMcBQVHVRlWUlwfHVZWXAheWVEDBEweQRFWEwVDE1YJUlAWUQ9SExRYRVVaG1AUVFRECz4NG1EcSggdGQhJHQYjHEoIWQhXDUAQUwkAAAM+D0wdBiMcSg-hHFxxLeQxXF0gREFMJH11WClZdCnNTCUkIBVAJSR0HUV8RSlAHVgAdBycAThYFR0xFCQ IP3.164.247.179:0
File typeASCII text, with very long lines (861), with no line terminators Hash8a8aef20a19982830b1631f6bde4243c 73bf99f1817811f4046226347b373f37e2366be0 83eaa91e29168dd5112192c823237a3777a2ac7eac022a4df553b4450c2938b8
GET /6OXg4NWFaF1ZTXk0RXAhQCUoMBFMNXkhHBF9FW0AVUQ1aGw9cDB5fElYWSAgKej5sbRl7IFETFUMcBQVHVRlWUlwfHVZWXAheWVEDBEweQRFWEwVDE1YJUlAWUQ9SExRYRVVaG1AUVFRECz4NG1EcSggdGQhJHQYjHEoIWQhXDUAQUwkAAAM+D0wdBiMcSg-hHFxxLeQxXF0gREFMJH11WClZdCnNTCUkIBVAJSR0HUV8RSlAHVgAdBycAThYFR0xFCQ HTTP/1.1
Host: d16sobzswqonxq.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onservantasr.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 598
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: NA6yO2lZ-qULm-kpejzhYY_FNraakYT3gLDX_T-TqCnmxbFLg9h82g==
X-Firefox-Spdy: h2
|
|
| d16sobzswqonxq.cloudfront.net/0aWVENm8KCipQUB0MIAteWVd1BlpaQzRECg9YJ0MbARAmGAEMEWJcHAYLNAsDJxMubA0MCiVUJS0kEAEiTxE+UlJZQyhXAQ5YYlMBClh1EA4NB3kCSR0VK11SHxcrRwUMEixBBU8QJQsCBh8tWgMIQHZwWkdVYQRfQR11B0paJ2EEXwUMKkMXTFd0TldfOn-ICSlonYQRfGxNhBS5QU2oGRkxXdFEKCg4rE10vV3QHX1lUdAdKW1UiXx0MAytOSlsjfQBBWUMxC14 | 3.164.247.179 | | 494 B |
URL d16sobzswqonxq.cloudfront.net/0aWVENm8KCipQUB0MIAteWVd1BlpaQzRECg9YJ0MbARAmGAEMEWJcHAYLNAsDJxMubA0MCiVUJS0kEAEiTxE+UlJZQyhXAQ5YYlMBClh1EA4NB3kCSR0VK11SHxcrRwUMEixBBU8QJQsCBh8tWgMIQHZwWkdVYQRfQR11B0paJ2EEXwUMKkMXTFd0TldfOn-ICSlonYQRfGxNhBS5QU2oGRkxXdFEKCg4rE10vV3QHX1lUdAdKW1UiXx0MAytOSlsjfQBBWUMxC14 IP3.164.247.179:0
File typeASCII text, with very long lines (692), with no line terminators Hash19a17e3b528623b8ed54a8b96bd60d45 0a8c154807597fc55c9fe7d89cdb7e074f5c1fc9 7059505c9929f36026b222528e39c4853861875de09ce9268f3da6c1ac736c55
GET /0aWVENm8KCipQUB0MIAteWVd1BlpaQzRECg9YJ0MbARAmGAEMEWJcHAYLNAsDJxMubA0MCiVUJS0kEAEiTxE+UlJZQyhXAQ5YYlMBClh1EA4NB3kCSR0VK11SHxcrRwUMEixBBU8QJQsCBh8tWgMIQHZwWkdVYQRfQR11B0paJ2EEXwUMKkMXTFd0TldfOn-ICSlonYQRfGxNhBS5QU2oGRkxXdFEKCg4rE10vV3QHX1lUdAdKW1UiXx0MAytOSlsjfQBBWUMxC14 HTTP/1.1
Host: d16sobzswqonxq.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onservantasr.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 494
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: kbU4vZWeRYepznYT9fb2f7zzs9ntkTGbzC4RavuYPQXShqhH6X6ksQ==
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.211.2 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.211.2:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint30:89:D4:C8:96:C6:D4:7B:F7:49:8D:DB:57:A1:D2:5A:D1:D3:D1:B4 ValidityMon, 08 Apr 2024 06:34:54 GMT - Mon, 01 Jul 2024 06:34:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:52 GMT
expires: Fri, 26 Apr 2024 17:46:52 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15658604683422972800
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 188.114.97.1 | 200 OK | 29 B |
IP188.114.97.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hashabcd9e01b576deb02983d31d3cfbc91d 678a38f6d22dbb329c16524039e3e0315d4ab9ce 89a08ce23b973e94c240bc828871630c9b3164695f10aabe10ce36ef1ce62775
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: text/plain
set-cookie: csu=889265523548190@1@1714153612; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cuthub.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OfkJXFn7FMdxH%2BSj8S0HknnzyzeDt78aJOqle7DO4eQDqbzoyQQs9AU8XzC4oHjJvjT6l86O15tHXhtfBtaAxp%2B2QWmDht7Kg5%2FDvHSdjIcgPf8HOueRs7N67vF0GzB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8650b7f4eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP74.125.131.84:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:JHPTjFyRvXod9_7Wa4HNuamtwH8iFA:_xESrdLbISjmckHZ; Expires=Sun, 26-Apr-2026 17:46:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Solvudwfng5WkzO3E5zSKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cuthub.net/wp-includes/images/w-logo-blue-white-bg.png | 188.114.96.1 | 200 OK | 4.1 kB |
URL GET HTTP/3cuthub.net/wp-includes/images/w-logo-blue-white-bg.png IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash000bf649cc8f6bf27cfb04d1bcdcd3c7 d73d2f6d74ec6cdcbae07955592962e77d8ae814 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/8hLDI9
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; ab=2; sb_page_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_onpage_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_main_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_count_f348f1f4cb32736ea8b01bdf483d02ac=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ddc35a03-cba5-4bd6-8d3c-95489bb7d436%3A3%3A1; _ga_75C4L64NEB=GS1.1.1714153612.1.0.1714153612.0.0.0; _ga=GA1.1.1511377916.1714153613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: image/png
content-length: 4119
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
etag: "1017-5d0dca9a37e40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4586
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R87rdQmFq2vPY5RWjVcFipypx%2BFnspM2neUW9aImamwAPnp%2BisPkmTIWQuInLJP3YDZ1DlTf7uPgeFeMBHSnXPmGGux7QBvv9J9ItDu9Kw5fTBFy9qej5fDbcyCs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86511eb8656c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| likescenesfocused.com/sbar.json?key=f348f1f4cb32736ea8b01bdf483d02ac | 172.240.108.76 | 200 OK | 7.4 kB |
URL GET HTTP/1.1likescenesfocused.com/sbar.json?key=f348f1f4cb32736ea8b01bdf483d02ac IP172.240.108.76:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
Hash4916862628d1258adad48184c198da9c aab3979a0be6d33ba8c5c1a0991a02c018a1a639 6a729983046da5c799a1c4f3b9ad245af052f875777572046ac38609856976a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=f348f1f4cb32736ea8b01bdf483d02ac HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuthub.net
Access-Control-Allow-Origin: https://cuthub.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22256744; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 521eabbadfac8644b941fcaea44b6463
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF | 74.125.131.84 | 302 Found | 426 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF IP74.125.131.84:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, ASCII text, with very long lines (405) Hash4f6a3140dda2faaf7e7294a351f5435f 279289651fbbdf1fe8a324f2d77dd2d869c0bc43 6e2cafb544961f912c13085311495e3ea29cfa41ed19a65a675aa5f7e7fc2feb
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2ejwC7xRygEaSMIqgb_823dTGn_w5g:5cmNmXeHh6InObTw;Path=/;Expires=Sun, 26-Apr-2026 17:46:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-kJG3iVsfcmEXBtItGTvocw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH | 74.125.131.84 | 302 Found | 425 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH IP74.125.131.84:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, ASCII text, with very long lines (400) Hash30c1e1b7fa81311e87f66fd225a23b70 c4bf548b5ba2dfa6ca841e0416844c0d673c1fc1 b78526aa0bde68f67bb0d886129d133dbd0e5d5dfe718f524134615b85247387
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:NdWBAx09KT2ywy2yEblf9XNcoUGEWw:wp3iJAh6NJydVVEG;Path=/;Expires=Sun, 26-Apr-2026 17:46:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-VebhZnDvCdtUeHXMl2O-Ww' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 14:46:34 GMT
expires: Sat, 26 Apr 2025 14:46:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 10819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| likescenesfocused.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdPbM9E%2FcgrjESNm7WjaKepLqqelKmuqup6pqe5BRcWPYiDIviRaTzTbJBXfxz8eYinQUPC0LGizmYs3dhzzJjcPRB1Xvf%2B17B996rW%2FvujERw9HTlTb0rlaJLl1qB%2F9x7YXjZX5e5G%2FrDXvxB3Lnsm8HLy3EreN5%2FQ7BtvRQFYRCEQeivSiNSPVyakpDFveWwtRy0OlErvNTB0PwXW%2BfBUg98cEaehOSTxQfeRUjWIM%2B%2BWxF2u9TFS69nTtFSGwz40Tv5dq6rHNk8TI2HND86r4a2J6v3ofPDmVzowT%2BFiZwQ7%2Bf7SPKjc5FIBgcznYmCyJHwx1ENGgjVQNIGTN%2BE5CcEYBzXNpBnd69pU9Gdv1k6ZSdk8dGfkNWELP5%2BEXn2zRUlh%2F6mVq6UOrcYpjXksIHsNyjcMcrdBcjqGKz8CJL%2FQpYerSPPDjas0pC8nvUuZQOZNlBiBGo9uOmRHlzqwRUeMn7qszAMuwFnNOgtM9bmXZHEPAhpNw1pGMQ9ODaVN0JZjMDUCMzsoTB72JYjGPcT7FYNyz3YckK8t%2FYw4DUqQVBZgooSVJKgKgmqQX3IlY1sfZcr65Lw3Efnvl2Pddnfp4e67IucgJoRDK%2F3izNyYTofb%2FPzLWyLUz9td3ppmHZY0o667VjQXhKECU87vTYPIspgZQ1pF2Yt78oJaT37DAo5IYtf3EJCj2HVMZi8AOqeBq1q0K0au%2Fm3rkilEtYZZVtMZ%2BC6RlH%2BH%2BWOt6%2FOyFOzJV397BMI9pCcG5ipUZgaH8oHBH11e3xDV%2BTghq4s%2BX6jKGUmd%2Bl0gZslLcVjX10VO5U2fG3Fjr58lU2JaXjvbWHLdZpzmfct%2BfqK5FyYVW2YID%2Bu2XdFct3ZrSvO5K5Yv%2F7a6lpWGGGt1HkDKk%2FevwMmJ%2BSJH9ZnP%2FMF%2FzdI08C4GpmbK5W6ASv2YIt5zmoCo%2BY4KTxUrh6bKJknlSRQYo5pUsP%2BCyfzeGzo9DWV9b69jb5ZAC1vIs9qDEyNgapB1QjW%2FW9cFubhK7%2B2Z4ZELYwTZRYOEmXUndmQp9ensPLU77bbAY2XL4XdLhXdpBP10jjklEadOIpj2kZpJ%2BmLf3z8FwAAAP%2F%2FAQAA%2F%2F8xbSc8cwQAAA%3D%3D | 172.240.108.76 | 200 OK | 7 B |
URL GET HTTP/1.1likescenesfocused.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdPbM9E%2FcgrjESNm7WjaKepLqqelKmuqup6pqe5BRcWPYiDIviRaTzTbJBXfxz8eYinQUPC0LGizmYs3dhzzJjcPRB1Xvf%2B17B996rW%2FvujERw9HTlTb0rlaJLl1qB%2F9x7YXjZX5e5G%2FrDXvxB3Lnsm8HLy3EreN5%2FQ7BtvRQFYRCEQeivSiNSPVyakpDFveWwtRy0OlErvNTB0PwXW%2BfBUg98cEaehOSTxQfeRUjWIM%2B%2BWxF2u9TFS69nTtFSGwz40Tv5dq6rHNk8TI2HND86r4a2J6v3ofPDmVzowT%2BFiZwQ7%2Bf7SPKjc5FIBgcznYmCyJHwx1ENGgjVQNIGTN%2BE5CcEYBzXNpBnd69pU9Gdv1k6ZSdk8dGfkNWELP5%2BEXn2zRUlh%2F6mVq6UOrcYpjXksIHsNyjcMcrdBcjqGKz8CJL%2FQpYerSPPDjas0pC8nvUuZQOZNlBiBGo9uOmRHlzqwRUeMn7qszAMuwFnNOgtM9bmXZHEPAhpNw1pGMQ9ODaVN0JZjMDUCMzsoTB72JYjGPcT7FYNyz3YckK8t%2FYw4DUqQVBZgooSVJKgKgmqQX3IlY1sfZcr65Lw3Efnvl2Pddnfp4e67IucgJoRDK%2F3izNyYTofb%2FPzLWyLUz9td3ppmHZY0o667VjQXhKECU87vTYPIspgZQ1pF2Yt78oJaT37DAo5IYtf3EJCj2HVMZi8AOqeBq1q0K0au%2Fm3rkilEtYZZVtMZ%2BC6RlH%2BH%2BWOt6%2FOyFOzJV397BMI9pCcG5ipUZgaH8oHBH11e3xDV%2BTghq4s%2BX6jKGUmd%2Bl0gZslLcVjX10VO5U2fG3Fjr58lU2JaXjvbWHLdZpzmfct%2BfqK5FyYVW2YID%2Bu2XdFct3ZrSvO5K5Yv%2F7a6lpWGGGt1HkDKk%2FevwMmJ%2BSJH9ZnP%2FMF%2FzdI08C4GpmbK5W6ASv2YIt5zmoCo%2BY4KTxUrh6bKJknlSRQYo5pUsP%2BCyfzeGzo9DWV9b69jb5ZAC1vIs9qDEyNgapB1QjW%2FW9cFubhK7%2B2Z4ZELYwTZRYOEmXUndmQp9ensPLU77bbAY2XL4XdLhXdpBP10jjklEadOIpj2kZpJ%2BmLf3z8FwAAAP%2F%2FAQAA%2F%2F8xbSc8cwQAAA%3D%3D IP172.240.108.76:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdPbM9E%2FcgrjESNm7WjaKepLqqelKmuqup6pqe5BRcWPYiDIviRaTzTbJBXfxz8eYinQUPC0LGizmYs3dhzzJjcPRB1Xvf%2B17B996rW%2FvujERw9HTlTb0rlaJLl1qB%2F9x7YXjZX5e5G%2FrDXvxB3Lnsm8HLy3EreN5%2FQ7BtvRQFYRCEQeivSiNSPVyakpDFveWwtRy0OlErvNTB0PwXW%2BfBUg98cEaehOSTxQfeRUjWIM%2B%2BWxF2u9TFS69nTtFSGwz40Tv5dq6rHNk8TI2HND86r4a2J6v3ofPDmVzowT%2BFiZwQ7%2Bf7SPKjc5FIBgcznYmCyJHwx1ENGgjVQNIGTN%2BE5CcEYBzXNpBnd69pU9Gdv1k6ZSdk8dGfkNWELP5%2BEXn2zRUlh%2F6mVq6UOrcYpjXksIHsNyjcMcrdBcjqGKz8CJL%2FQpYerSPPDjas0pC8nvUuZQOZNlBiBGo9uOmRHlzqwRUeMn7qszAMuwFnNOgtM9bmXZHEPAhpNw1pGMQ9ODaVN0JZjMDUCMzsoTB72JYjGPcT7FYNyz3YckK8t%2FYw4DUqQVBZgooSVJKgKgmqQX3IlY1sfZcr65Lw3Efnvl2Pddnfp4e67IucgJoRDK%2F3izNyYTofb%2FPzLWyLUz9td3ppmHZY0o667VjQXhKECU87vTYPIspgZQ1pF2Yt78oJaT37DAo5IYtf3EJCj2HVMZi8AOqeBq1q0K0au%2Fm3rkilEtYZZVtMZ%2BC6RlH%2BH%2BWOt6%2FOyFOzJV397BMI9pCcG5ipUZgaH8oHBH11e3xDV%2BTghq4s%2BX6jKGUmd%2Bl0gZslLcVjX10VO5U2fG3Fjr58lU2JaXjvbWHLdZpzmfct%2BfqK5FyYVW2YID%2Bu2XdFct3ZrSvO5K5Yv%2F7a6lpWGGGt1HkDKk%2FevwMmJ%2BSJH9ZnP%2FMF%2FzdI08C4GpmbK5W6ASv2YIt5zmoCo%2BY4KTxUrh6bKJknlSRQYo5pUsP%2BCyfzeGzo9DWV9b69jb5ZAC1vIs9qDEyNgapB1QjW%2FW9cFubhK7%2B2Z4ZELYwTZRYOEmXUndmQp9ensPLU77bbAY2XL4XdLhXdpBP10jjklEadOIpj2kZpJ%2BmLf3z8FwAAAP%2F%2FAQAA%2F%2F8xbSc8cwQAAA%3D%3D HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 19b3ca0f774172ab32c7664cae8c96e4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html | 172.67.74.218 | 200 OK | 424 B |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html IP172.67.74.218:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash8f7db68a89e1d8dc60358f6519a06a75 4c90d662db90c4961274adadada6df7ba828d684 c1152a95b76a3e03a00d95452e373756eb7863d31379c765673b6081a252d4ce
GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:49:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5fpr4QAZdBt%2FexGjwFWp%2F43ndov6hubkIVlSb7rLn599zfzfSPqNOAUk0pmMqBVrxHxz6unvhdvyMsiiLJ5XPUyBQ%2B7raoksdPqD37Pw%2FNNis%2BZ0Qqn544wc8MHv%2BmknsFqXKPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8651579020b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg | 172.67.141.24 | 200 OK | 34 kB |
URL GET HTTP/3cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg IP172.67.141.24:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3 Hashfe81f0c5bf7decc9141801420933b351 4d0eba9db93c28ee21c2a1d236c8a56fc264a82c 0ab3cc529ab7582dfc32a721a3873345627640298d5507d8ef807b8dece36090
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: image/jpeg
content-length: 33452
last-modified: Thu, 01 Feb 2024 14:50:52 GMT
etag: "65bbafcc-82ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1902479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PaEzKFevqOBnIY%2Br58a0PN%2B6bebS%2B8AxyDA3rrqMd3FTrgqWYf16N07NIiReYSd1ox0PcbGtS%2BCXOm4Levf%2BLISWQc8jEXlYrv4N5TwlO3KfE6vkwp36t5dg0jqsIeQGJZohmVKSFUz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86516bdb85684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cuthub.net/img/plane.svg | 188.114.96.1 | 200 OK | 103 kB |
IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typeSVG Scalable Vector Graphics image Size103 kB (102811 bytes) Hash4f25968fc51a5e49dc1ea503d5d60e38 4221937e757eb15329dbc318092c9058044c5f73 d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
GET /img/plane.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnJ2yhIBSe%2F%2BhaJkpMoZBDDYQaBKHsoHnzOk9MXcc1yQtEttOZVCQ4utkkEaGLqCF%2B6SfksJP78%2BzBoPBlpgzpOdOFXHrbYhvdbhDiKoBOf0g%2F9DPqYtO5P3Lr%2Bs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc3156c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css | 172.67.141.24 | 200 OK | 36 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css IP172.67.141.24:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash80047eaa13ebd50c50e8a9753621e430 9c503e07d130572a0eaf51f7c02cbd4cf6213fe3 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGhMq5EoMJEsWSxlACU52ehgWkUC0BEH9RfsueCdQW3xS7zkCn3r%2Bgg%2Fss%2BEyp1vVWT1GCpikotD0riSq918m8UWI%2BNxTLDi7ZZiBoxNHV7Pn77cREu14tYir4AMkKQZHJleiLPBSG0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86515ef19b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 42665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:10 GMT
expires: Sat, 26 Apr 2025 06:02:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 42284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=44 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=44 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=44 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=42 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=42 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=42 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| likescenesfocused.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1likescenesfocused.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| likescenesfocused.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdM5OZiXsQ1zUSNm7WjaKepP71pEx1V1PVNT3JKbiw7EUYFsWLSOebZIO6%2BOfizUU6Cx4WhIwXczBn78KeZcbg6IOq9773vYLvvVe39v0ZacLT0ytvml2lNV1abkThc%2B%2FF8aVwXWV%2BGA57nQ867UuhHby80mlEz4dvSL5tlppRHEVxFIerysrEDJemJFR%2BbyVurESNdrMRL7cxtP%2FFzgdwNIAYnJEnocRk8UFwEYrXyNLvrki3XZj8pddTr2lhLAbi6J1sOzNlhnQeJjZAkh2dV8O4k9X7MNnhTC7M4J9CpiYk%2BPk%2BWHZ0LhJscDDTyTRkBiYeRzmoIXUNRWtwcxNKnBCAC1zbQJbevWZsSXf%2BZumUnZDFR39ClROy%2BPtFZOk3l7UahptG%2B0KZzGGYVFDDGqpfI%2FfHKHYXoMpj8OIjKPELWXq0jiw92HDaQIlq1rtSNVRSQ8sRqAvgp0cF8EkAnwdIxWnI4zjuRoLTqLfCeUt0JeuIKKbdJKZx1OnB86m8EYp8BK5H4HYPud3DthrB%2Bp%2Fgtio4EcAVExK8tYeBqFBKgtIRlJSgVARlQVAOqkOhXdNVd4V2nsXnvnnuW9XYFP19emiKvswIqB3Bimo%2FPyMXpvMJNj%2FfwrY8DZNWu5fESZuzVrPb6kjaY1HMRNLutUTUpBxOVVBuYdbyrpqQxrPPIFcTsvjFLTB6DKePwdUFUP80aFmBblXYzb71eaK0dN5q1%2BAmhTAV8uL%2FKHaCfX1Gnpot6epnn0Dyh%2BTcwG2F3Fb4UD0g6Ovb4xumJAc3TOnI9xt5oVK1S6cL3CxoIR%2F76qrcKY0Va1fc6MtX%2BZSYhvfelq5Yp5lQWd%2BRry8rIaRdNZZL8uOae1ey695tXfY28%2Fn69ddW19LcSueUyWpQdfL%2BHXA1IU%2F8sD77mS%2BEv0HZGtZXSP1cqTI1eL4Hl89zzhBYPccsD1D6amybbJ7UikDLOaasgvsXZvN4bOn0NVXVvruNvl0ALW4iSysMbIWBrkD1CM7%2Fb1zk9uErv7ZmBqYXxkzbhQOmrb4zG%2FL0%2BhROnYatSHSZTGSXyfZyO5FcsOVlFvGEs5bo9TgKN0le%2FOPjvwAAAP%2F%2FAQAA%2F%2F%2BxufLUcwQAAA%3D%3D | 172.240.108.76 | 200 OK | 7 B |
URL GET HTTP/1.1likescenesfocused.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdM5OZiXsQ1zUSNm7WjaKepP71pEx1V1PVNT3JKbiw7EUYFsWLSOebZIO6%2BOfizUU6Cx4WhIwXczBn78KeZcbg6IOq9773vYLvvVe39v0ZacLT0ytvml2lNV1abkThc%2B%2FF8aVwXWV%2BGA57nQ867UuhHby80mlEz4dvSL5tlppRHEVxFIerysrEDJemJFR%2BbyVurESNdrMRL7cxtP%2FFzgdwNIAYnJEnocRk8UFwEYrXyNLvrki3XZj8pddTr2lhLAbi6J1sOzNlhnQeJjZAkh2dV8O4k9X7MNnhTC7M4J9CpiYk%2BPk%2BWHZ0LhJscDDTyTRkBiYeRzmoIXUNRWtwcxNKnBCAC1zbQJbevWZsSXf%2BZumUnZDFR39ClROy%2BPtFZOk3l7UahptG%2B0KZzGGYVFDDGqpfI%2FfHKHYXoMpj8OIjKPELWXq0jiw92HDaQIlq1rtSNVRSQ8sRqAvgp0cF8EkAnwdIxWnI4zjuRoLTqLfCeUt0JeuIKKbdJKZx1OnB86m8EYp8BK5H4HYPud3DthrB%2Bp%2Fgtio4EcAVExK8tYeBqFBKgtIRlJSgVARlQVAOqkOhXdNVd4V2nsXnvnnuW9XYFP19emiKvswIqB3Bimo%2FPyMXpvMJNj%2FfwrY8DZNWu5fESZuzVrPb6kjaY1HMRNLutUTUpBxOVVBuYdbyrpqQxrPPIFcTsvjFLTB6DKePwdUFUP80aFmBblXYzb71eaK0dN5q1%2BAmhTAV8uL%2FKHaCfX1Gnpot6epnn0Dyh%2BTcwG2F3Fb4UD0g6Ovb4xumJAc3TOnI9xt5oVK1S6cL3CxoIR%2F76qrcKY0Va1fc6MtX%2BZSYhvfelq5Yp5lQWd%2BRry8rIaRdNZZL8uOae1ey695tXfY28%2Fn69ddW19LcSueUyWpQdfL%2BHXA1IU%2F8sD77mS%2BEv0HZGtZXSP1cqTI1eL4Hl89zzhBYPccsD1D6amybbJ7UikDLOaasgvsXZvN4bOn0NVXVvruNvl0ALW4iSysMbIWBrkD1CM7%2Fb1zk9uErv7ZmBqYXxkzbhQOmrb4zG%2FL0%2BhROnYatSHSZTGSXyfZyO5FcsOVlFvGEs5bo9TgKN0le%2FOPjvwAAAP%2F%2FAQAA%2F%2F%2BxufLUcwQAAA%3D%3D IP172.240.108.76:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdM5OZiXsQ1zUSNm7WjaKepP71pEx1V1PVNT3JKbiw7EUYFsWLSOebZIO6%2BOfizUU6Cx4WhIwXczBn78KeZcbg6IOq9773vYLvvVe39v0ZacLT0ytvml2lNV1abkThc%2B%2FF8aVwXWV%2BGA57nQ867UuhHby80mlEz4dvSL5tlppRHEVxFIerysrEDJemJFR%2BbyVurESNdrMRL7cxtP%2FFzgdwNIAYnJEnocRk8UFwEYrXyNLvrki3XZj8pddTr2lhLAbi6J1sOzNlhnQeJjZAkh2dV8O4k9X7MNnhTC7M4J9CpiYk%2BPk%2BWHZ0LhJscDDTyTRkBiYeRzmoIXUNRWtwcxNKnBCAC1zbQJbevWZsSXf%2BZumUnZDFR39ClROy%2BPtFZOk3l7UahptG%2B0KZzGGYVFDDGqpfI%2FfHKHYXoMpj8OIjKPELWXq0jiw92HDaQIlq1rtSNVRSQ8sRqAvgp0cF8EkAnwdIxWnI4zjuRoLTqLfCeUt0JeuIKKbdJKZx1OnB86m8EYp8BK5H4HYPud3DthrB%2Bp%2Fgtio4EcAVExK8tYeBqFBKgtIRlJSgVARlQVAOqkOhXdNVd4V2nsXnvnnuW9XYFP19emiKvswIqB3Bimo%2FPyMXpvMJNj%2FfwrY8DZNWu5fESZuzVrPb6kjaY1HMRNLutUTUpBxOVVBuYdbyrpqQxrPPIFcTsvjFLTB6DKePwdUFUP80aFmBblXYzb71eaK0dN5q1%2BAmhTAV8uL%2FKHaCfX1Gnpot6epnn0Dyh%2BTcwG2F3Fb4UD0g6Ovb4xumJAc3TOnI9xt5oVK1S6cL3CxoIR%2F76qrcKY0Va1fc6MtX%2BZSYhvfelq5Yp5lQWd%2BRry8rIaRdNZZL8uOae1ey695tXfY28%2Fn69ddW19LcSueUyWpQdfL%2BHXA1IU%2F8sD77mS%2BEv0HZGtZXSP1cqTI1eL4Hl89zzhBYPccsD1D6amybbJ7UikDLOaasgvsXZvN4bOn0NVXVvruNvl0ALW4iSysMbIWBrkD1CM7%2Fb1zk9uErv7ZmBqYXxkzbhQOmrb4zG%2FL0%2BhROnYatSHSZTGSXyfZyO5FcsOVlFvGEs5bo9TgKN0le%2FOPjvwAAAP%2F%2FAQAA%2F%2F%2BxufLUcwQAAA%3D%3D HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 910ec7dab50e3c21e0c1e75b7fa44b50
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.211.2 | 200 OK | 0 B |
URL HEAD HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP216.58.211.2:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint30:89:D4:C8:96:C6:D4:7B:F7:49:8D:DB:57:A1:D2:5A:D1:D3:D1:B4 ValidityMon, 08 Apr 2024 06:34:54 GMT - Mon, 01 Jul 2024 06:34:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:54 GMT
expires: Fri, 26 Apr 2024 17:46:54 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6313008392398930854
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=ddc35a03-cba5-4bd6-8d3c-95489bb7d436&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f348f1f4cb32736ea8b01bdf483d02ac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=ddc35a03-cba5-4bd6-8d3c-95489bb7d436&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f348f1f4cb32736ea8b01bdf483d02ac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=ddc35a03-cba5-4bd6-8d3c-95489bb7d436&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f348f1f4cb32736ea8b01bdf483d02ac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a33257853e732bcd2bf1cc4e66419e94
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cuthub.net/css/frontend.css?id=2396ffb76e738e465b53 | 188.114.96.1 | 200 OK | 260 kB |
URL GET HTTP/3cuthub.net/css/frontend.css?id=2396ffb76e738e465b53 IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
Size260 kB (260376 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9njrQPQPUTSoZ50j7qW%2FRiKt8D4HeQfY04iFfq6kDhH%2Bh8w0FzjpK1Giw0uMicqSBxe91VfINK4Rmpr4htBvXIiLJzjP6%2BtZbM4S5Nabahrr7TAUkC%2BI92v5b9e4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a865075adf56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cuthub.net/img/logo.svg | 188.114.96.1 | 200 OK | 22 kB |
IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typeSVG Scalable Vector Graphics image Hash1e28749acbd90e7e99a883c1890327cd 638b4525d3f0ed776db136ca1025a8961f46c9e0 d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
GET /img/logo.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3PWm1gJMH7JXFmerWVlOncarQobIbin00ZbHn9riiFvncbokvUh%2FfSRzNeMCZb8UYoCG8QGCB%2BeNM%2BbbTE3lBLferPaTaVP5WmSVG8WUR7wxdrVtD7v7MSsMAv4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a865075ae156c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cuthub.net/img/faqs-image.svg | 188.114.96.1 | 200 OK | 38 kB |
URL GET HTTP/3cuthub.net/img/faqs-image.svg IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
File typeSVG Scalable Vector Graphics image Hasha60b7216905928c625ae9592044476cd e70c5be728c7bd1198100337487aafe126834ca3 9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
GET /img/faqs-image.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGCKbaK3DqYjjSAgbRHwq%2F1fUCMfoD%2FVxjnKnSELGzI%2By2uu0X1uVwPqso%2FyELpGZnEVHZiuBB1%2FykMSK6weqHRjTJquColR47FGTpu830w2qkij2lxfIVyuh9ZW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc2d56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 17:46:53 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pogothere.xyz/asd100.bin | 188.114.97.1 | 200 OK | 102 kB |
IP188.114.97.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cuthub.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1947
last-modified: Fri, 26 Apr 2024 17:14:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VD5qU3Ma6A6%2BeWfHyphnGONAnMyxc%2BljgdM0Fhzj0VAAdlfimyX%2F5BF4Re%2F2cU%2BsmvGYPD9vO1a04B9zrlf6V5ZJ38bHbm%2BhtDDz50yYcOfx1ArbbQLNL1x6oRRcEHmR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650bef86b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live.demand.supply/up.js | 104.17.39.115 | 403 Forbidden | 0 B |
IP104.17.39.115:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerCloudflare, Inc. Subjectdemand.supply Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 26 Apr 2024 17:47:06 GMT
set-cookie: __cf_bm=vhdHD.hvx8KTTo7wgnszVOjBMv9h1V.d2wa3q8awKpc-1714153611-1.0.1.1-7BfsgZIOw9VpUIbeCAp4EK5dHPHN2ifh.eGVfYzZq9leN4fy4geSBG7ax6npckWl22IFQbjCf1ivEiIpkD5r0A; path=/; expires=Fri, 26-Apr-24 18:16:51 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a865099d4b1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/asd100.bin | 188.114.97.1 | 200 OK | 102 kB |
IP188.114.97.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cuthub.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1947
last-modified: Fri, 26 Apr 2024 17:14:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0KpNPkhn29%2Fu2RxQ5QSEHuRSNIRbugj5%2FtyBY5c%2Fr%2FTy%2FbtQRMrDMVLq8rCI3sIUwTxMOruNEB15zKuF%2BKibSMX%2B6BaLmGjQXBmZLaiw9h3BHzeCb3NtgQ%2Fnz2cBw0JL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650b7f47b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap | 142.250.74.106 | 200 OK | 19 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap IP142.250.74.106:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
Hashe9214a1167aa27518bc869450a50706d b5790e68611559bccd7a422ab3b63d4a9fa50c80 d2c53adf35264dffc9fb93e79e489fb00a10883c98108f57c0413a3c286fb4da
GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 17:46:51 GMT
date: Fri, 26 Apr 2024 17:46:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=376 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=376 IP172.240.108.76:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=376 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| quitesousefulhe.info/popunder.gif | 104.21.13.159 | 200 OK | 35 B |
URL GET HTTP/3quitesousefulhe.info/popunder.gif IP104.21.13.159:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectquitesousefulhe.info Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7 ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 145144
last-modified: Thu, 25 Apr 2024 01:27:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxSJ3m%2FA%2BVjBZaZhCeSEYZLd4Acai%2B29NEBemQ3PO8S3q7Cc7oRYgtkvVS1N%2BEL2GGOxYilApeOEG3uSXT8ovOjOG6VzNV22WEwvF1nNowudeRJgToH3Aa3n6HeG0xhSf6DyIIo6AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86512384d56a5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-RGMO-3-gkZrZw3jdd-b8Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-es7IZdWT_0CXOk8_1uHVcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=36 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=36 IP172.240.108.76:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=36 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| onservantasr.info/MUJ6OGZQIBlVWVB/GB4TQy5HHVR3Z0h+AgB0CVcESzENSQlfOgsWBV0tD1wAQy0UTEhfJw4dVHd0NWABBQwtfgd3cyBsPlpyKGAnWRM5bQl8ADx1KGkpEnAkd3s8b1ZwFC9pV1AFDQEFdQBPXiNdGy1rJ1YJH1JTQiAoVFF4BD9sIGQPGXo3ZwosagpmFxZPAHkUIG8+cCofbzB0Bjh9EVQTKH4xdDUsfCMAGzBtCnAVL2lfYgcCaj9jFCxZIQADL24gYwc5QlJ/BUt9BWIlHVwhYCowcDdoKDJ9CXgVK1A+dRc7aTNGKTt5J3xnSHoiATUeeg98ISlfS1kKPEAefScrQD53ch1qI3cPMHBXABU5VDxVARR2MnIXEXEkZwMwazQBCi9uXmMRFnkuZyU7XCRIITtsDmgEKAgedwErHgxCLRRIW1oBPGw+SQAiUQ | 3.164.230.67 | 200 OK | 3.0 kB |
URL GET HTTP/2onservantasr.info/MUJ6OGZQIBlVWVB/GB4TQy5HHVR3Z0h+AgB0CVcESzENSQlfOgsWBV0tD1wAQy0UTEhfJw4dVHd0NWABBQwtfgd3cyBsPlpyKGAnWRM5bQl8ADx1KGkpEnAkd3s8b1ZwFC9pV1AFDQEFdQBPXiNdGy1rJ1YJH1JTQiAoVFF4BD9sIGQPGXo3ZwosagpmFxZPAHkUIG8+cCofbzB0Bjh9EVQTKH4xdDUsfCMAGzBtCnAVL2lfYgcCaj9jFCxZIQADL24gYwc5QlJ/BUt9BWIlHVwhYCowcDdoKDJ9CXgVK1A+dRc7aTNGKTt5J3xnSHoiATUeeg98ISlfS1kKPEAefScrQD53ch1qI3cPMHBXABU5VDxVARR2MnIXEXEkZwMwazQBCi9uXmMRFnkuZyU7XCRIITtsDmgEKAgedwErHgxCLRRIW1oBPGw+SQAiUQ IP3.164.230.67:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerAmazon Subjectonservantasr.info Fingerprint4E:0A:E9:00:74:B8:B3:C9:4F:2A:1E:4E:6D:FA:10:D6:85:BC:6F:CE ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3060), with no line terminators Hashd717827c015a21545262c58053f65d6d 02b2aff5ee6c6dd1e67186dae28b3461a6ed3345 80872c0434904f8b5dfd296f306d0d92c55f5e55e7d722b5e7307aa0aa5fd592
GET /MUJ6OGZQIBlVWVB/GB4TQy5HHVR3Z0h+AgB0CVcESzENSQlfOgsWBV0tD1wAQy0UTEhfJw4dVHd0NWABBQwtfgd3cyBsPlpyKGAnWRM5bQl8ADx1KGkpEnAkd3s8b1ZwFC9pV1AFDQEFdQBPXiNdGy1rJ1YJH1JTQiAoVFF4BD9sIGQPGXo3ZwosagpmFxZPAHkUIG8+cCofbzB0Bjh9EVQTKH4xdDUsfCMAGzBtCnAVL2lfYgcCaj9jFCxZIQADL24gYwc5QlJ/BUt9BWIlHVwhYCowcDdoKDJ9CXgVK1A+dRc7aTNGKTt5J3xnSHoiATUeeg98ISlfS1kKPEAefScrQD53ch1qI3cPMHBXABU5VDxVARR2MnIXEXEkZwMwazQBCi9uXmMRFnkuZyU7XCRIITtsDmgEKAgedwErHgxCLRRIW1oBPGw+SQAiUQ HTTP/1.1
Host: onservantasr.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Fri, 26 Apr 2024 17:46:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: v_dyxioVFFufQ3pHCqndPFFhOlaPL9UivhMII2rRCfU_rK8nv6tTcQ==
X-Firefox-Spdy: h2
|
|
| likescenesfocused.com/8e/c3/c4/8ec3c46510d6cdfa39d05771966b94c1.js | 172.240.108.76 | 200 OK | 82 kB |
URL GET HTTP/1.1likescenesfocused.com/8e/c3/c4/8ec3c46510d6cdfa39d05771966b94c1.js IP172.240.108.76:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectlikescenesfocused.com Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash37dcf1a5b4a7d046060a00dd1c91708e fb7b139c6edf3339f644e5a0092cdf869860e50b d6db4cc24a86174fefd5393a6365b6faaf3b2e116b2623508ce4aba14f12a34c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8e/c3/c4/8ec3c46510d6cdfa39d05771966b94c1.js HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_new=1; expires=Sun, 28 Apr 2024 17:46:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0a124614f5f252f57e37ffa7bc45acd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cuthub.net/favicon.ico | 188.114.96.1 | 302 Found | 4.1 kB |
IP188.114.96.1:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectcuthub.net Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; ab=1; sb_page_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_onpage_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_main_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_count_f348f1f4cb32736ea8b01bdf483d02ac=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ddc35a03-cba5-4bd6-8d3c-95489bb7d436%3A3%3A1; _ga_75C4L64NEB=GS1.1.1714153612.1.0.1714153612.0.0.0; _ga=GA1.1.1511377916.1714153613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: text/html; charset=UTF-8
location: https://cuthub.net/wp-includes/images/w-logo-blue-white-bg.png
x-powered-by: PHP/8.2.15
x-ua-compatible: IE=edge
link: <https://cuthub.net/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8S%2B2m%2F4DrIV%2BzPM33a1xWbicQt8DPhmRzmsTmZtHMNF2vbnyDBfqEA1XWh%2FwaTwVmx2Ts4UEQjctpj5egvnRkQnT2T5jyFzMfHt0zjzLfqGdos5O%2BQj2eLgLsfJM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650f5f5156c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c3b995d2617502b45a947b043bf950d2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 26 Apr 2024 17:46:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgtyjglIOWPWEn%2FCuC8txpkcjEprtu9FYtRXfyHZz37jpWPh7PTRlfro6VD3ZdSQrevxgE7hg0kLa38k9M0onxnFqZQCm8v55RPYoemJaMxyIJnuA8QhyWKNFuPDcwWnZolP9oLXYMsw7zUB8vDCoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650b2b6db523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:LXZvHbh6xGHcaiugGG7nEbPD_M0Htw:IFLT6KTpmkGMIUar; Expires=Sun, 26-Apr-2026 17:46:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-0Ukj7oX_1ayQ8J-mBZ3Gyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js | 172.67.141.24 | 200 OK | 386 B |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js IP172.67.141.24:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (399), with no line terminators Hash022602a468da44628060800173771da2 9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c 6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:48:54 GMT
etag: W/"65bbaf56-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBWAVzWQQYmEIYddxlUEz28MF4JsXNJkZzbrpgXfNWZVROX3%2Fv5ZjcA5%2FJe8rJ3ka7IcRjiqxoSu4r3MFaBMU7B79VxlCTArap5NbM9oXzvxzsx9wWAdkGvJUuNWJyRmvm9vS9n4yOQq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86515ef1cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit | 142.250.74.131 | 200 OK | 921 B |
URL GET HTTP/2www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP142.250.74.131:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectmisc.google.com Fingerprint25:6F:4D:A3:F9:83:CC:45:3B:9E:3E:C7:4E:40:67:1B:52:29:34:F5 ValidityMon, 08 Apr 2024 06:40:24 GMT - Mon, 01 Jul 2024 06:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (921), with no line terminators Hashb832740e618479615e7f4ec2d6d18e95 39e2c70fbc1164d6748e0314c36691c42245c53a 66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 26 Apr 2024 17:46:52 GMT
date: Fri, 26 Apr 2024 17:46:52 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css | 172.67.141.24 | 200 OK | 3.6 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css IP172.67.141.24:443
Requested byhttps://cuthub.net/8hLDI9 CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3854), with no line terminators Hash1ef6c40dc9237f64e46f930e4b26d112 7e94a725845a7101b17bfc0ff488e27c12060c1d e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huH0KzgVb%2BsZZDflmUh0tkdJeDavz%2B92avQ0crhRM5llEc2WkG254KJJ%2FWEjrgOmtEjU2HV03P8hbgsHWEYw6Y3qaWf60tQMZWVbDtCEvenxUWN13ok%2BmgMyxWwETQ6J9qQgKk6ofacR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86515ef21b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|