cutty.app/TE7Ev
104.21.72.235301 Moved Permanently 155 B IP 104.21.72.235:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 42c394b8f0152b372537ace9acc3f7bb
1219c55c4e3ea109c473aab65deb81f09a0fe0a6
6aaad3365c30c4f8d2504e569527e588d33eeae66dd7045bcfeef7413820db2a
GET /TE7Ev HTTP/1.1
Host: cutty.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 04:37:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cutty.app/TE7Ev
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGP%2BlR5Y067Kbxy7AXk0E8QGwf%2FVtCx2heHxPAGVjKMfsfngCj7jDRy3Pcu%2FV%2BTvp8afpqFDE5ZBt%2FoC5MYgi%2FvOjkihxu0TFbH6VICOuurLV6vV1Os9kQV9soc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771068a249c2b51d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Mon, 28 Nov 2022 05:52:48 GMT
Date: Mon, 28 Nov 2022 04:37:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3259
Cache-Control: max-age=110882
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:30 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:25:32 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 04:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1185
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7183
Expires: Mon, 28 Nov 2022 06:37:13 GMT
Date: Mon, 28 Nov 2022 04:37:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NQSRSX6hOeYC/9zY+091OWjsoRYGlE4cktqUBgmLNqGICNtbJV80jSfaJC5lb6vYGVfRond5vCI=
x-amz-request-id: 59CSQSPBTBZ0PSDM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:41:54 GMT
age: 3336
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/pC0NexLFBbg
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pC0NexLFBbg
IP 142.250.74.35:0
Hash 62bf14a09fe5584bd5863cd89b606a73
a3921b1f5162e9b29e73991b1fecd0907666ef92
4063b393b83999a82ad942f3e79415fe3750886b0b51695c92dc6443a6048265
POST /s/gts1p5/pC0NexLFBbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:37:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/pC0NexLFBbg
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pC0NexLFBbg
IP 142.250.74.35:0
Hash 62bf14a09fe5584bd5863cd89b606a73
a3921b1f5162e9b29e73991b1fecd0907666ef92
4063b393b83999a82ad942f3e79415fe3750886b0b51695c92dc6443a6048265
POST /s/gts1p5/pC0NexLFBbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 4.1 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49723ce8bb6284833154ac1622b3ac0a
a33298bd9ecfb9a320e035f5a9c99bb8cf90599e
c06eea71cb00e8b99066531c6d19068f11789c979dbf446c3f3dabc42851747d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBA795E1EC6FB6F43FEC575D7C5944DA3548FB2480AECD3ACCE79A4B11D2708F"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5816
Expires: Mon, 28 Nov 2022 06:14:27 GMT
Date: Mon, 28 Nov 2022 04:37:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f92700f9395728a7a40264eaaa42b4c
450f6ba9c31e9e1b27faddbdc7ccfdcb6ed9211f
0ddedb7e5bfb3782820666332b087d74939df2d6d565baedbeafdaa701e91623
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DDEDB7E5BFB3782820666332B087D74939DF2D6D565BAEDBEAFDAA701E91623"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2369
Expires: Mon, 28 Nov 2022 05:17:00 GMT
Date: Mon, 28 Nov 2022 04:37:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Last-Modified: Mon, 28 Nov 2022 03:12:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 28 Nov 2022 04:37:31 GMT
date: Mon, 28 Nov 2022 04:37:31 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
IP 142.250.74.168:0
File type ASCII text, with very long lines (21484)
Hash ea991dd06ccd0f66f924af7faab077a7
126e297b12d0bcc5b69237966ad867a6741ae3cc
786af7e1059b6aacf93de9ccd8c83cec7b06c971221d1e0137927f54419141f7
GET /gtag/js?id=G-GGDCMPL4QP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 04:37:31 GMT
expires: Mon, 28 Nov 2022 04:37:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 04:11:12 GMT
cache-control: public,max-age=3600
age: 1579
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/?rwlrd=961706
54.230.245.77200 OK 116 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961706
IP 54.230.245.77:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 116 kB (115756 bytes)
Hash 90fd8f3aba0650ec9ea72a44878cfff6
f7f3c0b0b8a7da799e4b13dc71d2def9c4ea1db3
c7230f3ef9bfb30f2d379b7ff51e9070780d2192c0d3a78ee1dae0f4214f3996
GET /?rwlrd=961706 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 115756
date: Mon, 28 Nov 2022 04:37:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -7p9LactWqxG2MlFP-MDDXbaaWtxOf1tNfoneTM4L_SntqVF2R5hsw==
X-Firefox-Spdy: h2
saltateblit.com/tOADPiI9J2GBTD/51949
23.109.87.15200 OK 25 B URL HTTP/1.1 saltateblit.com/tOADPiI9J2GBTD/51949
IP 23.109.87.15:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tOADPiI9J2GBTD/51949 HTTP/1.1
Host: saltateblit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:37:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cutty.app
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 29-Nov-2022 04:37:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 29-Nov-2022 04:37:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 851285a4192e175f768113c2d0ad1d25
0683972864b3242a50a74fdc609c14b1e3768174
fba795e1ec6fb6f43fec575d7c5944da3548fb2480aecd3acce79a4b11d2708f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBA795E1EC6FB6F43FEC575D7C5944DA3548FB2480AECD3ACCE79A4B11D2708F"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5816
Expires: Mon, 28 Nov 2022 06:14:27 GMT
Date: Mon, 28 Nov 2022 04:37:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5df609f9385e8ae6fcf0688985b6a67
81c1436e01df986a2eedc1de3c6443a0cfd78864
40798d5b35dad13a01ae726963ed7403e8e417fe0e2f38d92b4e48ab8640a2e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40798D5B35DAD13A01AE726963ED7403E8E417FE0E2F38D92B4E48AB8640A2E0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6647
Expires: Mon, 28 Nov 2022 06:28:18 GMT
Date: Mon, 28 Nov 2022 04:37:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.195200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.195:0
Hash 5b5d6a169c942313b94e75d7037cd65d
7956c22260c3df89373bdbfbcad8323ba0455b7f
9bd6a9b3c8f717815b7fea7b6fe789166a20525fb373b1d860c5479d5b3ed660
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutty.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:03:56 GMT
expires: Fri, 24 Nov 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 340415
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1441f62150ae6532dd1d17876652881f
a18b7022d6bc686a7229208ab1649ab8e5241ec8
103abca551b9b62457ca612c54a0f87b8a11c4a6569cbfc3b185c77e2f2dbb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "103ABCA551B9B62457CA612C54A0F87B8A11C4A6569CBFC3B185C77E2F2DBB63"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14624
Expires: Mon, 28 Nov 2022 08:41:15 GMT
Date: Mon, 28 Nov 2022 04:37:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ml7YNtiUCoT6rC6m3kDhmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i1ZfPmLWGMXTAwYZT5suciaBF40=
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.35:0
Hash 11d4c80f970b596480099d1fb5eb6a61
df8397aa1b4904d45a35a7c3534a96901d0a41d8
53affe8b2090e55691bd12e39f92ad622f52fc277ea250df5b033bfa0071cc84
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tonewithough.com/ZURBRUEEJiIofgR5I2M0Fyh8YHMjYXMDJVR9czd0CXx5MjMLI3ZrIgkrNCEnFysvMW8LITVgcyN3FxIHDyUtCHMhI3EIIyYBCAdwATUYdAMwEywTOyY8AAMRNhIiCQACABgEMgQLExMqKgIIARgxLAkDOSR3IAMHIwYrDHYnKHQIDw83Ah0tEXUPBBQnEnMhOyMWDAMOIiMOATkOcAg9ECkABXVkVwYTPRgpJisiDiIVDGBzIwsQBwYyBhciFVQKERwWMw4HBAxcCRBxFCIcGysUNHQkISwBFhQpMVweFBcQLgwbKxQ3FQUVFisSEykqNycHCxUgKRctEyNpAColCCATABMddhssAzYTLB92MBExFRgyEQYHJg5wDi4TNwgGAy0wAg8kGAgSEBctDS4MMiY3ADsQdyIRGxwHMhYTEyo3LiI9EwATNmMrFisvNXwqJhFwKxwXB3QYVC1zKA
54.230.111.116200 OK 1.2 kB URL HTTP/2 tonewithough.com/ZURBRUEEJiIofgR5I2M0Fyh8YHMjYXMDJVR9czd0CXx5MjMLI3ZrIgkrNCEnFysvMW8LITVgcyN3FxIHDyUtCHMhI3EIIyYBCAdwATUYdAMwEywTOyY8AAMRNhIiCQACABgEMgQLExMqKgIIARgxLAkDOSR3IAMHIwYrDHYnKHQIDw83Ah0tEXUPBBQnEnMhOyMWDAMOIiMOATkOcAg9ECkABXVkVwYTPRgpJisiDiIVDGBzIwsQBwYyBhciFVQKERwWMw4HBAxcCRBxFCIcGysUNHQkISwBFhQpMVweFBcQLgwbKxQ3FQUVFisSEykqNycHCxUgKRctEyNpAColCCATABMddhssAzYTLB92MBExFRgyEQYHJg5wDi4TNwgGAy0wAg8kGAgSEBctDS4MMiY3ADsQdyIRGxwHMhYTEyo3LiI9EwATNmMrFisvNXwqJhFwKxwXB3QYVC1zKA
IP 54.230.111.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Hash eaa434fbe4427715285c64a5cbf6d7f2
2986077f9171512fb00b785a8000d90d18af529c
c38c12b3e3e2e66125a52df7c0cd4462761f96dfb14887a37c499d5be05a8933
GET /ZURBRUEEJiIofgR5I2M0Fyh8YHMjYXMDJVR9czd0CXx5MjMLI3ZrIgkrNCEnFysvMW8LITVgcyN3FxIHDyUtCHMhI3EIIyYBCAdwATUYdAMwEywTOyY8AAMRNhIiCQACABgEMgQLExMqKgIIARgxLAkDOSR3IAMHIwYrDHYnKHQIDw83Ah0tEXUPBBQnEnMhOyMWDAMOIiMOATkOcAg9ECkABXVkVwYTPRgpJisiDiIVDGBzIwsQBwYyBhciFVQKERwWMw4HBAxcCRBxFCIcGysUNHQkISwBFhQpMVweFBcQLgwbKxQ3FQUVFisSEykqNycHCxUgKRctEyNpAColCCATABMddhssAzYTLB92MBExFRgyEQYHJg5wDi4TNwgGAy0wAg8kGAgSEBctDS4MMiY3ADsQdyIRGxwHMhYTEyo3LiI9EwATNmMrFisvNXwqJhFwKxwXB3QYVC1zKA HTTP/1.1
Host: tonewithough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Mon, 28 Nov 2022 04:37:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -_eMCldJlUYPzwlm9PhLq4fT-B3BS0lrD2tZ1RZSdFPgMwDOiNRxlg==
X-Firefox-Spdy: h2
tonewithough.com/Tk1uNVMvLw1YbC9wDBMmPCFTEGEIaFxzN390XEdmInVWQiEgKlkbMCIiG1E1PCIAQX0gKBoQYQgBOH0JAhoAcGAJHjsNBycMCHlhKgQ3XglrfyxUBhg0JnE0fwUXZx8NJV5CGyQMAHoXKSwhZx4hGxd0HgJ/CncwJiIfexEUPTt2Z34IA1kbLBkdYx0lOUsHFSgMO14UHQ8AfTkpCyd2JAsdLHQ/AxsNXRV9FF19OnorJE8KHy47ZB0sfFdeBn0hH2IAAyskYWcrBBljJi8IKwMSI3gBZAQYCjRiIxsXFGcmLwgrXxs3Gx1nCwgLLW1qChcvAGosITxbHQlgW1oCHRQvVz4lOjRgCWt/LFEWCHQ7Bj8/CwRwBQcJOGAJJA9bVDgMJjxbIz8cJnMWKzcZbBkmABp7AiI1PHRiPBw5cworfhlwMhsuSF8gISMeCBIJDCRzPywEIHoLPA
54.230.111.116200 OK 1.8 kB URL HTTP/2 tonewithough.com/Tk1uNVMvLw1YbC9wDBMmPCFTEGEIaFxzN390XEdmInVWQiEgKlkbMCIiG1E1PCIAQX0gKBoQYQgBOH0JAhoAcGAJHjsNBycMCHlhKgQ3XglrfyxUBhg0JnE0fwUXZx8NJV5CGyQMAHoXKSwhZx4hGxd0HgJ/CncwJiIfexEUPTt2Z34IA1kbLBkdYx0lOUsHFSgMO14UHQ8AfTkpCyd2JAsdLHQ/AxsNXRV9FF19OnorJE8KHy47ZB0sfFdeBn0hH2IAAyskYWcrBBljJi8IKwMSI3gBZAQYCjRiIxsXFGcmLwgrXxs3Gx1nCwgLLW1qChcvAGosITxbHQlgW1oCHRQvVz4lOjRgCWt/LFEWCHQ7Bj8/CwRwBQcJOGAJJA9bVDgMJjxbIz8cJnMWKzcZbBkmABp7AiI1PHRiPBw5cworfhlwMhsuSF8gISMeCBIJDCRzPywEIHoLPA
IP 54.230.111.116:0
Hash 06d8372d8d719f1f5c3e00849ca61b9e
28a97c01bda7fe667ccbb6afa2bee80afda07b28
c5263accfc0520c9cb03080684c6fffc1ca5a9fd0faa7e7cf9b7232c005afc32
GET /Tk1uNVMvLw1YbC9wDBMmPCFTEGEIaFxzN390XEdmInVWQiEgKlkbMCIiG1E1PCIAQX0gKBoQYQgBOH0JAhoAcGAJHjsNBycMCHlhKgQ3XglrfyxUBhg0JnE0fwUXZx8NJV5CGyQMAHoXKSwhZx4hGxd0HgJ/CncwJiIfexEUPTt2Z34IA1kbLBkdYx0lOUsHFSgMO14UHQ8AfTkpCyd2JAsdLHQ/AxsNXRV9FF19OnorJE8KHy47ZB0sfFdeBn0hH2IAAyskYWcrBBljJi8IKwMSI3gBZAQYCjRiIxsXFGcmLwgrXxs3Gx1nCwgLLW1qChcvAGosITxbHQlgW1oCHRQvVz4lOjRgCWt/LFEWCHQ7Bj8/CwRwBQcJOGAJJA9bVDgMJjxbIz8cJnMWKzcZbBkmABp7AiI1PHRiPBw5cworfhlwMhsuSF8gISMeCBIJDCRzPywEIHoLPA HTTP/1.1
Host: tonewithough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Mon, 28 Nov 2022 04:37:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2hI2zxKXobngd9aW3yL2FjIgDxiRxrASUgaLQEo7R3gpPwBgxIiSgA==
X-Firefox-Spdy: h2
tonewithough.com/M0o0dmxSKFcbU1J3VlAZQSYJU151bwYwCAJzBgRZX3IMAR5dLQNYD18lQRIKQSVaAkJdL0BTXnUuUT4iQhMFNw57C2UwDkQ9VTIABjpgHSZXHwYSCXQYXzs8VCJ7Mi9XJHAzLVsHTj8LeyNfHi93C0MiLlA7fDNZUhhgATZ7GwUTCFt6UDU6BiJsHiV8C2NHIWUYDDUOYR9XMy1ccnI0JmMfZiwiaxxEMTVYIlY+PVxvBjQkcT1QMyRlAWUBPWsuYQYoZHt6U15xGXIsNnoSYj09S3p/JgcGAmBHLWASYTANdHhuOzpfIVwSOUMOczQ6AhlOPA5meGIhPQNnejE1WC1hMhtyfXJHNmoAYzwlYiZEIjVmInciXXUtfB4DagheLzRweg0kKlgmcC5cAi1sETZrH1NQBkAlWgZRVQ4DAl94GlYuAXAIbD4v
54.230.111.116200 OK 1.2 kB URL HTTP/2 tonewithough.com/M0o0dmxSKFcbU1J3VlAZQSYJU151bwYwCAJzBgRZX3IMAR5dLQNYD18lQRIKQSVaAkJdL0BTXnUuUT4iQhMFNw57C2UwDkQ9VTIABjpgHSZXHwYSCXQYXzs8VCJ7Mi9XJHAzLVsHTj8LeyNfHi93C0MiLlA7fDNZUhhgATZ7GwUTCFt6UDU6BiJsHiV8C2NHIWUYDDUOYR9XMy1ccnI0JmMfZiwiaxxEMTVYIlY+PVxvBjQkcT1QMyRlAWUBPWsuYQYoZHt6U15xGXIsNnoSYj09S3p/JgcGAmBHLWASYTANdHhuOzpfIVwSOUMOczQ6AhlOPA5meGIhPQNnejE1WC1hMhtyfXJHNmoAYzwlYiZEIjVmInciXXUtfB4DagheLzRweg0kKlgmcC5cAi1sETZrH1NQBkAlWgZRVQ4DAl94GlYuAXAIbD4v
IP 54.230.111.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Hash 0ee0bb9f047c1d8782104d99275ea19e
89f51abcb32ba87a15a903d43065bff71dbade0a
0481c2e6ec85494b0185581ad272bf8af6ded18ea0876070f1399957c55ccaf6
GET /M0o0dmxSKFcbU1J3VlAZQSYJU151bwYwCAJzBgRZX3IMAR5dLQNYD18lQRIKQSVaAkJdL0BTXnUuUT4iQhMFNw57C2UwDkQ9VTIABjpgHSZXHwYSCXQYXzs8VCJ7Mi9XJHAzLVsHTj8LeyNfHi93C0MiLlA7fDNZUhhgATZ7GwUTCFt6UDU6BiJsHiV8C2NHIWUYDDUOYR9XMy1ccnI0JmMfZiwiaxxEMTVYIlY+PVxvBjQkcT1QMyRlAWUBPWsuYQYoZHt6U15xGXIsNnoSYj09S3p/JgcGAmBHLWASYTANdHhuOzpfIVwSOUMOczQ6AhlOPA5meGIhPQNnejE1WC1hMhtyfXJHNmoAYzwlYiZEIjVmInciXXUtfB4DagheLzRweg0kKlgmcC5cAi1sETZrH1NQBkAlWgZRVQ4DAl94GlYuAXAIbD4v HTTP/1.1
Host: tonewithough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Mon, 28 Nov 2022 04:37:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3sLJ0bKNR_xMt2MtKIUP7uM1X0jQCEwtmpcrI7sK-4ZGf4R7AelP8w==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.35:0
Hash 11d4c80f970b596480099d1fb5eb6a61
df8397aa1b4904d45a35a7c3534a96901d0a41d8
53affe8b2090e55691bd12e39f92ad622f52fc277ea250df5b033bfa0071cc84
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8620cb50c13aa6595039feb6a940c719
87697510b8823d7312df41eaca3fd042a12bf96d
eda65270df7fee2cb4c1dcd7d5116c6e58918b7685ff2b2ef5e791c5b787a618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4555
Cache-Control: max-age=104240
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Etag: "63831d71-117"
Expires: Tue, 29 Nov 2022 09:34:52 GMT
Last-Modified: Sun, 27 Nov 2022 08:18:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.35:0
Hash 11d4c80f970b596480099d1fb5eb6a61
df8397aa1b4904d45a35a7c3534a96901d0a41d8
53affe8b2090e55691bd12e39f92ad622f52fc277ea250df5b033bfa0071cc84
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tzegilo.com/stattag.js
172.67.194.45200 OK 5.5 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 9309f9aad39d938d0048186a9094c54c
9521e2178783c035ca01a1c1408728a1fdf7018c
2da8ebea84b18b6491d8169fe658f45aa6fa315175b5b510f8807799e1fda5c7
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:37:32 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhSjbKlB5AuJQCshHOdhdlS%2FtGI6ThFbDrQ%2BCdUyGWnvJ3F3Izkq0jFMrvPKR%2F7mykEAM1HU8vCbvqWB2sf3i1TST0W2w7aeKtgf4g35MMoN6IIvjqExs2CLomwKAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771068abaffbb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
enaceanspection.com/dWN0SkFaXBc5fCEOOgEXGDlNHXJAFSF5MRQGMwQkEA8yfhszV1I+KBFeTXxwQlNDbDEcB0l7eVMQACs1ABBJe2ccDRIlfFMVSXtvRU1GZHNTFkl7ZwETFS18REUEPjUZXkV8d0xVRXpzQFJHfHg
172.67.221.144204 No Content 0 B URL HTTP/2 enaceanspection.com/dWN0SkFaXBc5fCEOOgEXGDlNHXJAFSF5MRQGMwQkEA8yfhszV1I+KBFeTXxwQlNDbDEcB0l7eVMQACs1ABBJe2ccDRIlfFMVSXtvRU1GZHNTFkl7ZwETFS18REUEPjUZXkV8d0xVRXpzQFJHfHg
IP 172.67.221.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dWN0SkFaXBc5fCEOOgEXGDlNHXJAFSF5MRQGMwQkEA8yfhszV1I+KBFeTXxwQlNDbDEcB0l7eVMQACs1ABBJe2ccDRIlfFMVSXtvRU1GZHNTFkl7ZwETFS18REUEPjUZXkV8d0xVRXpzQFJHfHg HTTP/1.1
Host: enaceanspection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 04:37:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TR5aCVC3bhAio5Aey2ObfyHHbhcc30lF75SkvmGVTqqRimtzr2gMW2h4esh64yz1KoHT2rcrhoQhy8MYOoAHo20Y0Ga25Loh%2FEtaj%2F61tEPVf7WlE2lpT1KgAAH3Gl94zbT81mP6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771068ab4ce2b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
enaceanspection.com/d3oyZExYRVEXcRUvCyABMShTAhQuPWsiGkEfRQw4IEkHVw4gKxQQJRNHC1J9QEoEQjweHg9VagQOUxA5BEcDQiUZHF1ZagFHA0p/Q1QBVWJGXEdZfVEOQgUrSksUFDgDFg9VekFDBFV8RU8DV39H
172.67.221.144204 No Content 162 B URL HTTP/2 enaceanspection.com/d3oyZExYRVEXcRUvCyABMShTAhQuPWsiGkEfRQw4IEkHVw4gKxQQJRNHC1J9QEoEQjweHg9VagQOUxA5BEcDQiUZHF1ZagFHA0p/Q1QBVWJGXEdZfVEOQgUrSksUFDgDFg9VekFDBFV8RU8DV39H
IP 172.67.221.144:0
Hash d0719bb1e3fedbfa668ae6938cfdf7f7
0983984b4f187b2d0d897d9dced2b7d7c660416d
d8ea0b6439da26365ab1d9a5d2b0f11e19ef8e024969cf9a551a7507675eed75
GET /d3oyZExYRVEXcRUvCyABMShTAhQuPWsiGkEfRQw4IEkHVw4gKxQQJRNHC1J9QEoEQjweHg9VagQOUxA5BEcDQiUZHF1ZagFHA0p/Q1QBVWJGXEdZfVEOQgUrSksUFDgDFg9VekFDBFV8RU8DV39H HTTP/1.1
Host: enaceanspection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 04:37:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GjvmCLwv7I7XaFi1O7mgRUTyFfEgR0TjhjND3hGFMtJ7h1L9PrWnkniEzUfdOAR%2BMnRqfkxDE%2BpmGzPss2DQYzwjtjKB54eOcdfteCgnB%2B5EyaXj16uiKTgnKtG1KgWmms8PnDm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771068ab8cfab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
enaceanspection.com/MFA0M3Efb1dATGoGdmQjWhpmaTYJYHcCN1cJfHo6Zgd+XxJhCRJHGFRtDQVBBWMAFQFZNAkCV0MkVUcEQ20FFRheNlsOV0ZtBR1CBH4HAl8BdkEOQBYkRFIWDWESQwVEPAkCRwZpAgJBAmUFAEQG
172.67.221.144204 No Content 0 B URL HTTP/2 enaceanspection.com/MFA0M3Efb1dATGoGdmQjWhpmaTYJYHcCN1cJfHo6Zgd+XxJhCRJHGFRtDQVBBWMAFQFZNAkCV0MkVUcEQ20FFRheNlsOV0ZtBR1CBH4HAl8BdkEOQBYkRFIWDWESQwVEPAkCRwZpAgJBAmUFAEQG
IP 172.67.221.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MFA0M3Efb1dATGoGdmQjWhpmaTYJYHcCN1cJfHo6Zgd+XxJhCRJHGFRtDQVBBWMAFQFZNAkCV0MkVUcEQ20FFRheNlsOV0ZtBR1CBH4HAl8BdkEOQBYkRFIWDWESQwVEPAkCRwZpAgJBAmUFAEQG HTTP/1.1
Host: enaceanspection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 04:37:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYM9UqKlr0LRpJSmzbsFdyb3yW198gy1WnzlJ2f%2Fy5AYodHfPYi5XxWK0qQnYe4YWW0cJGydRGqJoPNONYdcydQeXhKh15zJ1zUKsMsE6oA57LjXPhWj0AFgRzoE8rKbHTpcvkY6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771068abcd21b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/deHNqY1AbHAQFbwwaDl5pTkJdU2deGRkMPghODCdnDEAhMzIgHikhCDAwTBcqHE5aRTwZHQ1edh0dCV5hXhIOAW1MVR8CbRUcEAo8FBJPURZNXVpGYkhbHQo+HBwdEHVKQwQXdUpDW1N+SFZZIXVKQx0KPk5HT1ASXUFaG2ZMVlkhdUpDGBV1SzJbU2VWQ0-NGYkgUDwA7F1ZYJWJIQlpTYUhCT1FgHhoYBjYXC09RFklDX01gXgZXUg
54.230.245.77200 OK 193 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/deHNqY1AbHAQFbwwaDl5pTkJdU2deGRkMPghODCdnDEAhMzIgHikhCDAwTBcqHE5aRTwZHQ1edh0dCV5hXhIOAW1MVR8CbRUcEAo8FBJPURZNXVpGYkhbHQo+HBwdEHVKQwQXdUpDW1N+SFZZIXVKQx0KPk5HT1ASXUFaG2ZMVlkhdUpDGBV1SzJbU2VWQ0-NGYkgUDwA7F1ZYJWJIQlpTYUhCT1FgHhoYBjYXC09RFklDX01gXgZXUg
IP 54.230.245.77:0
File type ASCII text, with no line terminators
Hash ca011fd444da61e497e09945693a60fa
9836db1a442dcb126e7db0ed70f70948def546d0
1fbe18f65c6bd5980accc09d859039cc6f3a0786973d466f6fe816530b49992e
GET /deHNqY1AbHAQFbwwaDl5pTkJdU2deGRkMPghODCdnDEAhMzIgHikhCDAwTBcqHE5aRTwZHQ1edh0dCV5hXhIOAW1MVR8CbRUcEAo8FBJPURZNXVpGYkhbHQo+HBwdEHVKQwQXdUpDW1N+SFZZIXVKQx0KPk5HT1ASXUFaG2ZMVlkhdUpDGBV1SzJbU2VWQ0-NGYkgUDwA7F1ZYJWJIQlpTYUhCT1FgHhoYBjYXC09RFklDX01gXgZXUg HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tonewithough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 193
date: Mon, 28 Nov 2022 04:37:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5MmPcUg-CaUpRIrUlEa65LKg2veB3o2nyWau10ueQcOsSk9gQwXjwg==
X-Firefox-Spdy: h2
ablesasmetotr.monster/utx?tid=961366&top=cutty.app&cb=zNncildk8ZT8
143.204.55.24204 No Content 0 B URL HTTP/2 ablesasmetotr.monster/utx?tid=961366&top=cutty.app&cb=zNncildk8ZT8
IP 143.204.55.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=961366&top=cutty.app&cb=zNncildk8ZT8 HTTP/1.1
Host: ablesasmetotr.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 04:37:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://cutty.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 28 Nov 2022 04:38:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X9Kuqy-8zNIhoRP4RfxleIkPNK_ZTmHWpwDv6FJ9RP3o1kX7c5GFvw==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/LVHZLWnE3GSU8TiAfL2dIYkZ+aUVyHDg1HyRLCh0wHjAnODgaORMoVyAML2dBchoqNBZpUC40EmlHbTsVNkt/fAUkGSBnHjgFICwEPBAlMVchF3Y3Hi4fJzYQcUQNb19kU3lqWSMfJT4eIwVuaEE6Am5oQWVGZWpUZzRuaEEjHyVsRXFFCX9DZA59blRnNG-5oQSYAbmkwZUZ+dEF9U3lqFjEVIDVUZjB5akBkRnpqQHFEezwYJhMtNQlxRA1rQWFYe3wEaUc
54.230.245.77200 OK 495 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/LVHZLWnE3GSU8TiAfL2dIYkZ+aUVyHDg1HyRLCh0wHjAnODgaORMoVyAML2dBchoqNBZpUC40EmlHbTsVNkt/fAUkGSBnHjgFICwEPBAlMVchF3Y3Hi4fJzYQcUQNb19kU3lqWSMfJT4eIwVuaEE6Am5oQWVGZWpUZzRuaEEjHyVsRXFFCX9DZA59blRnNG-5oQSYAbmkwZUZ+dEF9U3lqFjEVIDVUZjB5akBkRnpqQHFEezwYJhMtNQlxRA1rQWFYe3wEaUc
IP 54.230.245.77:0
File type ASCII text, with very long lines (684), with no line terminators
Hash 5c51a03f00a68439590c85ae18207f23
599f7bc631d5a291687ab56325cda87d7bee5bfd
15862ab8233946005386a35e9d7770cb1ac2b82f0ce681101dccc94a912e2f62
GET /LVHZLWnE3GSU8TiAfL2dIYkZ+aUVyHDg1HyRLCh0wHjAnODgaORMoVyAML2dBchoqNBZpUC40EmlHbTsVNkt/fAUkGSBnHjgFICwEPBAlMVchF3Y3Hi4fJzYQcUQNb19kU3lqWSMfJT4eIwVuaEE6Am5oQWVGZWpUZzRuaEEjHyVsRXFFCX9DZA59blRnNG-5oQSYAbmkwZUZ+dEF9U3lqFjEVIDVUZjB5akBkRnpqQHFEezwYJhMtNQlxRA1rQWFYe3wEaUc HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tonewithough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 495
date: Mon, 28 Nov 2022 04:37:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HFNHvsMZAS2Rte5L8gSt3lWmdqRoeijQWEXaIuRSRWUj83exf8NcVw==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zeGgGgk-0iY
IP 142.250.74.35:0
Hash 11d4c80f970b596480099d1fb5eb6a61
df8397aa1b4904d45a35a7c3534a96901d0a41d8
53affe8b2090e55691bd12e39f92ad622f52fc277ea250df5b033bfa0071cc84
POST /s/gts1p5/zeGgGgk-0iY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d192r5l88wrng7.cloudfront.net/3VWFjalM2Dg0MbCEIB1dqY1BUWmVzCxAFPSVcLAgDYAsaORVkOFIDYThHFxA3aFFFBjI7Bl5MNjsCXlt1NAUBV2dzFRMFOGgODxk4IxQLDD0+RxYLbjgOGQM/OQBGWBVgT1NPYWVJFAM9MQ4UGXZnUQ0edmdRUlp9ZURQKHZnURQDPWNVRlkRcFNTEmVhRF-AodmdRERx2ZiBSWmZ7UUpPYWUGBgk4OkRRLGFlUFNaYmVQRlhjMwgRDzU6GUZYFWRRVkRjcxReWw
54.230.245.77200 OK 556 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/3VWFjalM2Dg0MbCEIB1dqY1BUWmVzCxAFPSVcLAgDYAsaORVkOFIDYThHFxA3aFFFBjI7Bl5MNjsCXlt1NAUBV2dzFRMFOGgODxk4IxQLDD0+RxYLbjgOGQM/OQBGWBVgT1NPYWVJFAM9MQ4UGXZnUQ0edmdRUlp9ZURQKHZnURQDPWNVRlkRcFNTEmVhRF-AodmdRERx2ZiBSWmZ7UUpPYWUGBgk4OkRRLGFlUFNaYmVQRlhjMwgRDzU6GUZYFWRRVkRjcxReWw
IP 54.230.245.77:0
File type ASCII text, with very long lines (790), with no line terminators
Hash 3bada25e7c94a158c448ec40664e29e8
6edb6c41b73f0acbc8af5e5e2be5bf452c9fdcae
74b5f2aeffb3f1ec4b0ec2657ab279e5418a7b1bb625bab821ac81c71027cd4e
GET /3VWFjalM2Dg0MbCEIB1dqY1BUWmVzCxAFPSVcLAgDYAsaORVkOFIDYThHFxA3aFFFBjI7Bl5MNjsCXlt1NAUBV2dzFRMFOGgODxk4IxQLDD0+RxYLbjgOGQM/OQBGWBVgT1NPYWVJFAM9MQ4UGXZnUQ0edmdRUlp9ZURQKHZnURQDPWNVRlkRcFNTEmVhRF-AodmdRERx2ZiBSWmZ7UUpPYWUGBgk4OkRRLGFlUFNaYmVQRlhjMwgRDzU6GUZYFWRRVkRjcxReWw HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tonewithough.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 556
date: Mon, 28 Nov 2022 04:37:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TkL7-UmpTsP4MtHKLRLx6JD1X4q8T2tnlV9hSfHvtLHL0q4sa0rJfg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43dca8ebcf06bd09eb16b5516072ec48
84fe572e189c13383dc0a805a90c07de69c48ee6
be524e069364f1231ff9f6f8a5ca6ae8aa4353ba95fa7913c30c13ed008ab8fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE524E069364F1231FF9F6F8A5CA6AE8AA4353BA95FA7913C30C13ED008AB8FD"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10341
Expires: Mon, 28 Nov 2022 07:29:53 GMT
Date: Mon, 28 Nov 2022 04:37:32 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 72e278c32e6d5f06a97a7c36dfe35514
f5d9c5bb4a10ea9bfb7f829dcff2a3fc7298397e
fe9de8dbde2a414f1a4ff1b02b923be949c46ddfabc7e4324955e3de70c4916b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:37:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:52:21 GMT
Expires: Mon, 05 Dec 2022 00:52:20 GMT
Etag: "f5d9c5bb4a10ea9bfb7f829dcff2a3fc7298397e"
Cache-Control: max-age=590687,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771068acfef50b31-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 894
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 28 Nov 2022 04:37:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://cutty.app
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash f085e3a87e3a36a19720db3fa9f0cb73
0e780dd5abb45749565a31aab07dddcc02791534
8b2290349c0315bc9f630d9cf1db14e8db97b99602dc43d5032518aacf58f31a
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:37:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cutty.app
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fbf6f2d51ce94a4c8b9e6c2edf56de13; expires=Tue, 28 Nov 2023 04:37:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ksehinkitw.hair/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 390
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4721
Cache-Control: max-age=156972
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:13:44 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 178ffcc14403da7f777a91a61e3933bc
5a756f4357d8ec45e61fa5b4917853bd2380b835
0f783e0ae738f16b52f1ede3b0b6a128bd4ac752c98c71fc307211a8abf933ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 178ffcc14403da7f777a91a61e3933bc
5a756f4357d8ec45e61fa5b4917853bd2380b835
0f783e0ae738f16b52f1ede3b0b6a128bd4ac752c98c71fc307211a8abf933ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 112288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tonewithough.com/utx?cb=zp7UGgNLrn3l&top=cutty.app&tid=961706
54.230.111.116204 No Content 0 B URL HTTP/2 tonewithough.com/utx?cb=zp7UGgNLrn3l&top=cutty.app&tid=961706
IP 54.230.111.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=zp7UGgNLrn3l&top=cutty.app&tid=961706 HTTP/1.1
Host: tonewithough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 04:37:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://cutty.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 28 Nov 2022 04:38:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YTLw8Scigpg9X9hHI-5VgtqZ0cNvTtSHub0tU8XoLFAqHKiyNqQEkw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6da09bfac8d5c44728536880dad2574
3a8ba2233419dec6b2270dcd8248ff66a3685e40
f81b5cd287ace93ef5c9b4d80b9ab9c89e57c4a3a164757bf315356aa8f48edd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F81B5CD287ACE93EF5C9B4D80B9AB9C89E57C4A3A164757BF315356AA8F48EDD"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8517
Expires: Mon, 28 Nov 2022 06:59:29 GMT
Date: Mon, 28 Nov 2022 04:37:32 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 1079a2eb4e84c0c3f62df87de737e9f9
44fcacdcc87f8b0588677270780173ba05a249c1
6a3b4769d72074cfe97be1abeb66831876efb342d1f111684e219990f06f653c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:37:32 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1762565696%3A1669610252605841&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvaKlnhZv1HB0hzSRK19yHpTiSaTYEUDy106U-YozePcO1VcaYTvPPL-R3mahBv3uNEOsvJUA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-O2K5aqH6JwPYDo9h3nViOg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:MkIKNIzKsgjS2-q_cJbTEn8wTU_wEQ:SVGzC2RbX7gPnk2C;Path=/;Expires=Wed, 27-Nov-2024 04:37:32 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6da09bfac8d5c44728536880dad2574
3a8ba2233419dec6b2270dcd8248ff66a3685e40
f81b5cd287ace93ef5c9b4d80b9ab9c89e57c4a3a164757bf315356aa8f48edd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F81B5CD287ACE93EF5C9B4D80B9AB9C89E57C4A3A164757BF315356AA8F48EDD"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8517
Expires: Mon, 28 Nov 2022 06:59:29 GMT
Date: Mon, 28 Nov 2022 04:37:32 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 04:37:32 GMT
expires: Mon, 28 Nov 2022 04:37:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7202218826702708061
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash df8bb1bdfab93380c88ae201f26cd4f5
d4fcf1b88f4229e18f285172c6b54d24ea76ea12
f802fbc87dbea4757c923b2180434a2677afc9d1598d42fe028f8deb75cd63fb
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 04:37:32 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1290980921%3A1669610252645345&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtpQtqlcjjh8MOeQBwubpaYX8YHrfBvUQCN_qE0iNt1w9Z-_V53ninz56R4Z0T7ybKR0uJ76g
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-HbxcydVVLZm7ruZV81HF7w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:XarLmS2mV_8M0v4VuCgHNOjMhDIbgA:VgdmT9UBoAU6XVF9;Path=/;Expires=Wed, 27-Nov-2024 04:37:32 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4721
Cache-Control: max-age=156972
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:37:32 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:13:44 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
offfurreton.com/500/5180207?excludes=&oaid=fbf6f2d51ce94a4c8b9e6c2edf56de13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fcutty.app%2FTE7Ev&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 49 kB URL HTTP/2 offfurreton.com/500/5180207?excludes=&oaid=fbf6f2d51ce94a4c8b9e6c2edf56de13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fcutty.app%2FTE7Ev&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 6e20ec17b474cb7072ca02ee0caaafd3
b840577002aa007f3aeec5d6122cd343588df830
04d2e5d2443d287ec45fac927e809126ee2765cc12d73ab1a449f5d988741b14
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5180207?excludes=&oaid=fbf6f2d51ce94a4c8b9e6c2edf56de13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fcutty.app%2FTE7Ev&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:37:32 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://cutty.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP>m=2oeb90&_p=1671982891&cid=509206707.1669610252&ul=en-us&sr=1280x1024&_s=1&sid=1669610251&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FTE7Ev&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP>m=2oeb90&_p=1671982891&cid=509206707.1669610252&ul=en-us&sr=1280x1024&_s=1&sid=1669610251&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FTE7Ev&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GGDCMPL4QP>m=2oeb90&_p=1671982891&cid=509206707.1669610252&ul=en-us&sr=1280x1024&_s=1&sid=1669610251&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FTE7Ev&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cutty.app
date: Mon, 28 Nov 2022 04:37:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6da09bfac8d5c44728536880dad2574
3a8ba2233419dec6b2270dcd8248ff66a3685e40
f81b5cd287ace93ef5c9b4d80b9ab9c89e57c4a3a164757bf315356aa8f48edd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F81B5CD287ACE93EF5C9B4D80B9AB9C89E57C4A3A164757BF315356AA8F48EDD"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8517
Expires: Mon, 28 Nov 2022 06:59:29 GMT
Date: Mon, 28 Nov 2022 04:37:32 GMT
Connection: keep-alive
tonewithough.com/utx?cb=RlIIPIa39lXL&top=cutty.app&tid=960534
54.230.111.116204 No Content 0 B URL HTTP/2 tonewithough.com/utx?cb=RlIIPIa39lXL&top=cutty.app&tid=960534
IP 54.230.111.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=RlIIPIa39lXL&top=cutty.app&tid=960534 HTTP/1.1
Host: tonewithough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 04:37:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://cutty.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 28 Nov 2022 04:38:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: julTo88MRldpzhD8Wki5zoHGz_kOTQXB5L_Hj0ote9Azkcgy19vidg==
X-Firefox-Spdy: h2
offfurreton.com/500/5180207?excludes=&oaid=fbf6f2d51ce94a4c8b9e6c2edf56de13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fcutty.app%2FTE7Ev&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 3.7 kB URL HTTP/2 offfurreton.com/500/5180207?excludes=&oaid=fbf6f2d51ce94a4c8b9e6c2edf56de13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fcutty.app%2FTE7Ev&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 1e27ae8a37a80fc76e303bf7aa016d08
744097a2f581a8119a9240007b8933d361fd64cb
00730ed2c01d03ad786c65a6bf710b02b12e7f3abf12009e1f2d380eeedb8f05
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5180207?excludes=&oaid=fbf6f2d51ce94a4c8b9e6c2edf56de13&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fcutty.app%2FTE7Ev&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Cookie: OAID=6704984cb30942889a1b96a12d2ba8f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:37:32 GMT
content-type: application/javascript
x-trace-id: 0a70aaa41810b3c0790cbdd29c6bb38a
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://cutty.app
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=fbf6f2d51ce94a4c8b9e6c2edf56de13; expires=Tue, 28 Nov 2023 04:37:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 56 B IP 172.64.199.35:0
File type ASCII text, with no line terminators
Hash 0d62eb8690a6ae3eee2c947b37d9ce87
b69c4402e82d1a3e6fd42e6c43651dae719e3a52
1ec7d6db247c9bc9b498536d45c1ff096ddc72349b798eaeec9f22bf1fab618a
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:37:32 GMT
content-type: text/plain
set-cookie: csu=989528194341382@1@1669610252; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cutty.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kmHatX1%2BbSL2kEly9TnY1qkx1WlYxp3t2uWvhL%2BJ9Qp6PwFv4Ny18pvHV3aXWrtHkwSP9ixuMfRYdvQDlW4uXWAvx6iDqsXQ8vmRWyfimnRAccECNGAyTablHgni9V7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771068aefdbd76c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ksehinkitw.hair/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Content-Type: text/plain;charset=UTF-8
Origin: https://cutty.app
Content-Length: 356
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12457
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:37:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12457
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:37:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 577b69fd08ad8368ea5a94fe41476c1c
9442f111d329f721ddc55100cd246586d8204048
bdafc5068032dcf5e207cf2685a1b9350dbe8d990ba181520ff47889524532f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8517
x-amzn-requestid: 12456791-0e7f-45d7-97ae-d663c8fa841d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvHHLoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-54ed1ec101789247052c9ec8;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UzzTPZIBjoow9PK-oM9rfGh5HkrivyPDofbTXy-I-9e4_baQnyKVhQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:55:42 GMT
age: 81711
etag: "9442f111d329f721ddc55100cd246586d8204048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:18 GMT
age: 24675
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2YLb6Et3z5MS3x4qk32fUeOCzFeofTOiHbTH2dGaQbGe_e8yMedqqw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:11:10 GMT
age: 73583
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 23747
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 24384
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71251bd4e19aa0d2be6336e7366f15ff
5c8be4aa5190dc7ae89674a26945bfc9ff240175
fb15afbdd12ab04b3bb2785fb3ebf1f2d82f243b47f1b8c2c8788f7653f8059b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6003
x-amzn-requestid: 55485f7d-70d3-4f00-90fa-6384e53c990a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR79tEt8oAMF8vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f1-7b8a266209a1648724c5ca9d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3edUH9nvxAHeFtJk-vye1QpLXAgSYPo62odg3mPQwE-u-npXeDDdVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:28 GMT
age: 22865
etag: "5c8be4aa5190dc7ae89674a26945bfc9ff240175"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
offfurreton.com/400/5180207
139.45.197.237200 OK 0 B URL HTTP/2 offfurreton.com/400/5180207
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5180207 HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:37:31 GMT
content-type: application/javascript
x-trace-id: 8b6d10a3ec292e7b5d80ce5ab5f98aed
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=6704984cb30942889a1b96a12d2ba8f6; expires=Tue, 28 Nov 2023 04:37:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: p1a6wnre/3Kl5pj3h8ebzdov8Cgoce//tZsKImXQOjYVRwwHaHKdb6GEM3IrCavZ/xNooZYeLn89MFngjHZVWg==
date: Mon, 28 Nov 2022 04:37:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:37:32 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cutty.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2162
last-modified: Mon, 28 Nov 2022 04:01:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IH6A7tTb0dYSbQ9NA4uS3MMfMynTbFEvEbFItUdnevO91WxD3chuS%2B1xUWp5E2IyMZsbmGGi2hgPYoH1D8Q8QqCX1%2FJerZIEYxI03mtxKATSOgexCVXJvMD4vVcVnrTS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771068af1dcb76c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:37:32 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cutty.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2162
last-modified: Mon, 28 Nov 2022 04:01:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOMcKJLJAoPGTODr7%2FKcM0OaFqvSQPeHFFuJpqW0Vw%2FcpBHoXYqsFdkM9e9Y514Dzv9Ezjvl6SaZvBgJgrXlBWHrEeiWS46uPJZQxydGlFGhf7oz3s0SnDGMu%2FAv9uwU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771068af1dcc76c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ksehinkitw.hair/N0hydjdsaktABgR%2BRFQbFWpeVFNUfUpBBQErX0QHAC1fQgcPf18UAgR%2EX0cDVXkQFwEBcBdEBRVkUEEGUy5KRwdVZRdPBw5lRhRWBmVKEAABZUpCVVRwRBcCVn4RQRUbagEBFRtqGQVSXyEcHV5DP1weVl46UFoVBnhcQxUbLhMaRFJkFBdbRC1eEFZbOxcr
54.162.51.18200 OK 0 B URL HTTP/2 ksehinkitw.hair/N0hydjdsaktABgR%2BRFQbFWpeVFNUfUpBBQErX0QHAC1fQgcPf18UAgR%2EX0cDVXkQFwEBcBdEBRVkUEEGUy5KRwdVZRdPBw5lRhRWBmVKEAABZUpCVVRwRBcCVn4RQRUbagEBFRtqGQVSXyEcHV5DP1weVl46UFoVBnhcQxUbLhMaRFJkFBdbRC1eEFZbOxcr
IP 54.162.51.18:0
GET /N0hydjdsaktABgR%2BRFQbFWpeVFNUfUpBBQErX0QHAC1fQgcPf18UAgR%2EX0cDVXkQFwEBcBdEBRVkUEEGUy5KRwdVZRdPBw5lRhRWBmVKEAABZUpCVVRwRBcCVn4RQRUbagEBFRtqGQVSXyEcHV5DP1weVl46UFoVBnhcQxUbLhMaRFJkFBdbRC1eEFZbOxcr HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 30768f50e67d7bfe009ed20b2fee4d21=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-MAxPEp0B0fJdPXEQUAPJu/P96D4"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cutty.app/TE7Ev
172.67.155.174200 OK 0 B IP 172.67.155.174:0
GET /TE7Ev HTTP/1.1
Host: cutty.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:37:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: -1
x-frame-options: SAMEORIGIN, SAMEORIGIN
set-cookie: XSRF-TOKEN=eyJpdiI6IkNidDg1WVE3bUxSNmV0bDhzclhqM3c9PSIsInZhbHVlIjoiMUJ1WXN3bUpVZDJIK2ZFc3BSdkRYbXpKWTVlNlF1WlE4OWc3Q0trcllKdlBwYW5QYUxTZkUvMFpvMUVXdC81d096eEdiK0tBVXlkenAycUNzYjBaYjRpc1FXWS9zbjF3aUhlLzBhcUlTcDMxR3VYT1ViRTNnK2Q3anVydFh6VXMiLCJtYWMiOiI2Y2IyMmNiNmVlODg3NDUxNjI2MmI1OTkyZDJkNjJjYjliMWRjYTgzY2RjNWE5MTYxODYyZThjNjc5YTgwZWMyIiwidGFnIjoiIn0%3D; expires=Mon, 05 Dec 2022 04:37:31 GMT; Max-Age=604800; path=/; samesite=lax
cuty_session=eyJpdiI6Ilc4SWo2OTBzSDg4d2JaK0VlVHVHaXc9PSIsInZhbHVlIjoiWU1mSVZBNnZESXVSTHl2NmlpMENuOTA4TUVuWFZvNzRYQnJRbWNVbUx6cUlkaUpDUGQrKy94VFFQR202NWRUckpTNTVZaE9BWVVpZlZzMzZ2T0gxZGFKUGxYZmp5YXRWY2UxL2IwOGoyQnZhbUxoSDByU0NoVkZPQTlmS09jbHIiLCJtYWMiOiIxNmRkYmNkODFhYTM3NmM3YmRmNjBlZTAyNzc1NTgxZDUzNDQzOTdhOGI3MzIwZDkyODk0ZTYyZTFmMGRjNzJiIiwidGFnIjoiIn0%3D; expires=Mon, 05 Dec 2022 04:37:31 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Bm901%2Bo9QNBNyzZPQDIXPgkcUsaGUv8ULVYcQHJYDsoY1n7rN%2FbriCQykjzomwCC9gP70Yi3crUztTlPhv9runmzwc5lRKMzpYqRZHGUjZttpCn7RGvCZa0U5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771068a4885fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuty.io/images/shared/logo.svg
104.26.4.236200 OK 0 B URL HTTP/2 cuty.io/images/shared/logo.svg
IP 104.26.4.236:0
GET /images/shared/logo.svg HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:37:31 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Jul 2022 10:06:16 GMT
vary: Accept-Encoding
etag: W/"62cfea98-175a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV9lj2DyDJNxNIHfJC4IgSqcS2PPMOesMubAyZJ7USGoYtDl6kTjI64tvGKSG9BOaus%2FdcpTBays%2F1Q60Z7%2Bqbi99ejVMTlHg%2Fynpc%2BQ2iRCKGbfOU2DNvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771068a89aaab50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
IP 142.250.74.10:0
GET /css2?family=Inter:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 04:37:31 GMT
date: Mon, 28 Nov 2022 04:37:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ksehinkitw.hair/SHVGTDMzVzU7bD0HKm4Jah0yOEM7T2ljUD0BMjUdKQU2Y0A%2FWyw%2FEWRXNSFVak93YBE7GDBuCWpBaH8RZFcyLVQXHCJuCWpMcH0AfkNkYBE7ACQTWixHZHYRLBZzdAR6QyVhAXhCI2EHeE1xYVF9RnFhAnwXdy5SfkN%2BKQF6Vzs
54.162.51.18502 Bad Gateway 0 B URL HTTP/2 ksehinkitw.hair/SHVGTDMzVzU7bD0HKm4Jah0yOEM7T2ljUD0BMjUdKQU2Y0A%2FWyw%2FEWRXNSFVak93YBE7GDBuCWpBaH8RZFcyLVQXHCJuCWpMcH0AfkNkYBE7ACQTWixHZHYRLBZzdAR6QyVhAXhCI2EHeE1xYVF9RnFhAnwXdy5SfkN%2BKQF6Vzs
IP 54.162.51.18:0
GET /SHVGTDMzVzU7bD0HKm4Jah0yOEM7T2ljUD0BMjUdKQU2Y0A%2FWyw%2FEWRXNSFVak93YBE7GDBuCWpBaH8RZFcyLVQXHCJuCWpMcH0AfkNkYBE7ACQTWixHZHYRLBZzdAR6QyVhAXhCI2EHeE1xYVF9RnFhAnwXdy5SfkN%2BKQF6Vzs HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: c9ef7e146f2a1e9d84c88f73b0c5a118=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2