Report - cutpaid.com/WFFssOmR

Report Overview

Submitted URL
cutpaid.com/WFFssOmR
IP
172.67.183.8
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-24 06:55:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cutpaid.com	390939	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	776 B	1.6 kB	104.21.48.87
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	1.2 kB	142.250.74.164
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	404 B	3.66.118.16
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.225
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.164.68.6
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.4 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.27.12.161
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	966 B	172.64.132.22
banquetunarmedgrater.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	327 B	192.243.59.20
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	8.9 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
i.imgur.com	5110	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	7.6 kB	151.101.84.193
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	66 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	932 B	64 kB	142.250.74.163
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.6 kB	23.36.77.32
refutationtiptoe.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	22 kB	173.233.137.60
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
cdn.sb4you1.com	22321	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	128 kB	172.64.200.2
cdn.yourwebbars.com	62037	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	448 B	1.3 kB	172.67.74.218
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
plungebriefinggladly.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	22 kB	192.243.59.13
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	108.138.212.113
s10.histats.com	15211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	713 B	10 kB	46.105.201.240
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	24 kB	172.64.163.10
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	746 B	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-24	medium	refutationtiptoe.com	Sinkholed
2022-09-24	medium	refutationtiptoe.com	Sinkholed
2022-09-24	medium	banquetunarmedgrater.com	Sinkholed
2022-09-24	medium	refutationtiptoe.com	Sinkholed
2022-09-24	medium	refutationtiptoe.com	Sinkholed
2022-09-24	medium	refutationtiptoe.com	Sinkholed
2022-09-24	medium	unseenreport.com	Sinkholed
2022-09-24	medium	unseenreport.com	Sinkholed
2022-09-24	medium	refutationtiptoe.com	Sinkholed
2022-09-24	medium	refutationtiptoe.com	Sinkholed

JavaScript (23)

	URL	Size	First Seen	Last Seen
	http:blank	992 B	2023-03-08	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-10 14:44:23 Times Seen1 Hash f4e38b9ffb8b0b36ed3c66b5fe8ea01e 2390fa696bd6feaff03348f488c96ad49143720d 5baf61e95629556dccc5a40b6a3fd80569ab7ca8ce25311d68a428f2d2e38d57 Loading...

	cutpaid.com/js/ads.js	106 B	2023-03-08	2024-04-14
Pretty URL cutpaid.com/js/ads.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2024-04-14 20:13:59 Times Seen141 Hash 31129bbaf6802ed0bdd11a024afe7646 22ea0726f15adb8b677d9b4b829b39ce61da1bfc 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee Loading...

	www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js	398 kB	2023-03-07	2023-03-10
Pretty URL www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:10 Last Seen2023-03-10 14:27:44 Times Seen1 Hash dff1edaf9fa8e0138b7342527bb2fdaf 9c1d9e6f3a8785ffdd088f57e3e8803dd2c459b0 23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9 Loading...

	s10.histats.com/counters/cc_1034.js	15 kB	2023-03-08	2023-03-29
Pretty URL s10.histats.com/counters/cc_1034.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-29 22:06:36 Times Seen2 Hash be2f730a5e9bbc68ecf7b4713c3bcb88 733a7e632e3e4a3668c3db143fcba8c864884496 6d7d4e25d21c283ccd3c684718d06a4447b90715bea27c8a4edcac43ce5478b7 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn	178 B	2023-03-08	2023-03-13
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-13 11:11:28 Times Seen1 Hash 953c44590dd6578cf99f2c143726375c 409dfc36febce032d3d993458d6870d252ea48ba c8b8efcec5fb775ee88c788a901aab41e823c65f9deecf951eb1951eee9b60a7 Loading...

	plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js	60 kB	2023-03-08	2023-03-08
Pretty URL plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-08 00:18:15 Times Seen1 Hash e8167c007c43af4c889229fedf9bc44b a49fba315bcb47c1bc9ba487dce305dc906e4dcd 6e9b3535376ee4520d45b93f6df2a837ae590dfbaca63310aa490ae84c7e1888 Loading...

	cutpaid.com/WFFssOmR	1.1 kB	2023-03-08	2023-03-29
Pretty URL cutpaid.com/WFFssOmR IP 104.21.48.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-29 22:06:36 Times Seen2 Hash 9014ee790fb4b15456c9f711ad186d2e 9409e7b0ccc8734d2226e1dbe7c9b23d4793c569 4a9894232c93199d2aab52da87938b076059c98fd6608f6aec504471e3f6fa36 Loading...

	cutpaid.com/WFFssOmR	430 B	2023-03-08	2023-03-29
Pretty URL cutpaid.com/WFFssOmR IP 104.21.48.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-29 22:06:36 Times Seen2 Hash 7aac5e52fb7e633aae0abac80855c601 b4ee61c866f96767a0aad5f79c2e49243bc484e6 475c9f963a66047bf142844906892a05f35c847099cc18935477a8545f83eb13 Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-04-19
Pretty URL banquetunarmedgrater.com/advertisers.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 08:38:44 Times Seen36954881 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664002511634&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:49420195&@b3:1664002512&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FWFFssOmR&@w	51 B	2023-03-08	2023-03-08
Pretty URL s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664002511634&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:49420195&@b3:1664002512&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FWFFssOmR&@w IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-08 00:18:15 Times Seen1 Hash 63c1054c180cf55823bc24919dc5063f 0852d412db188f50b101243da60cac07d16e3214 9e3978a25426c27df052598dd698a08591359792dc6d017e29eda498cbdae783 Loading...

	cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js IP 172.64.200.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2024-04-18 23:52:11 Times Seen3671 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	918 B	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-08 03:37:12 Times Seen1 Hash 5cdb0ef43eccb4276e954846b9138239 3b8a1dcceecff5afd982db7eadf9869adf08916c a41095090d8b65d17e80eb1bae035f75a4cdab62d8bd28df707d6230e21fbc18 Loading...

	refutationtiptoe.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js	37 kB	2023-03-08	2023-03-08
Pretty URL refutationtiptoe.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-08 00:18:15 Times Seen1 Hash 1b004986e48078ca4bbf534ec7c533c1 87938895830159b95688c75209daf1c668dfcadb 84e2b74c8a726ba9ed42ae299a5082655a1d9585aeb12535aba1f43189358701 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=hbx1ttsozdcu	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=hbx1ttsozdcu IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 06:43:24 Times Seen99036 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	cutpaid.com/modern_theme/build/js/script.min.js?ver=5.3.0	200 kB	2023-03-08	2023-11-20
Pretty URL cutpaid.com/modern_theme/build/js/script.min.js?ver=5.3.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-11-20 06:15:32 Times Seen16 Hash 600ef0f9468f01f5abdedae5521cb01a 238cec6955608cbeb8b709ae7aa19d1e05d560ac 62eb8c55e05f53ef96a7daaec19f0b9bf2beee9846b83368ac423fb3297d80b4 Loading...

	cutpaid.com/WFFssOmR	102 B	2023-03-07	2024-04-14
Pretty URL cutpaid.com/WFFssOmR IP 104.21.48.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:22 Last Seen2024-04-14 20:13:58 Times Seen58 Hash ea63ff4f4742b4aa558f8960f24321fc 11326481f53e4c7c546ea8a3b6c8c6c9d5f3173f 7fc5a11cbe7f9e9815748889cea6101fb2a2184232db2e6843d57bb0d6bf4bae Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=hbx1ttsozdcu	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=normal&cb=hbx1ttsozdcu IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-08 00:18:15 Times Seen1 Hash 4036bae361e793761b39f0d26269fe83 04c562faaf6d547f91d26aa0072a02faa1f0ed47 4d67f5c4801341045191f44a1e60e8b0981f4bbebf3da303ab6d96904c540fad Loading...

		Size	First Seen	Last Seen
	#1 Eval - 71077ba8592b58dfa671fe082bae0ffc	17 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-08 00:18:15 Times Seen1 Hash 71077ba8592b58dfa671fe082bae0ffc 2ba6b1cab71208fb6515ef58562abbca72975f69 c03c2277a9da551eee11afce3607095a4a7e4bf2c81fafc75bdb96c6f58e1a57 Loading...

	#2 Eval - 4b43d7324b0d3b9985411cf3260d0a73	16 kB	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:41:31 Last Seen2023-03-08 03:44:53 Times Seen1 Hash 4b43d7324b0d3b9985411cf3260d0a73 69d079796bb0e85a49ad6c3bd60d53c3fd9fcbf7 7ceb9810d2ccde1547fba065a4045b36208fc9ab6f3ca2abf6e28621d8563846 Loading...

	#3 Eval - 514567da609c4ad3f2ff52579625f413	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:41:31 Last Seen2023-03-08 03:44:53 Times Seen1 Hash 514567da609c4ad3f2ff52579625f413 343875469acf7aba7d0765a9dbed8e8ea63d28a5 158f12d6b67ec8efa28f076c053195594a92f4a46ebc58fb0895936ac92e1d4c Loading...

	#4 Eval - 6d0409b3e316325a47c8777f9b4e0580	64 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:41:31 Last Seen2023-03-08 03:44:53 Times Seen1 Hash 6d0409b3e316325a47c8777f9b4e0580 8c72d1c3f959c351604ba5483d3221d4e7c7ba78 4adca75c393d14c78eeb18bfe0dabc9ac5f6d620f429b8e7c711797ba24161b5 Loading...

	#5 Eval - 46642965c67759f1fab8ed6ed597ccfb	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:41:31 Last Seen2023-03-08 03:44:53 Times Seen1 Hash 46642965c67759f1fab8ed6ed597ccfb b19aa9d0addb93cb01bd00b7939bf212cb1f66ad 8c03b884e2038510be64d5cd7ec74ce7c74e0e7e72fe9865e4920300e0f50c9c Loading...

HTTP Transactions (70)

URL IP Response Size

cutpaid.com/WFFssOmR

104.21.48.87

301 Moved Permanently

0 B

URL HTTP/1.1
cutpaid.com/WFFssOmR
IP
104.21.48.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WFFssOmR HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Sep 2022 06:55:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 24 Sep 2022 07:55:10 GMT
Location: https://cutpaid.com/WFFssOmR
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuvaDGW%2BSkH4iII5C4JdzjZhFj%2BiezOI4OmPFq5ys20LU7lTvp7ZkgEcRkslxbZAXiqZ78Buqkc8vks%2Bi6nzCG%2BpV3va9zZTOjegg%2BwUFE1K43aI%2FHrtwiorUNMaGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f99cea1aafb505-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

18.164.68.6

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.164.68.6:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 06:05:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f138cee49761f5f7e3b88ec7b66614ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: Zv3ls4w8xmoU3eh2g1Uq6Lmeo3MFaC18mMPzauSkXz54e-voOLVZfw==
Age: 2975

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3588
Expires: Sat, 24 Sep 2022 07:54:58 GMT
Date: Sat, 24 Sep 2022 06:55:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8955
Expires: Sat, 24 Sep 2022 09:24:25 GMT
Date: Sat, 24 Sep 2022 06:55:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uQ1MqrjZgh5u8OoF1L1wYU9B7rcQ6Rw5loM8zoxDeyFr75uSiMHOLcLZfTpktmq9zaa1n/AbDrk=
x-amz-request-id: 5GBK3DWFADVM893V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Sep 2022 06:47:25 GMT
age: 465
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 06:55:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

i.imgur.com/4nDF4PP.png

151.101.84.193

200 OK

7.0 kB

URL HTTP/2
i.imgur.com/4nDF4PP.png
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
PNG image data, 250 x 72, 8-bit/color RGB, non-interlaced\012- data
Size
7.0 kB (6966 bytes)
Hash
cb7480a0a433fd916168ba91ae24e8e8
f49c10d3ac373780ba6ede61e67909cb45c2403d
d3fbcdbb65aec7adf8d368f0540eb7abf08e83cf8d42742003df35abba13c75e

HTTP Headers

GET /4nDF4PP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Oct 2018 03:18:48 GMT
etag: "cb7480a0a433fd916168ba91ae24e8e8"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 24 Sep 2022 06:55:11 GMT
age: 2212136
x-served-by: cache-iad-kjyo7100044-IAD, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664002511.083453,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6966
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4de431d1f0b2fb15b71b607b17be7d3d
60f7beb2f1cf28d72cb159ca92a20cfb9105b493
a19c5c057f664ba912b3b7d03f9491cc81336b9e836158b795fd18a1ff1a654f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.164

200 OK

582 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (918), with no line terminators
Size
582 B (582 bytes)
Hash
a95f9ce15802d35208e90ea5ec44bc6b
ead07a1c08854e335dfbaa79880a5f595aa7fab0
58caaaa776a7d2503f90633534bb737e575fc015255898823aec137cbe74c65f

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sat, 24 Sep 2022 06:55:11 GMT
date: Sat, 24 Sep 2022 06:55:11 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

61 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
61 kB (61188 bytes)
Hash
f6e0aec9bcde71f26a6175fc809ff4c2
0ad37c581e2ce698584e999a90a89e7c0f9366e1
475662bfc9d933a008d248dfad764f1027bbd5723d2801777777727c71d7a65e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

535 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
535 B (535 bytes)
Hash
7dd9667cc4acd07d455b801e392dca45
2d5e7b2aefc55a5ef1056f4fddf057f7fc22a9ff
c5faf18996ae2a9727649caf703370cb9cf6b0a1122050edddcddc811621def7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 137693
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Size
31 kB (31196 bytes)
Hash
ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

HTTP Headers

GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:19:56 GMT
expires: Fri, 22 Sep 2023 06:19:56 GMT
cache-control: public, max-age=31536000
age: 174915
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.164.68.6

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.164.68.6:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 24 Sep 2022 06:20:50 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 24 Sep 2022 06:37:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: LrXfuem6jIXSYkSKa1sv6PVe9EjqBrVK5l9zM1Af6YJt5biSTHrtBA==
Age: 2065

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5230
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:11 GMT
Last-Modified: Sat, 24 Sep 2022 05:28:01 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c509ce680a269c5a854745a5cfcf427b
6e09debdc0f83baee982646bbc92c507ac6811cd
725abcd4ccf0c60b2cd289bae9f33a134f66b518ef3151059aa453db1fa01cda

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "725ABCD4CCF0C60B2CD289BAE9F33A134F66B518EF3151059AA453DB1FA01CDA"
Last-Modified: Fri, 23 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8618
Expires: Sat, 24 Sep 2022 09:18:49 GMT
Date: Sat, 24 Sep 2022 06:55:11 GMT
Connection: keep-alive

plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js

192.243.59.13

200 OK

21 kB

URL HTTP/1.1
plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59805)
Size
21 kB (20594 bytes)
Hash
e94c7bc4ce9472b24f933b6f10cf80c6
12808bdb26ba2bbfdc3d576a58a6ffdc244f63f4
fbf3794e4533def9a4eb39919c938df46df34ca414c75e92f61055eea7d63d54

HTTP Headers

GET /7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js HTTP/1.1
Host: plungebriefinggladly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 24 Sep 2022 06:55:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd-28118_1=0; expires=Sun, 02 Oct 2022 06:55:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 42c11f9a25199776eda59e759c419073
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

push.services.mozilla.com/

52.27.12.161

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.27.12.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ad9JHl6s1ylFHRIOTgLVrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JGSs/uujODiplkLowFaauEDcVAg=

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
13e24f9bf04d6d50a8c2ac7d0e45be55
3ca87e41be3d7f907715ca6f7f8d43cd007bb481
711e7a95012b4c71d8500e0f51be4a3332495c7d29438a813d7cfc30269dc2c1

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "711E7A95012B4C71D8500E0F51BE4A3332495C7D29438A813D7CFC30269DC2C1"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4818
Expires: Sat, 24 Sep 2022 08:15:29 GMT
Date: Sat, 24 Sep 2022 06:55:11 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

108.138.212.113

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
108.138.212.113:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b912b648b93421767076bd6436ae2a36
0fc695b3079e70d1d7cf4fa415d4bd00e4350f9d
be7e29208c3efbb0f655fcf49ce1c51889aa4d4af8722f96e17abdc88eca9735

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 06:55:12 GMT
Last-Modified: Sat, 24 Sep 2022 05:19:52 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 1805675a91c76d0a1c9369e53bd5c006.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: QJf2zqbKC-I-8GxG-xIcC4WCiCZaO3MUmYGJWWMtDpeYHZPDKSrhzw==
Age: 5721

simplewebanalysis.com/stats

3.66.118.16

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.66.118.16:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ebfb0d25fc813ec7e44a6523b26db7c6
22b574847d369cb2398f401e465e2ef8dabe700d
d4875196bddf215f4870b7c5f02200e7bd074e21b0b6952d61b8e60e82717b4f

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cutpaid.com
access-control-allow-credentials: true
set-cookie: uid_id2=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3:1:1; expires=Tue, 21 Sep 2032 06:55:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
13e24f9bf04d6d50a8c2ac7d0e45be55
3ca87e41be3d7f907715ca6f7f8d43cd007bb481
711e7a95012b4c71d8500e0f51be4a3332495c7d29438a813d7cfc30269dc2c1

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "711E7A95012B4C71D8500E0F51BE4A3332495C7D29438A813D7CFC30269DC2C1"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4817
Expires: Sat, 24 Sep 2022 08:15:29 GMT
Date: Sat, 24 Sep 2022 06:55:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1bc353a42617a3d27058f7581ae80d2e
a4d126aa03ca34802f777a7ceed4d8d00eaa608f
e533908710e9cd23d8e0d271845124d28df89700b281fa5bbcf8b834e60f78de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533908710E9CD23D8E0D271845124D28DF89700B281FA5BBCF8B834E60F78DE"
Last-Modified: Wed, 21 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=31
Expires: Sat, 24 Sep 2022 06:55:43 GMT
Date: Sat, 24 Sep 2022 06:55:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1bc353a42617a3d27058f7581ae80d2e
a4d126aa03ca34802f777a7ceed4d8d00eaa608f
e533908710e9cd23d8e0d271845124d28df89700b281fa5bbcf8b834e60f78de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533908710E9CD23D8E0D271845124D28DF89700B281FA5BBCF8B834E60F78DE"
Last-Modified: Wed, 21 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=31
Expires: Sat, 24 Sep 2022 06:55:43 GMT
Date: Sat, 24 Sep 2022 06:55:12 GMT
Connection: keep-alive

refutationtiptoe.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js

173.233.137.60

200 OK

13 kB

URL HTTP/1.1
refutationtiptoe.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37122), with no line terminators
Size
13 kB (13402 bytes)
Hash
d2400cbed6997d969e52ee1e91a1769b
68b25777d3c59e0b3274538a3459eff5e4fe44b8
5db473bbc7ac4e63d70e49987bf70ee77853c071514407de2bc875a0c178c24b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 24 Sep 2022 06:55:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60e336b1df47ad21f3077c507eaab98d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

refutationtiptoe.com/pixel/purst?dl=0&th=0&sc=0&rs=1578&rd=1578&fd=960&bv=22.9.v.1&tmpl=70

173.233.137.60

200 OK

0 B

URL HTTP/1.1
refutationtiptoe.com/pixel/purst?dl=0&th=0&sc=0&rs=1578&rd=1578&fd=960&bv=22.9.v.1&tmpl=70
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1578&rd=1578&fd=960&bv=22.9.v.1&tmpl=70 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 24 Sep 2022 06:55:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f038194067eb0a255d9b9a1a70503e3b
63f77e7ab6971b42bc28dc3aed1a783bc2993efe
299e978fbedd998983ca109f8f7998bce61d822803925aefa78e91d7d9987f73

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "299E978FBEDD998983CA109F8F7998BCE61D822803925AEFA78E91D7D9987F73"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8683
Expires: Sat, 24 Sep 2022 09:19:55 GMT
Date: Sat, 24 Sep 2022 06:55:12 GMT
Connection: keep-alive

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:46:05 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 564363653
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

1.3 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
1.3 kB (1266 bytes)
Hash
b2371fc5c1129bfff9e2d64e43a4a88f
f9b51a0e34f89bfb45d3f0e72856cfab8075d673
2f8f880be762b50be4b3d7563089c054603aad015dd0bbdde161f7466b02213c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4900
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:12 GMT
Last-Modified: Sat, 24 Sep 2022 05:33:33 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
def05e4dd1dfd7f8918c86fb175b9e69
956c76ce7f9c09883875599bc4ca4df8b53b15a7
c3a7eb3689bdfb063d216eaae9bc593e55eb82a924b2fcd01fea9d2ab2c79e0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3A7EB3689BDFB063D216EAAE9BC593E55EB82A924B2FCD01FEA9D2AB2C79E0D"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4965
Expires: Sat, 24 Sep 2022 08:17:57 GMT
Date: Sat, 24 Sep 2022 06:55:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2338e1414e4604bf10cc4f355202987d
ca3965bc38ed1526f1b06e5aa287fcdecfda2c63
7cf0b01024337e5635a47070b6aecd0dcf6867c9fc247c6fb93a0aeeb364ab63

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4900
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:12 GMT
Last-Modified: Sat, 24 Sep 2022 05:33:33 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

banquetunarmedgrater.com/advertisers.js

192.243.59.20

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 06:55:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a25c5ebaf0f51304f4a9ed3ac9753e07
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18422
Expires: Sat, 24 Sep 2022 12:02:15 GMT
Date: Sat, 24 Sep 2022 06:55:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6386 bytes)
Hash
d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 32557
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 32297
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 9755
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9935 bytes)
Hash
55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 32483
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8907 bytes)
Hash
f727cc665bfa383779422949037a83a7
24d4dcad1590e79e89a1ffe343bd7fe616528c5a
72dc66286d9ea7b71b6c9a116ff69380a97253c73f1ba2a5b3da34790e321e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8907
x-amzn-requestid: 974b20af-4775-45bd-9e3f-55e5aa363c2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQRGPtIAMFZCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2734-18aebf577efb8aaa0182aeed;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ANAYROIRBWe_Y5TxqYp9IDnqnuOHQGjvyj1K8Z85m7C9DGCXXuQ-Cw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 32844
etag: "24d4dcad1590e79e89a1ffe343bd7fe616528c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:08 GMT
age: 32165
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

172.64.163.10

200 OK

23 kB

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.163.10:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
23 kB (23135 bytes)
Hash
89f369fa39b77c55ae3cce5e6427d552
f16770b3a1f4440f3a1ddcba5a53f9da2b7e67c3
693517d5d07785053a345f8b62da5a2898d81dc6cc7538812b83ee1c5c34462b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 808251a6133c7652b3448428698207aa
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 24 Sep 2022 06:55:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2MEHIczBWkulKYa2g5Oaqib9%2Bc5uH0MccIMr0W0Hr9ygPyywHqoNtxoHj131XUXdG5g7e6N7e%2Fr9UUtlOQLLfzm1whzKdwkbINmCI2TpqnnjebPU7t%2BtV4kELkbND4FhR9evMI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99cf83b4771ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

refutationtiptoe.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3%3A1%3A1

173.233.137.60

200 OK

3.2 kB

URL HTTP/1.1
refutationtiptoe.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3%3A1%3A1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5634), with no line terminators
Size
3.2 kB (3249 bytes)
Hash
da32de8f5cbdca148d14d0af70457854
591e54d5b444aa488167d3a34696fc2cd7b1d60f
cc06aeb05f3cfd51ea68f647423c12539b54c982ef07719cdfb54ff8b1611c62

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3%3A1%3A1 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 24 Sep 2022 06:55:13 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutpaid.com
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16650200; expires=Sun, 25 Sep 2022 06:55:13 GMT; secure; SameSite=None
uid_id2=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3:1:1; expires=Sat, 01 Oct 2022 06:55:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 25 Sep 2022 06:55:13 GMT; secure; SameSite=None
uncs=1; expires=Sun, 25 Sep 2022 06:55:13 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 25 Sep 2022 06:55:13 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 25 Sep 2022 06:55:13 GMT; secure; SameSite=None
slec01ffd36dfbce3d569baf8d846cd7bc65=[3364901]; expires=Sat, 24 Sep 2022 06:55:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e07cb5caf2d889040d24b7fab31e42e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

s10.histats.com/counters/cc_1034.js

46.105.201.240

200 OK

5.5 kB

URL HTTP/2
s10.histats.com/counters/cc_1034.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (15333), with no line terminators
Size
5.5 kB (5479 bytes)
Hash
ce205bf9427d1fc8a6d26329c3811f67
807840d7c9174fcab11a9d4520538a19d8effadc
b167e0e8b5c1c0d7d4ef6b1050cba84e150e0aa62f9bdc128fc5c68fca8473ed

HTTP Headers

GET /counters/cc_1034.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:49:55 GMT
etag: "-241208617"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 528745643
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5479
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
de246bb9ff0bac26a711009a3804d43c
5cc1da24eb19af3aae3551ecd71094219cc575ce
87237e5dc0460bb46019bc570c73fc30e6a76daa758573ee6914feef4abe60b6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2561
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 06:55:13 GMT
Last-Modified: Sat, 24 Sep 2022 06:12:32 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

refutationtiptoe.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSTW8bVRfH77RZPNKzQEXdgATyAiSQGmfGY49tuqgIISgifVELoju4b%2BNccmfu6N4Zj5NVRFXUpfkGk7%2BTRikFgcQOUSGnUhdZxWzIgnwHBGKFELIbYTjS1Tnn%2Fs%2Fid14%2B3y3OiI%2BCnq5cN9tKa7rUqvu1N%2B4GwdXaukqLQW3QiT6Omldrtv9WN6r7b9bek3zTLDX8wPcDP6itKitjM1iailDZ425Q7%2Fr1ZqMetJoY2P%2FmrvDgqAfRPyMvQonJwlPvMhQfI02%2BWZFuMzfZlXeTQtPcWPTFwYfpZmrKFMk8jK2HOD04r4ZxJ6tPYNL9GS5M%2F59CpibEe%2FYELD04hwTr7804mYZMwcT%2FUfbHkHoMRcfg5h6UOCEAF7hxE2ny8IaxJd16rtKpOiELf%2FwGVU7Iwi%2BXkSZfL2s1qN0xusiVSR0GcQU1GEP1xsiKI%2BTbF6DKI%2FD8MyhBkCYVlDh9LeC0IdpNuRi1WGOxGdNgscu67cWAtUTst0IeinA2GKXGUPEYWg5BnYdi%2BpSHIvZQZB4ScVrjQRC0fcGp3%2BlyHoq2ZJHwA9qOAxr4UQcFn7IPkWdDcD0EtzvI7A421RC2%2BBFuo4ITHlxO0BcVSklQOoKSEpSKoMwJyn61L7RruOqh0K5gwblvnPuwGpm8t0v3Td6TKdnNzsil2cD%2BeuFnbMrTmh%2FEsQgjETMuQ9GKuozGHdFpRly0GY9acKqCchdmbW5Pl%2FfVFWRqQsj3v4PRIzh9BK4ugRavgJajdsMH3Rg1Oz6200d5IqlN69wkEKZCli8g3%2FJ29Rl5aUYR3n0dkh9f%2B4Rdn%2Fx6%2BCe4rZDZCp%2BqpwQ9%2FWB025Rk77YpHfn2ZparRG3T6Urv5DSXFx%2B9L7dKY8Xaihsevs2nwjR8%2FIF0%2BTpNhUp7jny5rISQdtVYLskPa%2B4jyW4VbmO5sGmRrd96Z3Utyax0Tpl0DDpt7NkxuJqQ%2F323P7vWl%2B%2Ffh7Jj2KJCUhyTc4MyR%2BDZDlw253fmIqye17DMQ1lUI9tg80%2BtCLSc55RVcP%2FK2TzedQ%2FQs6%2BC5vdmR9q3Ffq6AtVDuOLiKM%2Fs8bWfwpmBaW%2FEtPX2mLb6i%2BfDdeq01g5Dn0bdVtBuU9lmzUYnjgJBaaMZNaKIhsjdhNcPT%2F4GAAD%2F%2FwEAAP%2F%2FADsj43gEAAA%3D

173.233.137.60

200 OK

7 B

URL HTTP/1.1
refutationtiptoe.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSTW8bVRfH77RZPNKzQEXdgATyAiSQGmfGY49tuqgIISgifVELoju4b%2BNccmfu6N4Zj5NVRFXUpfkGk7%2BTRikFgcQOUSGnUhdZxWzIgnwHBGKFELIbYTjS1Tnn%2Fs%2Fid14%2B3y3OiI%2BCnq5cN9tKa7rUqvu1N%2B4GwdXaukqLQW3QiT6Omldrtv9WN6r7b9bek3zTLDX8wPcDP6itKitjM1iailDZ425Q7%2Fr1ZqMetJoY2P%2FmrvDgqAfRPyMvQonJwlPvMhQfI02%2BWZFuMzfZlXeTQtPcWPTFwYfpZmrKFMk8jK2HOD04r4ZxJ6tPYNL9GS5M%2F59CpibEe%2FYELD04hwTr7804mYZMwcT%2FUfbHkHoMRcfg5h6UOCEAF7hxE2ny8IaxJd16rtKpOiELf%2FwGVU7Iwi%2BXkSZfL2s1qN0xusiVSR0GcQU1GEP1xsiKI%2BTbF6DKI%2FD8MyhBkCYVlDh9LeC0IdpNuRi1WGOxGdNgscu67cWAtUTst0IeinA2GKXGUPEYWg5BnYdi%2BpSHIvZQZB4ScVrjQRC0fcGp3%2BlyHoq2ZJHwA9qOAxr4UQcFn7IPkWdDcD0EtzvI7A421RC2%2BBFuo4ITHlxO0BcVSklQOoKSEpSKoMwJyn61L7RruOqh0K5gwblvnPuwGpm8t0v3Td6TKdnNzsil2cD%2BeuFnbMrTmh%2FEsQgjETMuQ9GKuozGHdFpRly0GY9acKqCchdmbW5Pl%2FfVFWRqQsj3v4PRIzh9BK4ugRavgJajdsMH3Rg1Oz6200d5IqlN69wkEKZCli8g3%2FJ29Rl5aUYR3n0dkh9f%2B4Rdn%2Fx6%2BCe4rZDZCp%2BqpwQ9%2FWB025Rk77YpHfn2ZparRG3T6Urv5DSXFx%2B9L7dKY8Xaihsevs2nwjR8%2FIF0%2BTpNhUp7jny5rISQdtVYLskPa%2B4jyW4VbmO5sGmRrd96Z3Utyax0Tpl0DDpt7NkxuJqQ%2F323P7vWl%2B%2Ffh7Jj2KJCUhyTc4MyR%2BDZDlw253fmIqye17DMQ1lUI9tg80%2BtCLSc55RVcP%2FK2TzedQ%2FQs6%2BC5vdmR9q3Ffq6AtVDuOLiKM%2Fs8bWfwpmBaW%2FEtPX2mLb6i%2BfDdeq01g5Dn0bdVtBuU9lmzUYnjgJBaaMZNaKIhsjdhNcPT%2F4GAAD%2F%2FwEAAP%2F%2FADsj43gEAAA%3D
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSTW8bVRfH77RZPNKzQEXdgATyAiSQGmfGY49tuqgIISgifVELoju4b%2BNccmfu6N4Zj5NVRFXUpfkGk7%2BTRikFgcQOUSGnUhdZxWzIgnwHBGKFELIbYTjS1Tnn%2Fs%2Fid14%2B3y3OiI%2BCnq5cN9tKa7rUqvu1N%2B4GwdXaukqLQW3QiT6Omldrtv9WN6r7b9bek3zTLDX8wPcDP6itKitjM1iailDZ425Q7%2Fr1ZqMetJoY2P%2FmrvDgqAfRPyMvQonJwlPvMhQfI02%2BWZFuMzfZlXeTQtPcWPTFwYfpZmrKFMk8jK2HOD04r4ZxJ6tPYNL9GS5M%2F59CpibEe%2FYELD04hwTr7804mYZMwcT%2FUfbHkHoMRcfg5h6UOCEAF7hxE2ny8IaxJd16rtKpOiELf%2FwGVU7Iwi%2BXkSZfL2s1qN0xusiVSR0GcQU1GEP1xsiKI%2BTbF6DKI%2FD8MyhBkCYVlDh9LeC0IdpNuRi1WGOxGdNgscu67cWAtUTst0IeinA2GKXGUPEYWg5BnYdi%2BpSHIvZQZB4ScVrjQRC0fcGp3%2BlyHoq2ZJHwA9qOAxr4UQcFn7IPkWdDcD0EtzvI7A421RC2%2BBFuo4ITHlxO0BcVSklQOoKSEpSKoMwJyn61L7RruOqh0K5gwblvnPuwGpm8t0v3Td6TKdnNzsil2cD%2BeuFnbMrTmh%2FEsQgjETMuQ9GKuozGHdFpRly0GY9acKqCchdmbW5Pl%2FfVFWRqQsj3v4PRIzh9BK4ugRavgJajdsMH3Rg1Oz6200d5IqlN69wkEKZCli8g3%2FJ29Rl5aUYR3n0dkh9f%2B4Rdn%2Fx6%2BCe4rZDZCp%2BqpwQ9%2FWB025Rk77YpHfn2ZparRG3T6Urv5DSXFx%2B9L7dKY8Xaihsevs2nwjR8%2FIF0%2BTpNhUp7jny5rISQdtVYLskPa%2B4jyW4VbmO5sGmRrd96Z3Utyax0Tpl0DDpt7NkxuJqQ%2F323P7vWl%2B%2Ffh7Jj2KJCUhyTc4MyR%2BDZDlw253fmIqye17DMQ1lUI9tg80%2BtCLSc55RVcP%2FK2TzedQ%2FQs6%2BC5vdmR9q3Ffq6AtVDuOLiKM%2Fs8bWfwpmBaW%2FEtPX2mLb6i%2BfDdeq01g5Dn0bdVtBuU9lmzUYnjgJBaaMZNaKIhsjdhNcPT%2F4GAAD%2F%2FwEAAP%2F%2FADsj43gEAAA%3D HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 24 Sep 2022 06:55:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45ccbf130a4a4a76e315331124f3eb09
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
679fd1f8530a7b1865edf8da266c527a
c9321ff8b9ae0de2aa96b95590d851220225bf30
082a60873ed6db1331e1718e81355e1d4952f03ac0d27e078f7ec76567b69894

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "082A60873ED6DB1331E1718E81355E1D4952F03AC0D27E078F7EC76567B69894"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6088
Expires: Sat, 24 Sep 2022 08:36:42 GMT
Date: Sat, 24 Sep 2022 06:55:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
679fd1f8530a7b1865edf8da266c527a
c9321ff8b9ae0de2aa96b95590d851220225bf30
082a60873ed6db1331e1718e81355e1d4952f03ac0d27e078f7ec76567b69894

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "082A60873ED6DB1331E1718E81355E1D4952F03AC0D27E078F7EC76567B69894"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6088
Expires: Sat, 24 Sep 2022 08:36:42 GMT
Date: Sat, 24 Sep 2022 06:55:14 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b803a6ce3f92e2c474869f819e011de2
cb173569b4402d022e65ae4395ee94b17f3a2a74
92dff408426ce81f09abe452d8b9532064f0ec96bb42264493fd4e8f92f098c9

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92DFF408426CE81F09ABE452D8B9532064F0EC96BB42264493FD4E8F92F098C9"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9381
Expires: Sat, 24 Sep 2022 09:31:35 GMT
Date: Sat, 24 Sep 2022 06:55:14 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b803a6ce3f92e2c474869f819e011de2
cb173569b4402d022e65ae4395ee94b17f3a2a74
92dff408426ce81f09abe452d8b9532064f0ec96bb42264493fd4e8f92f098c9

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92DFF408426CE81F09ABE452D8B9532064F0EC96BB42264493FD4E8F92F098C9"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9381
Expires: Sat, 24 Sep 2022 09:31:35 GMT
Date: Sat, 24 Sep 2022 06:55:14 GMT
Connection: keep-alive

refutationtiptoe.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Findex.html&l=2211&fd=655

173.233.137.60

200 OK

0 B

URL HTTP/1.1
refutationtiptoe.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Findex.html&l=2211&fd=655
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Findex.html&l=2211&fd=655 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 24 Sep 2022 06:55:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png

172.64.200.2

200 OK

2.0 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2008 bytes)
Hash
ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4481451
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibwPDHV4eWaKMygPG8triMdYlhvgDXm1tHKz%2F646fqKxRb3Uh%2BoaTyMTCzV9tYyurEqnkMIC7W63%2B5OwDYJCfMtRKFuNJeglrrWHsqkudO74H3%2BcIbDJ9QK1Wz0U219oEBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d01f8b872f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png

172.64.200.2

200 OK

6.0 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4481451
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxqrbkdGJ8mSjIVk5r7DkwrtBEBsYTVTFazV4sfO3nw5i9fp4J0ePCUGzTTXRiRo5SOqfTd06xDWWkG3SUangf4ckmmpiDb6hOORRinY01jv5qpT%2F7wVvzoufqVBy0XrnTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d01f8b672f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png

172.64.200.2

200 OK

1.1 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1138 bytes)
Hash
9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4481451
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGCTkxMRTTvO76X%2BbVLBrKZodkCriTxi5Eu155GneJM1%2B%2FNUZ5Er9UDwA5H1IO30GqX9BCDUnB99uMque7P7jrdJjGKqjjTm7lLLK3Wr1z7Ou1IyBokwxpsWOKQLrIGo%2BO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d01f8bb72f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png

172.64.200.2

200 OK

107 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size
107 kB (106874 bytes)
Hash
c1f6eb397e4025eb9b9f152caf975d28
0fef898a70d937ab0982906947fcb2826a7fde3c
be6b906095a91adeb37fdb83b3567252be9406419a8c7a65e9d62332a3415e99

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: image/png
content-length: 106874
last-modified: Tue, 08 Feb 2022 14:16:16 GMT
etag: "62027b30-1a17a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4481451
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LEmV7jm5R600PbNpuX4EqEkNurrgFUhim7NY3xFGWDEqRSC1%2B3DDrrjP6N42S5wVr2jUssfN%2BfLmYaZ6xQevTJ2aLZHE0mv2ffM5oqNi0oQnLjf%2BkMsHe4WtREhJbISKQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d0208bc72f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b803a6ce3f92e2c474869f819e011de2
cb173569b4402d022e65ae4395ee94b17f3a2a74
92dff408426ce81f09abe452d8b9532064f0ec96bb42264493fd4e8f92f098c9

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92DFF408426CE81F09ABE452D8B9532064F0EC96BB42264493FD4E8F92F098C9"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9381
Expires: Sat, 24 Sep 2022 09:31:35 GMT
Date: Sat, 24 Sep 2022 06:55:14 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 06:55:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76a8c88fa89b6fc37e3aa82ef7d985ef
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 06:55:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbd2c3b3885698432ed1a68ab4dcf851
Strict-Transport-Security: max-age=0; includeSubdomains

refutationtiptoe.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=225

173.233.137.60

200 OK

0 B

URL HTTP/1.1
refutationtiptoe.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=225
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fcss%2Fstyle.css&l=9494&fd=225 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 24 Sep 2022 06:55:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css

172.64.200.2

200 OK

4.8 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.8 kB (4847 bytes)
Hash
c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDM7b2EYJhmUgg0tI2DqwkxG%2BlsrMed21syyB5%2BkGWVoLzHPK00t0O%2BUGaNel0KQ3GDYBvz1CHNZKamg0j9mCFLKqNNoj7mbSzB2asryRl08F9suk99qZSjnaNuxcy3%2FC5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d01c88e72f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

173.233.137.60

200 OK

0 B

URL HTTP/1.1
refutationtiptoe.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fjs%2Fscript.js&l=711&fd=237
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F16%2Fjs%2Fscript.js&l=711&fd=237 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=1ca2d74e-65b2-4fa1-9b97-1b5df053c3d3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364901]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 24 Sep 2022 06:55:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js

172.64.200.2

200 OK

984 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
984 B (984 bytes)
Hash
62ba978cb4fc08beadecfc749c3c806b
a5e181ac4f5ca3f3cdd71185785908a012c4dab5
32fd488136669f52ad8e941721e7fd64801bbebcf66a1d31202674516169ea4b

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obb1lrk0qS6DeaMQdxOHBXvx74UJ9dtSqKcW%2B%2FH8laBkuhw6UuoQ2qk6W1zXqtTX6o9wylRwG8gwSU93rPoENWAFUtX5ikvgOH9VXsw3vl%2F0Fo%2FuO%2F6uJNvCwJmI6ncP80U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d02a93172f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html

172.67.74.218

200 OK

578 B

URL HTTP/2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html
IP
172.67.74.218:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
578 B (578 bytes)
Hash
4c33e96989c1969776c40baf1190b457
37362ad5e72ebc679e5c8297bd0f8a28cb61df07
5c79d095180cbb7946b770a60baab467ed944808712bef702062f6258451d5dc

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:15:28 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX5aYwWbD6Qm4E88Vqdyc9y3w8DjPD997OLX7lWxRIiyL96POmJkTEBRqxAD%2BHFvJqMhnxI24x9cbPGT9MokPhMikoT3ZdYAn7z9RJuIjbppTVbgcTSL1wTsO6HgkPzxPBviA24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99cfd8b78b523-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/style.css

172.64.200.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/style.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOMK2tbH5Umx1FP0HujkYaWmGW5PesAcEUpmDq49XeRpTJy8eD3I%2FmAUvhYUuO8Tq4%2FNFqRVnEU7iFTzm0IgNU1HaI3QLPnQ%2Fy4RTDzlFZLLFBjpb0mj1OqeOYwFmKePWlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d01c88972f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js

172.64.200.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/16/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:14 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4481451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PC%2FoBl2ens8ycdKLBCSYmxNB8607gHUbn1jejQkf3%2F2%2ByPkSz3VmvaHrB5bkd44Si9Jl%2FqHHfclxR7J73GlNVL9nTrdInO4cSJl3%2B68YkOs%2BiL2d2Ah99%2Fd9EqZsoq1kuRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99d0208be72f6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cutpaid.com/WFFssOmR

172.67.183.8

200 OK

0 B

URL HTTP/2
cutpaid.com/WFFssOmR
IP
172.67.183.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /WFFssOmR HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:10 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=fed3d5e8c0b96cdaf6e172d01b46a1ab; path=/; HttpOnly
csrfToken=fc40ff5a8d07653219313e491be2c7f1f843f6e490ca17e83cd74e5dd16a55aab5993555a02db34a7ea08ffe6f039213d9c806b80874ed4a3b6acdaf4f16b781; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC0x%2BNwKjEioblrZ71y2LvsQteS2Qgc%2BQ%2FbuIfQtx%2Fvd5uyDu8XFT%2FT8nrsMBTgu6x67tm7XuP6ML2HUFP4fMRB1dcP2GqMzP6TAYtWHXr0gaRhUmEEoWR%2FhAIECbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f99cebef78b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 06:55:11 GMT
date: Sat, 24 Sep 2022 06:55:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

172.64.132.22

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.132.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 24 Sep 2022 06:55:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c277287840273d4103bdc60e6859d92a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 24 Sep 2022 06:55:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyoySnIfFRJncaXkKiA1aR6sjQMceeUd4ngRlzBzv5hYxc8qcEpSfxk8UJe1BpJZqzqLjgpb9EX%2Bxmq%2BS6J1%2Fit2Mes%2Bhb71TeuG92qlPDSpMfsorhr%2Fp2Zy%2BswxKGtv%2FYJM1tM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f99cf3ffa90686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations