| cutpaid.com/2Wp30 |  172.67.183.8 | 301 Moved Permanently | 0 B |
IP172.67.183.8:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2Wp30 HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 20 Nov 2022 18:25:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 20 Nov 2022 19:25:09 GMT
Location: https://cutpaid.com/2Wp30
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiEbLclp35ah6qSh2oZNqZJD%2BLIgw8eST39n2faunfyoYsdlnFk2k1wH7C8qGN%2B3sSJZ9ePU3qJT9835SvuMbzNbyxHOS7qu2JN6J87m8C8699mmE5fTqq2xU%2Fqyjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d33a00cb46b52d-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasheb76c0b3adf4098ad8a9d1e38250758f 99610ddb2b4ec6d04250ac244f966951695d4f00 01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8333
Expires: Sun, 20 Nov 2022 20:44:02 GMT
Date: Sun, 20 Nov 2022 18:25:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe7724a1f27dc1b5b2fb63c7e486f74db ef0ea648ce8bc189d31382baec4b181c724af93b 2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2177
Expires: Sun, 20 Nov 2022 19:01:26 GMT
Date: Sun, 20 Nov 2022 18:25:09 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2061bb5a62c7dbe5a39e49a98bf7d214 812ff4923fc0fa69fa7db7c362d5af728e297099 6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6575
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:09 GMT
Last-Modified: Sun, 20 Nov 2022 16:35:34 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PDsGkey6iUEgMascg97R8erxLrc1BqFzVneN522taOt8RJ4RyKTcspVoRTDroiq2Fz2Ih96Ov5s=
x-amz-request-id: K4040X7AMYZYBKBS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 17:38:49 GMT
age: 2780
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 17:45:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2408
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 18:25:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashc28dcab32cb68e75be2f9d541e417a3c 7e94e4d48e4004090b100451a37752a7ae691550 fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashecf20bb738504255b997d0f8d32f84da 4083bb312c0263ccdbccdd6e157060d3f85996c7 65a66ce857bb2fd22d467c16a4f405faf4a50700a8fd1a4b8c5b903df10c4aaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit | 142.250.74.164 | 200 OK | 580 B |
URL HTTP/2www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP142.250.74.164:0
File typeASCII text, with very long lines (918), with no line terminators Hashdbf518f97165d213611f9e6f762bf876 a8529116d76204a0420a8c244723466310787f79 bc0692ecebd5884ea21d4bd3cd0ef1aa05f8a8439ea5f8ea7ebfe8110b603082
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 20 Nov 2022 18:25:09 GMT
date: Sun, 20 Nov 2022 18:25:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| i.imgur.com/4nDF4PP.png |  151.101.84.193 | 200 OK | 7.0 kB |
IP151.101.84.193:0
File typePNG image data, 250 x 72, 8-bit/color RGB, non-interlaced\012- data Hashcb7480a0a433fd916168ba91ae24e8e8 f49c10d3ac373780ba6ede61e67909cb45c2403d d3fbcdbb65aec7adf8d368f0540eb7abf08e83cf8d42742003df35abba13c75e
GET /4nDF4PP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Oct 2018 03:18:48 GMT
etag: "cb7480a0a433fd916168ba91ae24e8e8"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 20 Nov 2022 18:25:09 GMT
age: 2284790
x-served-by: cache-iad-kcgs7200146-IAD, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 479, 1
x-timer: S1668968710.838234,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6966
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 36 kB |
IP142.250.74.35:0
Hash42ac65db764db567c0bf54e484fab6e0 18a6db3f8431c3f7772e3129f827ec2c11940672 d9be69cd3faa16a146f1cf7e28595ed9860198e232f1b2a2d09fb35f18b6aa99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash801bfa5219b8edbae22ab4be73ea5f1b 6795d174c6af1841ff34a78c0723c8fd9a69bdce 5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd561fb4c2606ae6f3e27b550aac78eb1 08fab66de067ec1b26229eb8ca8025228b1e77df 696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd561fb4c2606ae6f3e27b550aac78eb1 08fab66de067ec1b26229eb8ca8025228b1e77df 696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 | 216.58.207.195 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data Hashea2343c7dccad57360fb611d67204445 b603d9e68bb1ed5e4b33d5e31121160cb4d23452 2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 06:19:58 GMT
expires: Fri, 17 Nov 2023 06:19:58 GMT
cache-control: public, max-age=31536000
age: 302711
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.195 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Hashac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 16:40:18 GMT
expires: Fri, 17 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 265491
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 61 kB |
IP142.250.74.35:0
Hash8ca130783878561b7201be0dddb35551 9559915bb83183c4faf4f2745831f9bd3e316a21 aa26f77c675f3ebf1142f544eea4e3c89f9d7ae10cc2e823429f9ce3ad97ce82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 17:44:50 GMT
cache-control: public,max-age=3600
age: 2420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash27138f8625c320bd1434ccd92263b641 6a8f18728c9f324c1c631ffc85901d84ec4d0e0c 02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5750
Cache-Control: max-age=145053
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:10 GMT
Etag: "6379ee2d-1d7"
Expires: Tue, 22 Nov 2022 10:42:43 GMT
Last-Modified: Sun, 20 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashda15379d1c951d4535f1d80c769e3340 d16aa435ced6c83a0514114c1ce173e617bd7bf9 f588979e7b4061340997fcb5c65b0b1cd2dd2775827320683d30e478a87501c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F588979E7B4061340997FCB5C65B0B1CD2DD2775827320683D30E478A87501C1"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15733
Expires: Sun, 20 Nov 2022 22:47:23 GMT
Date: Sun, 20 Nov 2022 18:25:10 GMT
Connection: keep-alive
|
|
| plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js | 173.233.137.60 | 200 OK | 21 kB |
URL HTTP/1.1plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js IP173.233.137.60:0
File typeHTML document, ASCII text, with very long lines (60161), with no line terminators Hashb19af2a19f1c64d4efa1bd8b36e87a12 39d92f369b19162c363d99e16354776d8987667e 203b659020e0bde2ae0a7725c622ea6fee26b8d4e3f7c7d6cb2f7e5db72cece7
GET /7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js HTTP/1.1
Host: plungebriefinggladly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4b3c9fd69d1fde20b9d62c5e3358ca9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| push.services.mozilla.com/ | 34.214.17.205 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.214.17.205:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9tLrLKZx07sxQ1M3DF1kbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BQf0UkFKxpn1Bga2TQF8I4kifIQ=
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash913a828f0f87e891c1e29334eddee0a7 eeb36887905d7e031b5b8a5f9bca30f25d61eddf c033a53f811feb2884ea72d7d0a4ebfedd8530dbfd3fe71e1f86439d3f17a65f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156591
Date: Sun, 20 Nov 2022 18:25:10 GMT
Etag: "637a2c18-1d7"
Expires: Tue, 22 Nov 2022 13:55:01 GMT
Last-Modified: Sun, 20 Nov 2022 13:31:04 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rWr5DhG0r1F4PrsjTCEI9V9tu89-MZ53njwdGRbijtfY2_b3EFVasw==
Age: 1437
|
|
| simplewebanalysis.com/stats |  18.185.190.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP18.185.190.54:0
File typeASCII text, with no line terminators Hash03e027f4abd3263e015b308aeb7b864a bb8de01db23ed3a6c8632bdb76e79c3cba975b9a efa5b3422b947fe632623d52cba84dd55c6fd1324bec5ce4b7ac3ed6a4072ba1
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cutpaid.com
access-control-allow-credentials: true
set-cookie: uid_id2=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d:3:1; expires=Wed, 17 Nov 2032 18:25:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash171e99401a03ac56348a71acd0cb591c 9da7aeb0926dceb3cf8010bf3765671893dcc56d a1fa21acea72085edd05b58a0519959dcc40a9fb88f3535e6a6724ef4efaa067
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1FA21ACEA72085EDD05B58A0519959DCC40A9FB88F3535E6A6724EF4EFAA067"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1627
Expires: Sun, 20 Nov 2022 18:52:18 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaaf95ec4541654fdcdd8d3f24c6630a5 2f21e05dcaa397bcf8fde0ac36b72e02f9a56141 222ccda2e9970842b863a0d442cdefa2bb2879b5a04ff3ca23728cb4085a785e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "222CCDA2E9970842B863A0D442CDEFA2BB2879B5A04FF3CA23728CB4085A785E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8834
Expires: Sun, 20 Nov 2022 20:52:25 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| revoketypes.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js | 173.233.137.52 | 200 OK | 13 kB |
URL HTTP/1.1revoketypes.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js IP173.233.137.52:0
File typeASCII text, with very long lines (37129), with no line terminators Hashceb59eaf07a8d434c5238132f2c35a62 38f779b045bf22aba7012d173ff6e3730bd326b7 e9cbd0fd1c3517b30303a12649e7f24c1c46c74dc77bdcb2975689ed3adc082e
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb774144fc7fec72f632934397e30bcb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| revoketypes.com/pixel/purst?dl=0&th=0&sc=0&rs=1384&rd=1384&fd=879&bv=22.10.v.9&tmpl=70 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1revoketypes.com/pixel/purst?dl=0&th=0&sc=0&rs=1384&rd=1384&fd=879&bv=22.10.v.9&tmpl=70 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1384&rd=1384&fd=879&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash74ca8c8472c8233c6a90091e619ce119 3baaf910d11063b9532b75e6fc6e2cc1813f1888 7482b1fb971bedb0c81f63bb2041450e2851692e3326f88a5a002910e8d1bd4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7482B1FB971BEDB0C81F63BB2041450E2851692E3326F88A5A002910E8D1BD4F"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7318
Expires: Sun, 20 Nov 2022 20:27:09 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js | 142.250.74.163 | 200 OK | 163 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (730) Size163 kB (162976 bytes) Hash79d18cf4265108d7cecca1bf4ada6109 e51d0285a545381d4c39e9e0292a650ffeeecbb9 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Nov 2022 11:26:10 GMT
expires: Mon, 20 Nov 2023 11:26:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 25141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| banquetunarmedgrater.com/advertisers.js | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:11 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6e66aa21a354353723aacd1978ccdf45
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| s10.histats.com/js15_as.js |  46.105.201.240 | 200 OK | 4.4 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashed192092c129db6123a3397855f42619 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:20:09 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 35621479
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash38af0352de3218aa5dd11e4f4bb866be 427593693c3a35aa3b9700eebb3c15e1f4e1fc4e 4df1dc9a7e68ce894e5dba0b637a343e45e0f2378773f58bca02a0d2fb95cb31
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4DF1DC9A7E68CE894E5DBA0B637A343E45E0F2378773F58BCA02A0D2FB95CB31"
Last-Modified: Sun, 20 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8362
Expires: Sun, 20 Nov 2022 20:44:33 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash38af0352de3218aa5dd11e4f4bb866be 427593693c3a35aa3b9700eebb3c15e1f4e1fc4e 4df1dc9a7e68ce894e5dba0b637a343e45e0f2378773f58bca02a0d2fb95cb31
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4DF1DC9A7E68CE894E5DBA0B637A343E45E0F2378773F58BCA02A0D2FB95CB31"
Last-Modified: Sun, 20 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8362
Expires: Sun, 20 Nov 2022 20:44:33 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10631
Expires: Sun, 20 Nov 2022 21:22:22 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10631
Expires: Sun, 20 Nov 2022 21:22:22 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10631
Expires: Sun, 20 Nov 2022 21:22:22 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10631
Expires: Sun, 20 Nov 2022 21:22:22 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10631
Expires: Sun, 20 Nov 2022 21:22:22 GMT
Date: Sun, 20 Nov 2022 18:25:11 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2dcdeb5df10dd86dbc155dbefc4fd72b b0a20213cdedc7fa472dbdad4e1152152009433e ba98ae058e591f010056de61cdc58e09b5a2742be08421e0ba57ac2a0de36422
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11915
x-amzn-requestid: 93e2bad9-148f-4b10-9c07-8ab77bcaafcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jW6F0BoAMFU3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c2c-19e415980648396973718d73;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3vxezxpU1re737vRthcDcV3hDb1NAhhZrslBYjIHE7hdtD40FslmzA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:35:16 GMT
age: 71395
etag: "b0a20213cdedc7fa472dbdad4e1152152009433e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash79ccaf63b8e37223509518f540b26f54 fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71 950ae082472515d39c9e3440cee399376e99840651ff04c4d2581951e44163de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9653
x-amzn-requestid: 06932e2b-59fa-4e05-aad3-65d7e2045e13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i5fHJEoAMF8Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b6f-0062640e7868cf664bcf26d2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eFgEWflu3zqDd4J838DeZiPxNafliBVrce95D_29-oviwINWR2bkw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
etag: "fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71"
content-type: image/jpeg
age: 74607
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc8f6118fc03f31862ff68fef8a2b9a7f 318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73 cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l3euSue3hLTcBU1OSLRCDuBDeXXM2mAIz0LhADeJV-30r-dW_TFV0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:48:38 GMT
age: 74193
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb28e1947dd5435162df86cc70e9fea5d 113700edca01bc6c50b66469dbb773ec362fe929 03a4327afc45c669dc1630b1351ebdd2ecade957fa8a7646811bf8f27358bf65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c207b69-a517-45ee-9654-a69634cbd879.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10263
x-amzn-requestid: 8edf4efc-4a00-4732-aa8a-987a4c3d6721
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jaKE7FIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c40-214512c570f4d1b3188b4d66;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3o8nTT7Vs26OvEsBKvmk5H07iuy8b5wtoMEosN2TUT59-dLnknaSWw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:17:36 GMT
etag: "113700edca01bc6c50b66469dbb773ec362fe929"
content-type: image/jpeg
age: 72455
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha41f9693b9247dcce6c2340bb5c02828 e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e aa23cead1d44bf9db22654eb14113ef356d4ac972d301969c02803964418d556
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9798
x-amzn-requestid: abab4eb2-0a35-4113-8a52-e07c08f069cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkiY2HXCoAMFVrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b105-1cb176423ca3231a093cc4c7;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AteeNwLYPSC1iY1VYtQ85S3UrUXPURhvQrTCc2uCTZD7gyBPGfoghw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 17:23:16 GMT
age: 3715
etag: "e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe33cec1fb25538471758ee73cffc0c88 351f0afdd289e84c829401b80645c8803b47bc39 d826e4a0f0f53e95864b1e40d6bf13d2e82ad5806f988b7d54bb97e21b45da8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6744
x-amzn-requestid: 489adc2f-8725-4361-ae81-542f845b43f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i5BFzmIAMFXEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b6c-4200af255e86aad05e3e95f8;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IEkibE17YLbyAKc32r0cdG9f46d-qA9Tr_JN_iA1XAnWikKEgHvywQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:35:16 GMT
etag: "351f0afdd289e84c829401b80645c8803b47bc39"
content-type: image/jpeg
age: 71395
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1668968711369&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:-151389260&@b3:1668968711&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2F2Wp30&@w |  158.69.248.123 | 200 OK | 51 B |
URL HTTP/1.1s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1668968711369&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:-151389260&@b3:1668968711&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2F2Wp30&@w IP158.69.248.123:0
File typeASCII text, with no line terminators Hash3a3d8551fa172d9753450df01f1b8f4b 16b492f3bb3896b5bda7c695b08c0b3645a9dfd4 ab00269ee9bb7bf00b64e6d715fe8b1a7bae11438ddebf057ef533deeaa491c5
GET /stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1668968711369&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:-151389260&@b3:1668968711&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2F2Wp30&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 18:25:11 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
|
|
| s10.histats.com/counters/cc_1034.js | 46.105.201.240 | 200 OK | 5.5 kB |
URL HTTP/2s10.histats.com/counters/cc_1034.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (15333), with no line terminators Hashce205bf9427d1fc8a6d26329c3811f67 807840d7c9174fcab11a9d4520538a19d8effadc b167e0e8b5c1c0d7d4ef6b1050cba84e150e0aa62f9bdc128fc5c68fca8473ed
GET /counters/cc_1034.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:23:03 GMT
etag: "-241208617"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 138020359
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5479
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf6c5a82f01d031224e2c8be070804c59 cc23be85aeddffe840a6f13206cc49a42721c195 1cb7d3a00100433f6981c11620579d7a292c70fa121484a9c8e61731cf10cde7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CB7D3A00100433F6981C11620579D7A292C70FA121484A9C8E61731CF10CDE7"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4174
Expires: Sun, 20 Nov 2022 19:34:46 GMT
Date: Sun, 20 Nov 2022 18:25:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2bc09af1ad2686db7351c4dd0cbf4cac e0f8d39aa931959c01c31998f3d451ec89c6de2a fd9772fc6b061e8b815346686c8b059b7478e3e1712e920f4d87aa7265eda598
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD9772FC6B061E8B815346686C8B059B7478E3E1712E920F4D87AA7265EDA598"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11039
Expires: Sun, 20 Nov 2022 21:29:11 GMT
Date: Sun, 20 Nov 2022 18:25:12 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 20 Nov 2022 18:25:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc3dfa856aa7fc025a597049e6bcd668
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 20 Nov 2022 18:25:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 88e1daebe0c1993249e4eabe5ba58eb3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| veilsuccessfully.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d%3A3%3A1 | 173.233.139.164 | 200 OK | 4.1 kB |
URL HTTP/1.1veilsuccessfully.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d%3A3%3A1 IP173.233.139.164:0
File typeJSON data\012- , ASCII text, with very long lines (5773), with no line terminators Hashe14ab04641472a8fd1caf93f2e187ecd bfab230aac62946a461da6774664baf4d28c87ca a121ef02d05f92c8c3ac836d59f782fb0d39adea90658d1f0874d6fc1b33e9bb
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d%3A3%3A1 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:12 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutpaid.com
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16650200; expires=Mon, 21 Nov 2022 18:25:12 GMT; secure; SameSite=None
uid_id2=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d:3:1; expires=Sun, 27 Nov 2022 18:25:12 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 21 Nov 2022 18:25:12 GMT; secure; SameSite=None
uncs=1; expires=Mon, 21 Nov 2022 18:25:12 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 21 Nov 2022 18:25:12 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 21 Nov 2022 18:25:12 GMT; secure; SameSite=None
slec01ffd36dfbce3d569baf8d846cd7bc65=[3760951]; expires=Sun, 20 Nov 2022 18:25:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f4b8fcd9445132e7e8ff5ee1e7460ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash0fd5cf815b6ba667cae171e699ff0b4f 2b0586a4d39ddcc88c9497fbc5f7127b8cb59ed9 a32377cd9f1708188887af399a9c538918ca73212a851c3a1d245ba6f90bef97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5675
Cache-Control: max-age=92076
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 18:25:12 GMT
Etag: "63791f89-118"
Expires: Mon, 21 Nov 2022 19:59:48 GMT
Last-Modified: Sat, 19 Nov 2022 18:25:13 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
|
|
| veilsuccessfully.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lcwPws%2BFRNwIKr1woZDpqeru6g9nEYwxEkxmhiQykN37qp7nvKpXvlfV1dOrwYBkodDiQpc1p2cyGEcxaxGlx00YUNIudBaO%2F4KgZCnSPQ2Dd%2FHuve%2FcxTnn3g938hPiI6fHazfNQGlNl8KqX3l1XSXCFK6ycqcS%2BFV%2FubKukmZjudKfPrb3euCHVf%2B1ytuSb5qlmh%2F4fuAHlWvKysj0l2YoVHrQCaodv9qoVYOwgb79b%2B9yD456EL0T8hyUmPxv4%2FEjKD5GEn9zVbrNzKSX3opzTTNj0RP77yabiSkSxGdlZD1Eyf58GsZNCPn8HEyyP1cA09udKgBTE%2BL9GoAl%2B3OaYL29U6ZMQyZg4hkUvTGkHkPRMbi5ByWeEIALrKwiiR%2BsGFvQrVOUTtEJWXj6F1QxIQu%2FP48k%2FvqKVv3KbaPzTJnEoR%2BVUP0xVHeMND9ENvCgikPw7AMo8RNZenoDSby76rSBEsevMBZ1RDNiiy2%2FWV9siLC9yJotuRgGUZO321R0mmJmkVJjqGgMLYeg7jxy5yFXHvLIQ556iMVxhYadyPdbEYvq9XaDc16vcx62myIU9UY78pHzqYYhsnQIrofgdhup3camGsLmP8BtlHDCg8sIeqJEIQkKR1BQgkIRFBlB0Sv3hHY1Vz4Q2uUsmOfaPNfLkcm6O3TPZF2ZkJ30hFycGffPs79hUx5X%2FCCKRL0pIsZlXYTNDqNRW7QbTS5ajDdDOFVCuXOgzsNgusWvLiFVE0K%2B%2FRuMHsLpQ3B1ETR%2FCbQYtWo%2B6Mao0fYxSB5msaQ2qXITQ5gSabaAbMvb0SfkhRmLDm9B8qPLPy%2BLuy8eXAC3JVJb4j31I0FX3x%2FdMgXZvWUKRx6tppmK1YBOV3s7o5lcePiO3CqMFdevuuEXb%2FApMC0P7kiX3aCJUEnXkS%2BvKCGkvWYsl%2BS7625dsrXcbVzJbZKnN9bevHY9Tq10TplkDKqetD4FVxPy%2F5vbs6N9%2BaPHUHYMm5eI8yMyDyhzCJ5uw6VHlz%2F7ePWPZXEXzhBYfTbDUg9FXo5sjZ19akWg5VlPWQknzyxg8uj7P0%2BxHXcfXeuBZveQxCV6tkRPl6B6CJefH2WpPbr8S30WYNobMW29Xaat%2FuTUWqeOKzKM%2FEj6NcmiDota1BedqNFhtBPIFgtpgMxN%2BOD9C%2F8CAAD%2F%2FwEAAP%2F%2F3TjdoIwEAAA%3D | 173.233.139.164 | 200 OK | 7 B |
URL HTTP/1.1veilsuccessfully.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lcwPws%2BFRNwIKr1woZDpqeru6g9nEYwxEkxmhiQykN37qp7nvKpXvlfV1dOrwYBkodDiQpc1p2cyGEcxaxGlx00YUNIudBaO%2F4KgZCnSPQ2Dd%2FHuve%2FcxTnn3g938hPiI6fHazfNQGlNl8KqX3l1XSXCFK6ycqcS%2BFV%2FubKukmZjudKfPrb3euCHVf%2B1ytuSb5qlmh%2F4fuAHlWvKysj0l2YoVHrQCaodv9qoVYOwgb79b%2B9yD456EL0T8hyUmPxv4%2FEjKD5GEn9zVbrNzKSX3opzTTNj0RP77yabiSkSxGdlZD1Eyf58GsZNCPn8HEyyP1cA09udKgBTE%2BL9GoAl%2B3OaYL29U6ZMQyZg4hkUvTGkHkPRMbi5ByWeEIALrKwiiR%2BsGFvQrVOUTtEJWXj6F1QxIQu%2FP48k%2FvqKVv3KbaPzTJnEoR%2BVUP0xVHeMND9ENvCgikPw7AMo8RNZenoDSby76rSBEsevMBZ1RDNiiy2%2FWV9siLC9yJotuRgGUZO321R0mmJmkVJjqGgMLYeg7jxy5yFXHvLIQ556iMVxhYadyPdbEYvq9XaDc16vcx62myIU9UY78pHzqYYhsnQIrofgdhup3camGsLmP8BtlHDCg8sIeqJEIQkKR1BQgkIRFBlB0Sv3hHY1Vz4Q2uUsmOfaPNfLkcm6O3TPZF2ZkJ30hFycGffPs79hUx5X%2FCCKRL0pIsZlXYTNDqNRW7QbTS5ajDdDOFVCuXOgzsNgusWvLiFVE0K%2B%2FRuMHsLpQ3B1ETR%2FCbQYtWo%2B6Mao0fYxSB5msaQ2qXITQ5gSabaAbMvb0SfkhRmLDm9B8qPLPy%2BLuy8eXAC3JVJb4j31I0FX3x%2FdMgXZvWUKRx6tppmK1YBOV3s7o5lcePiO3CqMFdevuuEXb%2FApMC0P7kiX3aCJUEnXkS%2BvKCGkvWYsl%2BS7625dsrXcbVzJbZKnN9bevHY9Tq10TplkDKqetD4FVxPy%2F5vbs6N9%2BaPHUHYMm5eI8yMyDyhzCJ5uw6VHlz%2F7ePWPZXEXzhBYfTbDUg9FXo5sjZ19akWg5VlPWQknzyxg8uj7P0%2BxHXcfXeuBZveQxCV6tkRPl6B6CJefH2WpPbr8S30WYNobMW29Xaat%2FuTUWqeOKzKM%2FEj6NcmiDota1BedqNFhtBPIFgtpgMxN%2BOD9C%2F8CAAD%2F%2FwEAAP%2F%2F3TjdoIwEAAA%3D IP173.233.139.164:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lcwPws%2BFRNwIKr1woZDpqeru6g9nEYwxEkxmhiQykN37qp7nvKpXvlfV1dOrwYBkodDiQpc1p2cyGEcxaxGlx00YUNIudBaO%2F4KgZCnSPQ2Dd%2FHuve%2FcxTnn3g938hPiI6fHazfNQGlNl8KqX3l1XSXCFK6ycqcS%2BFV%2FubKukmZjudKfPrb3euCHVf%2B1ytuSb5qlmh%2F4fuAHlWvKysj0l2YoVHrQCaodv9qoVYOwgb79b%2B9yD456EL0T8hyUmPxv4%2FEjKD5GEn9zVbrNzKSX3opzTTNj0RP77yabiSkSxGdlZD1Eyf58GsZNCPn8HEyyP1cA09udKgBTE%2BL9GoAl%2B3OaYL29U6ZMQyZg4hkUvTGkHkPRMbi5ByWeEIALrKwiiR%2BsGFvQrVOUTtEJWXj6F1QxIQu%2FP48k%2FvqKVv3KbaPzTJnEoR%2BVUP0xVHeMND9ENvCgikPw7AMo8RNZenoDSby76rSBEsevMBZ1RDNiiy2%2FWV9siLC9yJotuRgGUZO321R0mmJmkVJjqGgMLYeg7jxy5yFXHvLIQ556iMVxhYadyPdbEYvq9XaDc16vcx62myIU9UY78pHzqYYhsnQIrofgdhup3camGsLmP8BtlHDCg8sIeqJEIQkKR1BQgkIRFBlB0Sv3hHY1Vz4Q2uUsmOfaPNfLkcm6O3TPZF2ZkJ30hFycGffPs79hUx5X%2FCCKRL0pIsZlXYTNDqNRW7QbTS5ajDdDOFVCuXOgzsNgusWvLiFVE0K%2B%2FRuMHsLpQ3B1ETR%2FCbQYtWo%2B6Mao0fYxSB5msaQ2qXITQ5gSabaAbMvb0SfkhRmLDm9B8qPLPy%2BLuy8eXAC3JVJb4j31I0FX3x%2FdMgXZvWUKRx6tppmK1YBOV3s7o5lcePiO3CqMFdevuuEXb%2FApMC0P7kiX3aCJUEnXkS%2BvKCGkvWYsl%2BS7625dsrXcbVzJbZKnN9bevHY9Tq10TplkDKqetD4FVxPy%2F5vbs6N9%2BaPHUHYMm5eI8yMyDyhzCJ5uw6VHlz%2F7ePWPZXEXzhBYfTbDUg9FXo5sjZ19akWg5VlPWQknzyxg8uj7P0%2BxHXcfXeuBZveQxCV6tkRPl6B6CJefH2WpPbr8S30WYNobMW29Xaat%2FuTUWqeOKzKM%2FEj6NcmiDota1BedqNFhtBPIFgtpgMxN%2BOD9C%2F8CAAD%2F%2FwEAAP%2F%2F3TjdoIwEAAA%3D HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:12 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdec9ea9a79d0e5ad8689afde09b7710
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash14bb1a68029a02fba011db85d5499d96 50c731767d2de8a7eec8d5e2b2386683b3ad814d 1de79f89077c18af57451469d25c3eb4072371ecf87abf8ae7e9e7987b0ac19b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1DE79F89077C18AF57451469D25C3EB4072371ECF87ABF8AE7E9E7987B0AC19B"
Last-Modified: Sun, 20 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7760
Expires: Sun, 20 Nov 2022 20:34:32 GMT
Date: Sun, 20 Nov 2022 18:25:12 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash14bb1a68029a02fba011db85d5499d96 50c731767d2de8a7eec8d5e2b2386683b3ad814d 1de79f89077c18af57451469d25c3eb4072371ecf87abf8ae7e9e7987b0ac19b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1DE79F89077C18AF57451469D25C3EB4072371ECF87ABF8AE7E9E7987B0AC19B"
Last-Modified: Sun, 20 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7760
Expires: Sun, 20 Nov 2022 20:34:32 GMT
Date: Sun, 20 Nov 2022 18:25:12 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png | 172.64.109.13 | 200 OK | 6.0 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/close.png IP172.64.109.13:0
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/software/multi/browsers/ff/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:12 GMT
content-type: image/png
content-length: 5982
last-modified: Thu, 08 Sep 2022 07:49:57 GMT
etag: "63199ea5-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 116957
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qst328RXN%2BmZKM6l2owje0k5CQFTOpQQzPrflQXZ5BlJPccBJdsARYLlE2HBZBPkKCnUYzY9VbUczQ1dBpg8S%2FMlrVkgTxKK5q4ch%2FhynDuPAM3fDxZxo08rPf90DZ577Zn4WtlJTqIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a17bdf48e33-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html | 172.67.74.218 | 200 OK | 499 B |
URL HTTP/2cdn.yourwebbars.com/sb/notifications/software/multi/browsers/ff/3/index.html IP172.67.74.218:0
File typeHTML document text\012- HTML document, ASCII text Hash8c91c3dfa2f35669b8c77ce2f5be55d1 e82f3a9d6390323f6b5cd9dce80902a3b8675c54 64a1f65b99f7e54ddf005a2f6a9dfdb461cbfa7445967d35b3433a5608578fca
GET /sb/notifications/software/multi/browsers/ff/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:12 GMT
content-type: text/html
last-modified: Thu, 08 Sep 2022 07:49:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 89398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpW5jnXX4AFiuYHGkKPnuzgfNIGVsPvcGLV9hmtWWJyqeTDTZgQvuhJrEa6wbwuL24MdjmXwLpKTK2XEh7a9ERSGAur8yhY%2BZR8cG6Rtj8RHiptEkBaZQgvCOxeamiDgJ%2FfiZN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a16d843b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash14bb1a68029a02fba011db85d5499d96 50c731767d2de8a7eec8d5e2b2386683b3ad814d 1de79f89077c18af57451469d25c3eb4072371ecf87abf8ae7e9e7987b0ac19b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1DE79F89077C18AF57451469D25C3EB4072371ECF87ABF8AE7E9E7987B0AC19B"
Last-Modified: Sun, 20 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7760
Expires: Sun, 20 Nov 2022 20:34:32 GMT
Date: Sun, 20 Nov 2022 18:25:12 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png | 172.64.109.13 | 200 OK | 175 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/img/update-icon.png IP172.64.109.13:0
File typePNG image data, 452 x 453, 8-bit/color RGBA, non-interlaced\012- data Size175 kB (174730 bytes) Hash85bc2f8a287afa33ac84c90178055d00 c98e7ebd06397a77a20607f55fe4ebf1b57ca334 85d20d101efc753f9b0619a33901e1689d1e0c11a46bf6d6d657c1393542cc30
GET /sb/notifications/software/multi/browsers/ff/3/img/update-icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:12 GMT
content-type: image/png
content-length: 174730
last-modified: Thu, 08 Sep 2022 07:49:58 GMT
etag: "63199ea6-2aa8a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 116957
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FaBK0fnjNV3AAHGKY%2FlDrLxNWI1HGSfoNPYLcqs4360Y9TPFsqco0O19sbPtYHv8%2BEe76hUpAPxPtGauTgjUH4Sm%2BwASJfgvRRFOQhCY0XDGFghrPVMxWiYlz2unVMKyRbDSY%2FdtULO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a17bdf68e33-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=104 | 173.233.139.164 | 200 OK | 0 B |
URL HTTP/1.1veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=104 IP173.233.139.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fstyle.css&l=3735&fd=104 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js | 172.64.109.13 | 200 OK | 4.9 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/script.js IP172.64.109.13:0
Hash52e09a76d5c77aea6e4e39c37ed23f50 671ab4ce2e6ce4bbd4b99b5a32bd2dea4723d50d 57dd0534bbb95e1f81aee274ec01852b8a965ecd6a274551ab395584248c3108
GET /sb/notifications/software/multi/browsers/ff/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:13 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-2ae2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 89398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AGgxQnhw%2BRyFqlQKyJhR69Je5yuulSEzTRRp1sy9rTxgJsX9Qa7aUFkD2l40HpuacGh0xflB16D54Gbb%2BlpEz%2BZewIlSe6ssAaN2%2Bj1VHND%2FNM7RCMgr%2FkNjNbJMk%2BrppIpXfoX7LfE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a184e9a8e33-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353 | 173.233.139.164 | 200 OK | 0 B |
URL HTTP/1.1veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353 IP173.233.139.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fbrowsers%2Fff%2F3%2Fcss%2Fmagic.css&l=45250&fd=353 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css | 172.64.109.13 | 200 OK | 2.9 kB |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/magic.css IP172.64.109.13:0
Hash0effca5fab677a1d7c71fbf26b86d726 bae9b92cc8d69e40575158a120bc091f4e5dab9d 7913960f54312d8ae17bdd007ea41e103152cf2e177fec0569c22b685a6bf82f
GET /sb/notifications/software/multi/browsers/ff/3/css/magic.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:13 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:55 GMT
etag: W/"63199ea3-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcGQkSmQJ1LKJ6w%2FHDCgPY0nHjV%2FTCDTGujSLaccOKUWCiDC2NnDzmPU3XU7vOKE7vLTQ2mltmodTY3xJWzBCGfS9Xpw95S8g2eZ1MEQXhy%2B%2FrSoHkAFatvqF3%2FTnpF20Jt2xtQx5z37"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a177d958e33-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| veilsuccessfully.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lcwPws%2BFRNwIKr1woZDpqerqj2pnEYwxEkwyIYkEsntf1fOcV%2FXK96q6Or0aDEgWCi0udFlzeiaDcRSzFlF63IQBJe1CZ%2BH4LwhKliLd0zB4F%2B%2Fe%2B85dnHPu%2FXCrOCI%2BCnp4%2FaoZKq3pSqvu1169rVJhSle7dqsW%2BHV%2FtXZbpe3mam0we2z%2F9cBv1f3Xam9LvmFWGn7g%2B4Ef1C4pK2MzWJmjUNleN6h3%2FXqzUQ9aTQzsf3tXeHDUg%2BgfkeegxPR%2F648fQfEJ0uSbi9Jt5CY791ZSaJobi77YfTfdSE2ZIjkpY%2BshTncX0zBuSsjnp2DS3YUCmP72TAGYmhLv1wAs3V3QBOvvHDNlGjIFE8%2Bg7E8g9QSKTsDNPSjxhABc4Noa0uTBNWNLevcYpTN0Spae%2FgVVTsnS788jTb6%2BoNWgdtPoIlcmdRjEFdRgAtWbICv2kQ89qHIfPP8ASvxEVp5eQZpsrzltoMThK4zFXdGO2XLHb4fLTdGKllm7I5dbQdzmUURFty3mFik1gYon0HIE6k6jcB4K5aGIPRSZh0Qc1mirG%2Ft%2BJ2ZxGEZNznkYct6K2qIlwmYU%2Byj4TMMIeTYC1yNwu4nMbmJDjWCLH%2BDWKzjhweUEfVGhlASlIygpQakIypyg7Fc7QruGqx4I7QoWLHJjkcNqbPLeFt0xeU%2BmZCs7Imfnxv3z7G%2FYkIc1P4hjEbZFzLgMRavdZTSORNRsc9FhvN2CUxWUOwXqPAxnW%2FzqHDI1JeTbv8HoPpzeB1dnQYuXQMtxp%2BGDro%2BbkY9h%2BjBPJLVpnZsEwlTI8iXkd70tfURemLPo8g4kPzj%2F86q48%2BLeGXBbIbMV3lM%2FEvT0%2FfENU5LtG6Z05NFalqtEDelstTdzmsulh%2B%2FIu6Wx4vJFN%2FriDT4DZuXeLenyKzQVKu058uUFJYS0l4zlknx32d2W7Hrh1i8UNi2yK9ffvHQ5yax0Tpl0AqqedD4FV1Py%2F6ub86N9%2BaPHUHYCW1RIigOyCCizD55twmUH5z%2F7eO2PVXEHzhBYfTLDMg9lUY1tg518akWg5UlPWQUnTyxg8uD7P4%2BxLXcfPeuB5veQJhX6tkJfV6B6BFecHueZPTj%2FSzgPMO2NmbbeNtNWf3JsrVOHtVbQlBGLOlwIJrkIOo0wCn2%2FIUSz05VBF7mb8uH7Z%2F4FAAD%2F%2FwEAAP%2F%2FyTBTRowEAAA%3D | 173.233.139.164 | 200 OK | 7 B |
URL HTTP/1.1veilsuccessfully.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lcwPws%2BFRNwIKr1woZDpqerqj2pnEYwxEkwyIYkEsntf1fOcV%2FXK96q6Or0aDEgWCi0udFlzeiaDcRSzFlF63IQBJe1CZ%2BH4LwhKliLd0zB4F%2B%2Fe%2B85dnHPu%2FXCrOCI%2BCnp4%2FaoZKq3pSqvu1169rVJhSle7dqsW%2BHV%2FtXZbpe3mam0we2z%2F9cBv1f3Xam9LvmFWGn7g%2B4Ef1C4pK2MzWJmjUNleN6h3%2FXqzUQ9aTQzsf3tXeHDUg%2BgfkeegxPR%2F648fQfEJ0uSbi9Jt5CY791ZSaJobi77YfTfdSE2ZIjkpY%2BshTncX0zBuSsjnp2DS3YUCmP72TAGYmhLv1wAs3V3QBOvvHDNlGjIFE8%2Bg7E8g9QSKTsDNPSjxhABc4Noa0uTBNWNLevcYpTN0Spae%2FgVVTsnS788jTb6%2BoNWgdtPoIlcmdRjEFdRgAtWbICv2kQ89qHIfPP8ASvxEVp5eQZpsrzltoMThK4zFXdGO2XLHb4fLTdGKllm7I5dbQdzmUURFty3mFik1gYon0HIE6k6jcB4K5aGIPRSZh0Qc1mirG%2Ft%2BJ2ZxGEZNznkYct6K2qIlwmYU%2Byj4TMMIeTYC1yNwu4nMbmJDjWCLH%2BDWKzjhweUEfVGhlASlIygpQakIypyg7Fc7QruGqx4I7QoWLHJjkcNqbPLeFt0xeU%2BmZCs7Imfnxv3z7G%2FYkIc1P4hjEbZFzLgMRavdZTSORNRsc9FhvN2CUxWUOwXqPAxnW%2FzqHDI1JeTbv8HoPpzeB1dnQYuXQMtxp%2BGDro%2BbkY9h%2BjBPJLVpnZsEwlTI8iXkd70tfURemLPo8g4kPzj%2F86q48%2BLeGXBbIbMV3lM%2FEvT0%2FfENU5LtG6Z05NFalqtEDelstTdzmsulh%2B%2FIu6Wx4vJFN%2FriDT4DZuXeLenyKzQVKu058uUFJYS0l4zlknx32d2W7Hrh1i8UNi2yK9ffvHQ5yax0Tpl0AqqedD4FV1Py%2F6ub86N9%2BaPHUHYCW1RIigOyCCizD55twmUH5z%2F7eO2PVXEHzhBYfTLDMg9lUY1tg518akWg5UlPWQUnTyxg8uD7P4%2BxLXcfPeuB5veQJhX6tkJfV6B6BFecHueZPTj%2FSzgPMO2NmbbeNtNWf3JsrVOHtVbQlBGLOlwIJrkIOo0wCn2%2FIUSz05VBF7mb8uH7Z%2F4FAAD%2F%2FwEAAP%2F%2FyTBTRowEAAA%3D IP173.233.139.164:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lcwPws%2BFRNwIKr1woZDpqerqj2pnEYwxEkwyIYkEsntf1fOcV%2FXK96q6Or0aDEgWCi0udFlzeiaDcRSzFlF63IQBJe1CZ%2BH4LwhKliLd0zB4F%2B%2Fe%2B85dnHPu%2FXCrOCI%2BCnp4%2FaoZKq3pSqvu1169rVJhSle7dqsW%2BHV%2FtXZbpe3mam0we2z%2F9cBv1f3Xam9LvmFWGn7g%2B4Ef1C4pK2MzWJmjUNleN6h3%2FXqzUQ9aTQzsf3tXeHDUg%2BgfkeegxPR%2F648fQfEJ0uSbi9Jt5CY791ZSaJobi77YfTfdSE2ZIjkpY%2BshTncX0zBuSsjnp2DS3YUCmP72TAGYmhLv1wAs3V3QBOvvHDNlGjIFE8%2Bg7E8g9QSKTsDNPSjxhABc4Noa0uTBNWNLevcYpTN0Spae%2FgVVTsnS788jTb6%2BoNWgdtPoIlcmdRjEFdRgAtWbICv2kQ89qHIfPP8ASvxEVp5eQZpsrzltoMThK4zFXdGO2XLHb4fLTdGKllm7I5dbQdzmUURFty3mFik1gYon0HIE6k6jcB4K5aGIPRSZh0Qc1mirG%2Ft%2BJ2ZxGEZNznkYct6K2qIlwmYU%2Byj4TMMIeTYC1yNwu4nMbmJDjWCLH%2BDWKzjhweUEfVGhlASlIygpQakIypyg7Fc7QruGqx4I7QoWLHJjkcNqbPLeFt0xeU%2BmZCs7Imfnxv3z7G%2FYkIc1P4hjEbZFzLgMRavdZTSORNRsc9FhvN2CUxWUOwXqPAxnW%2FzqHDI1JeTbv8HoPpzeB1dnQYuXQMtxp%2BGDro%2BbkY9h%2BjBPJLVpnZsEwlTI8iXkd70tfURemLPo8g4kPzj%2F86q48%2BLeGXBbIbMV3lM%2FEvT0%2FfENU5LtG6Z05NFalqtEDelstTdzmsulh%2B%2FIu6Wx4vJFN%2FriDT4DZuXeLenyKzQVKu058uUFJYS0l4zlknx32d2W7Hrh1i8UNi2yK9ffvHQ5yax0Tpl0AqqedD4FV1Py%2F6ub86N9%2BaPHUHYCW1RIigOyCCizD55twmUH5z%2F7eO2PVXEHzhBYfTLDMg9lUY1tg518akWg5UlPWQUnTyxg8uD7P4%2BxLXcfPeuB5veQJhX6tkJfV6B6BFecHueZPTj%2FSzgPMO2NmbbeNtNWf3JsrVOHtVbQlBGLOlwIJrkIOo0wCn2%2FIUSz05VBF7mb8uH7Z%2F4FAAD%2F%2FwEAAP%2F%2FyTBTRowEAAA%3D HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=bbf9d6fb-7063-4d58-b67e-51f6c88ad96d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3760951]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 20 Nov 2022 18:25:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9ded8490e2e9d3a4b39dd6835d2d0da
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cutpaid.com/2Wp30 |  104.21.48.87 | 200 OK | 0 B |
IP104.21.48.87:0
GET /2Wp30 HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=d8187bbcdf49a8c0c662cc420caf6e13; path=/; HttpOnly
csrfToken=e0c322de2bc16cdfd96ea693b46317330d061bbffdd82b0a0c4deff6d15fab6c3cea7fbe6cd9c9da76e0da13917746cd6b0c8fd489a24331449da2887952b65a; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qot0N4sJLqlE06gNs%2Fb6e%2BnXN9Rl1et%2BfXc2x%2F3vLPV3Vh8wESz3%2FExGagu1XxZB%2B9A8qTEkJSAq%2Bc9OKfGIRXum6MZeppWXlEDZJ%2F9F3wiRhrB%2Fhf9uqY8DYInnkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d33a023a770b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 IP142.250.74.10:0
GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Nov 2022 18:25:09 GMT
date: Sun, 20 Nov 2022 18:25:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| friendshipmale.com/sfp.js | 104.21.234.93 | 200 OK | 0 B |
URL HTTP/2friendshipmale.com/sfp.js IP104.21.234.93:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:11 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 62316160689a9d51f109ed76852b062e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 20 Nov 2022 18:25:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qy97tXXPijQg2tGfqiSPyO9qoQb5kUgQcBn6QhAyj9lBzhk89hDsVZNkgKdHo4HTUSrY8fGwe1NT3V2RAWH5m1F1puUF3Bt2sP13werSA9xkdje3bVe6A4O6FnXsF0O3xaZL4do%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a0dcf858883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js | 172.64.109.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js IP172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:12 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:49:59 GMT
etag: W/"63199ea7-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 116957
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD5Y1l%2FRxPY0tvenK6gUc2y8vHmei17eydIJ6i19nv%2F3h%2FuCSwvvJimdpXu211X5LIAZdTFvQUSLzeDPmjl4FTZiAtPz5MTOfeYkmKxVoKucZXUmiw9vz%2BdcD321crKeSQqBv4G9UHyV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a17bdf78e33-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css | 172.64.109.13 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/notifications/software/multi/browsers/ff/3/css/style.css IP172.64.109.13:0
GET /sb/notifications/software/multi/browsers/ff/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 18:25:12 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 07:49:56 GMT
etag: W/"63199ea4-e97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 89397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GFD5VA4ZO7TFh9p4b483mYZxI6kt2Sx9b5lRtO3oTlIdbCE6%2BtZzSo71ReDrA22GGgiEG2VugNeEmUcUF0xTKxkOTgDBdWEiYXi2HAX%2Fh8JnyDh3co442pakATNCFbPlbaeh9cZHt6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d33a177da58e33-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
104.21.48.87